import type { StorageToolConfig } from '../storage/types.js';
import type { ToolAction } from '../tools/types.js';
import type { AuthFlowStatus, AuthorizeOpts, ConnectionField, ListConnectionsOpts, ListConnectionsResult, ListToolkitsResult, ListToolsOpts, ListToolsResult, ResolveToolsOpts, ToolProvider, ToolProviderCapabilities, ToolProviderHealth, ToolProviderInfo, ToolProviderListResult, ToolProviderToolInfo, ToolProviderToolkit } from './types.js';
/**
 * Constructor options shared by every {@link BaseToolProvider} subclass.
 *
 * Allowlists are matched against the **provider-opaque slugs** returned by
 * `listAllToolkits()` / `listAllTools()`. Two forms are supported:
 *
 * - exact slug match: `'gmail'`
 * - suffix wildcard:  `'gmail.*'`
 *
 * `allowedTools` is keyed by toolkit slug. If a toolkit is listed in
 * `allowedToolkits` but **not** present in `allowedTools`, all of its
 * tools are included. An explicit empty array (`allowedTools: { gmail: [] }`)
 * filters everything out for that toolkit.
 */
export interface BaseToolProviderOptions {
    /** When set, `listToolkitsVNext()` keeps only toolkits whose slug matches. */
    allowedToolkits?: readonly string[];
    /**
     * Per-toolkit tool allowlist. Keys are toolkit slugs; values are patterns
     * matched against tool slugs (exact or `prefix*`). Omitting a toolkit
     * leaves its tools unfiltered.
     */
    allowedTools?: Readonly<Record<string, readonly string[]>>;
}
/**
 * Shared base class for concrete {@link ToolProvider} implementations.
 *
 * Subclasses implement the SDK-specific `listAllToolkits` and
 * `listAllTools` methods (and the runtime / auth methods); the base class
 * layers admin allowlist filtering on top so every adapter behaves the
 * same way.
 */
export declare abstract class BaseToolProvider implements ToolProvider {
    abstract readonly info: ToolProviderInfo;
    abstract readonly capabilities: ToolProviderCapabilities;
    protected readonly allowedToolkits: readonly string[];
    protected readonly allowedTools: Readonly<Record<string, readonly string[]>>;
    constructor(options?: BaseToolProviderOptions);
    listToolkitsVNext(): Promise<ListToolkitsResult>;
    listToolsVNext(opts?: ListToolsOpts): Promise<ListToolsResult>;
    listToolkits(): Promise<ToolProviderListResult<ToolProviderToolkit>>;
    listTools(options?: ListToolsOpts): Promise<ToolProviderListResult<ToolProviderToolInfo>>;
    /**
     * Legacy `resolveTools` shim — subclasses that opt into the VNext surface
     * normally implement `resolveToolsVNext` instead; the legacy signature
     * delegates so existing callers keep working.
     */
    resolveTools(toolSlugs: string[], toolConfigs?: Record<string, StorageToolConfig>, options?: {
        userId?: string;
        requestContext?: Record<string, unknown>;
        [key: string]: unknown;
    }): Promise<Record<string, ToolAction<any, any, any>>>;
    protected abstract listAllToolkits(): Promise<ToolProviderToolkit[]>;
    protected abstract listAllTools(opts: ListToolsOpts): Promise<ListToolsResult>;
    abstract resolveToolsVNext(opts: ResolveToolsOpts): Promise<Record<string, ToolAction<any, any, any>>>;
    abstract authorize(opts: AuthorizeOpts): Promise<{
        url: string;
        authId: string;
    }>;
    abstract getAuthStatus(authId: string): Promise<AuthFlowStatus>;
    abstract getConnectionStatus(opts: {
        items: Array<{
            connectionId: string;
            toolkit: string;
        }>;
    }): Promise<Record<string, {
        connected: boolean;
    }>>;
    abstract listConnections(opts: ListConnectionsOpts): Promise<ListConnectionsResult>;
    /**
     * Default connection-fields implementation — returns `[]`. Subclasses
     * whose underlying provider requires user-supplied custom fields at
     * authorize time (e.g. Confluence subdomain) should override.
     */
    listConnectionFields(_opts: {
        toolkit: string;
    }): Promise<ConnectionField[]>;
    /**
     * Default health implementation — returns `{ ok: true }`. Subclasses that
     * need to probe SDK reachability or configuration should override.
     */
    getHealth(): Promise<ToolProviderHealth>;
}
//# sourceMappingURL=base.d.ts.map