///
///
import type { Method } from "got";
import type { JWK } from "jose";
import { KeyObject } from "tls";
import { Agents } from "got";
export declare type use = "sig" | "enc";
export declare type keyOperation = "sign" | "verify" | "encrypt" | "decrypt" | "wrapKey" | "unwrapKey" | "deriveKey";
export declare type ECCurve = "P-256" | "secp256k1" | "P-384" | "P-521";
export declare type OKPCurve = "Ed25519" | "Ed448" | "X25519" | "X448";
export interface BasicParameters {
alg?: string;
use?: use;
kid?: string;
key_ops?: keyOperation[];
}
export interface KeyParameters extends BasicParameters {
x5c?: string[];
x5t?: string;
"x5t#S256"?: string;
}
export interface JWKOctKey extends BasicParameters {
kty: "oct";
k?: string;
}
export interface JWKECKey extends KeyParameters {
kty: "EC";
crv: ECCurve;
x: string;
y: string;
d?: string;
}
export interface JWKOKPKey extends KeyParameters {
kty: "OKP";
crv: OKPCurve;
x: string;
d?: string;
}
export interface JWKRSAKey extends KeyParameters {
kty: "RSA";
e: string;
n: string;
d?: string;
p?: string;
q?: string;
dp?: string;
dq?: string;
qi?: string;
}
export declare type TokenSigningAlgorithm = "HS256" | "HS384" | "HS512" | "RS256" | "RS384" | "RS512" | "ES256" | "ES384" | "ES512" | "PS256" | "PS384" | "PS512" | "none";
export declare type ResponseType = "code" | "token" | "id_token" | "code token" | "code id_token" | "id_token token" | "code id_token token";
export declare type TokenEndpointAuthMethod = "client_secret_post" | "client_secret_basic" | "client_secret_jwt" | "private_key_jwt";
export interface MutualTLSOptions {
tls_client_certificate_bound_access_tokens?: boolean;
cert: string | Buffer | Array;
key: string | Buffer | Array;
}
interface ApiClientConfigCredentialsBase {
client_id: string;
token_endpoint_auth_method: TokenEndpointAuthMethod;
id_token_signed_response_alg: TokenSigningAlgorithm;
request_object_signing_alg: TokenSigningAlgorithm;
redirect_uri: string;
response_type: ResponseType;
keys: JWK[];
mTLS?: MutualTLSOptions;
}
export interface ApiClientConfigCredentialsBasic extends ApiClientConfigCredentialsBase {
token_endpoint_auth_method: "client_secret_basic";
client_secret: string;
}
export interface ApiClientConfigCredentialsOther extends ApiClientConfigCredentialsBase {
token_endpoint_auth_method: "client_secret_post" | "client_secret_jwt" | "private_key_jwt";
client_secret?: string;
}
export declare type ApiClientConfigCredentials = ApiClientConfigCredentialsBasic | ApiClientConfigCredentialsOther;
export interface ApiClientConfig {
resourceServerUrl: string;
/** When set, requests use this URL and response links are rewritten to it. */
gatewayResourceServerUrl?: string;
caasResourceServerUrl?: string;
/** When set, CaaS requests use this URL and response links are rewritten to it. */
gatewayCaasResourceServerUrl?: string;
osipResourceServerUrl?: string;
/** When set, OSIP requests use this URL and response links are rewritten to it. */
gatewayOsipResourceServerUrl?: string;
identityServiceUrl: string;
/** When set, discovery is fetched from this URL and endpoint URLs are rewritten to it. */
gatewayIdentityServiceUrl?: string;
accountConnectUrl?: string;
/** When set, account-connect widget uses this URL. */
gatewayAccountConnectUrl?: string;
options?: {
timeout?: number;
apiVersioning?: boolean;
agent?: Agents;
/** TTL in ms for the OIDC discovery document cache. Default 3600000 (1 hour). */
openIdConfigCacheTtlMs?: number;
retry?: {
limit?: number;
methods?: Method[];
statusCodes?: number[];
maxRetryAfter?: number;
};
};
client: ApiClientConfigCredentials;
}
export {};
//# sourceMappingURL=config.d.ts.map