/// <reference types="node" />
import { AfterInit } from '@tsdi/components';
import { IContext } from '@mvx/mvc';
import { Strategy } from './Strategy';
import { AuthenticateOption, IStrategyOption } from './IAuthenticator';
import { Context, Request } from 'koa';
import { ValidationResult } from './results';
import * as jwt from 'jsonwebtoken';
export declare type JwtVerify = (payload: any, ctx?: IContext) => Promise<{
    user: any;
    info: any;
}>;
/**
 * JwtStrategyOption Option
 *
 * @export
 * @interface JwtStrategyOption
 * @extends {IStrategyOption}
 */
export interface JwtStrategyOption extends IStrategyOption {
    secretOrKey?: string | Buffer;
    secretOrKeyProvider?: (request: Request, rawJwtToken: any) => Promise<string | Buffer>;
    jwtFromRequest: (request: Request) => any;
    verify: JwtVerify;
    issuer: string;
    audience: string | string[];
    algorithms: jwt.Algorithm[];
    ignoreExpiration?: boolean;
    passReqToCallback?: any;
}
/**
 * Jwt authenticate strategy
 */
export declare class JwtStrategy extends Strategy implements AfterInit {
    protected verify: JwtVerify;
    issuer: string;
    audience: string | string[];
    algorithms: jwt.Algorithm[];
    ignoreExpiration?: boolean;
    secretOrKey: string | Buffer;
    secretOrKeyProvider: (request: Request, rawJwtToken: any) => Promise<string | Buffer>;
    jwtFromRequest: (request: Request) => any;
    onAfterInit(): Promise<void>;
    authenticate(ctx: Context, options?: AuthenticateOption): Promise<ValidationResult>;
    sign(payload: string | object | Buffer, secretOrKey?: jwt.Secret, options?: jwt.SignOptions): Promise<string>;
    static ρAnn(): any;
}
export declare namespace JwtRequest {
    function fromHeader(headerName: string): (request: any) => any;
    function fromBodyField(fieldName: any): (request: any) => any;
    function fromUrlQueryParameter(paramName: any): (request: any) => any;
    function fromAuthHeaderWithScheme(authScheme: any): (request: any) => any;
    function fromAuthHeaderAsBearerToken(): (request: any) => any;
    function fromExtractors(extractors: any): (request: any) => any;
    /**
     * This extractor mimics the behavior of the v1.*.* extraction logic.
     *
     * This extractor exists only to provide an easy transition from the v1.*.* API to the v2.0.0
     * API.
     *
     * This extractor first checks the auth header, if it doesn't find a token there then it checks the
     * specified body field and finally the url query parameters.
     *
     * @param options
     *          authScheme: Expected scheme when JWT can be found in HTTP Authorize header. Default is JWT.
     *          tokenBodyField: Field in request body containing token. Default is auth_token.
     *          tokenQueryParameterName: Query parameter name containing the token. Default is auth_token.
     */
    function versionOneCompatibility(options: any): (request: any) => any;
}