import { Client } from '@microsoft/microsoft-graph-client';
import { OwnIDB2CConfig, OwnIDRequestHeaders } from '../types';
/**
 * Authentication and validation utilities for OwnID Azure B2C integration
 */
export declare class OwnIDB2CAuth {
    private config;
    constructor(config: OwnIDB2CConfig);
    /**
     * Verify that a request came from OwnID by checking the signature
     *
     * @param body - The request body
     * @param headers - The request headers containing ownid-signature and ownid-timestamp
     * @returns true if the signature is valid, throws an error otherwise
     */
    verifyOwnIdRequest(body: any, headers: OwnIDRequestHeaders): boolean;
    /**
     * Safely gets a single string value from a header that might be a string or string array
     * @param headerValue - The header value which might be a string, string array, or undefined
     * @returns A single string value or undefined
     */
    private getHeaderValue;
    /**
     * Get a Microsoft Graph API client with proper authentication
     * @returns Authenticated Microsoft Graph client
     */
    getGraphClient(): Client;
    /**
     * Get Azure AD B2C authentication tokens for a user
     *
     * @param userId - Azure B2C user ID
     * @param email - User's email address
     * @returns Authentication tokens
     */
    getTokens(userId: string, email: string): Promise<{
        accessToken: string;
        expiresOn: Date;
        scopes: string[];
        account: {
            homeAccountId: string;
            environment: string;
            tenantId: string;
            username: string;
        };
    }>;
    /**
     * Get the attribute name for storing OwnID data in Azure B2C
     * @returns The extension attribute name
     */
    getOwnIdDataAttributeName(): string;
}