import * as express from "express";
import { TaskEither } from "fp-ts/lib/TaskEither";
import { AuthenticateOptions, AuthorizeOptions, SamlConfig, VerifyWithoutRequest, VerifyWithRequest } from "passport-saml";
import { Strategy as SamlStrategy } from "passport-saml";
import { RedisClientType, RedisClusterType } from "redis";
import { MultiSamlConfig } from "passport-saml/multiSamlStrategy";
import { DoneCallbackT, IExtraLoginRequestParamConfig } from "..";
import { ILollipopParams } from "../types/lollipop";
import { IExtendedCacheProvider } from "./redis_cache_provider";
export type XmlTamperer = (xml: string) => TaskEither<Error, string>;
export type XmlAuthorizeTamperer = (xml: string, lollipopParams?: ILollipopParams) => TaskEither<Error, string>;
export type PreValidateResponseDoneCallbackT<T extends Record<string, unknown>> = (request: string, response: string, extraLoginRequestParams?: T) => void;
export type PreValidateResponseT<T extends Record<string, unknown>> = (samlConfig: SamlConfig, body: unknown, extendedRedisCacheProvider: IExtendedCacheProvider<T>, doneCb: PreValidateResponseDoneCallbackT<T> | undefined, callback: (err: Error | null, isValid?: boolean, InResponseTo?: string) => void) => void;
export declare class SpidStrategy<T extends Record<string, unknown>> extends SamlStrategy {
    private readonly options;
    private readonly getSamlOptions;
    private readonly redisClient;
    private readonly tamperAuthorizeRequest?;
    private readonly tamperMetadata?;
    private readonly preValidateResponse?;
    private readonly doneCb?;
    private readonly extraLoginRequestParamConfig?;
    private readonly extendedRedisCacheProvider;
    constructor(options: SamlConfig, getSamlOptions: MultiSamlConfig["getSamlOptions"], verify: VerifyWithRequest | VerifyWithoutRequest, redisClient: RedisClientType | RedisClusterType, tamperAuthorizeRequest?: XmlAuthorizeTamperer | undefined, tamperMetadata?: XmlTamperer | undefined, preValidateResponse?: PreValidateResponseT<T> | undefined, doneCb?: DoneCallbackT<T> | undefined, extraLoginRequestParamConfig?: IExtraLoginRequestParamConfig<T> | undefined);
    authenticate(req: express.Request, options: AuthenticateOptions | AuthorizeOptions): void;
    logout(req: express.Request, callback: (err: Error | null, url?: string) => void): void;
    generateServiceProviderMetadataAsync(req: express.Request, decryptionCert: string | null, signingCert: string | null, callback: (err: Error | null, metadata?: string) => void): void;
}
