/// <reference types="qs" />
import * as express from "express";
import * as T from "fp-ts/lib/Task";
import * as t from "io-ts";
import { SamlConfig } from "passport-saml";
import { RedisClientType, RedisClusterType } from "redis";
import { DoneCallbackT, IExtraLoginRequestParamConfig } from "..";
import { PreValidateResponseT, SpidStrategy, XmlAuthorizeTamperer, XmlTamperer } from "../strategy/spid";
import { IDPEntityDescriptor } from "../types/IDPEntityDescriptor";
import { SamlAttributeT } from "./saml";
interface IServiceProviderOrganization {
    readonly URL: string;
    readonly displayName: string;
    readonly name: string;
}
export declare enum ContactType {
    OTHER = "other"
}
export declare enum EntityType {
    AGGREGATOR = "spid:aggregator"
}
export declare enum AggregatorType {
    PublicServicesFullOperator = "PublicServicesFullOperator"
}
declare const ContactPerson: t.IntersectionC<[t.TypeC<{
    company: t.StringC;
    contactType: t.LiteralC<ContactType>;
    email: import("@pagopa/ts-commons/lib/types").Tagged<import("@pagopa/ts-commons/lib/strings").IEmailStringTag, string, string, unknown>;
    entityType: t.LiteralC<EntityType>;
    extensions: t.IntersectionC<[t.TypeC<{
        aggregatorType: t.LiteralC<AggregatorType>;
    }>, t.TypeC<{
        FiscalCode: t.StringC;
        IPACode: t.StringC;
        VATNumber: t.StringC;
    }>]>;
}>, t.PartialC<{
    phone: t.StringC;
}>]>;
type ContactPerson = t.TypeOf<typeof ContactPerson>;
export interface IServiceProviderConfig {
    readonly requiredAttributes: {
        readonly attributes: ReadonlyArray<SamlAttributeT>;
        readonly name: string;
    };
    readonly spidCieUrl?: string;
    readonly spidCieTestUrl?: string;
    readonly spidTestEnvUrl?: string;
    readonly spidValidatorUrl?: string;
    readonly IDPMetadataUrl: string;
    readonly organization: IServiceProviderOrganization;
    readonly contacts?: ReadonlyArray<ContactPerson>;
    readonly publicCert: string;
    readonly strictResponseValidation?: StrictResponseValidationOptions;
}
export type StrictResponseValidationOptions = Record<string, boolean | undefined>;
export interface ISpidStrategyOptions {
    readonly idp: {
        readonly [key: string]: IDPEntityDescriptor | undefined;
    };
    readonly sp: SamlConfig & {
        readonly attributes: {
            readonly attributes: {
                readonly attributes: ReadonlyArray<SamlAttributeT>;
                readonly name: string;
            };
            readonly name: string;
        };
    } & {
        readonly organization: IServiceProviderOrganization;
    };
}
/**
 * This method create a Spid Strategy Options object
 * extending the provided SamlOption with the service provider configuration
 * and the idps Options
 */
export declare const makeSpidStrategyOptions: (samlConfig: SamlConfig, serviceProviderConfig: IServiceProviderConfig, idpOptionsRecord: Record<string, IDPEntityDescriptor>) => ISpidStrategyOptions;
/**
 * Merge strategy configuration with metadata from IDP.
 *
 * This is used to pass options to the SAML client
 * so it can discriminate between the IDP certificates.
 */
export declare const getSpidStrategyOptionsUpdater: (samlConfig: SamlConfig, serviceProviderConfig: IServiceProviderConfig) => () => T.Task<ISpidStrategyOptions>;
/**
 * SPID strategy calls getSamlOptions() for every
 * SAML request. It extracts the options from a
 * shared variable set into the express app.
 */
export declare const getSpidStrategyOption: (app: express.Application) => ISpidStrategyOptions | undefined;
/**
 * This method is called to set or update Spid Strategy Options.
 * A selective update is performed to replace only new configurations provided,
 * keeping the others already stored inside the express app.
 */
export declare const upsertSpidStrategyOption: (app: express.Application, newSpidStrategyOpts: ISpidStrategyOptions) => void;
/**
 * SPID strategy factory function.
 */
export declare const makeSpidStrategy: <T extends Record<string, unknown>>(options: ISpidStrategyOptions, getSamlOptions: (req: express.Request<import("express-serve-static-core").ParamsDictionary, any, any, import("qs").ParsedQs, Record<string, any>>, callback: import("passport-saml/multiSamlStrategy").SamlOptionsCallback) => void, redisClient: RedisClientType | RedisClusterType, tamperAuthorizeRequest?: XmlAuthorizeTamperer, tamperMetadata?: XmlTamperer, preValidateResponse?: PreValidateResponseT<T> | undefined, doneCb?: DoneCallbackT<T> | undefined, extraLoginRequestParamConfig?: IExtraLoginRequestParamConfig<T> | undefined) => SpidStrategy<T>;
export {};
