import { LogLevel } from "@ssense/logger";
import { IncomingMessage, ServerResponse } from "node:http";
import { ZodEnum, z } from "zod";

//#region src/AuthModule.d.ts
interface AuthModuleOptions {
  enabled?: boolean;
  authServerHost?: string;
  authServerSecure?: boolean;
  publicRoutes?: RegExp[];
  publicHttpMethods?: string[];
  onForbidden?: (req: IncomingMessageWithAuth, res: ServerResponse, next: Function) => any;
  logger?: {
    enabled?: boolean;
    level?: LogLevel;
    pretty?: boolean;
  };
  alwaysCreateAuthObject?: boolean;
}
type RequestHandler = (req: IncomingMessageWithAuth, res: ServerResponse, next: Function) => Promise<any>;
declare const AuthInfoTypeSchema: ZodEnum<['user', 'service']>;
type AuthInfoType = z.infer<typeof AuthInfoTypeSchema>;
declare class AuthInfo {
  id: string;
  type: AuthInfoType;
  scopes: string[];
  token: string;
  tokenId: string;
  tokenExpirationTime: Date;
  enabled: boolean;
  publicRoute: boolean;
  hasScope(scope: string): boolean;
  hasScopes(scopes: string[]): boolean;
  isActive(): boolean;
}
declare class AuthModule {
  private readonly userAgent;
  private readonly client;
  private readonly logger;
  private readonly publicRoutes;
  private readonly publicHttpMethods;
  private readonly alwaysCreateAuthObject;
  private cookieName;
  private publicKeysUrl;
  private invalidatedTokensUrl;
  private publicKeys;
  private publicKeysExpire;
  private invalidatedTokens;
  private jwtOptions;
  private pubSubClient;
  private pubSubMessagesSignatureAlgorithm;
  private static enabled;
  private static templates;
  private static forbiddenCallback;
  constructor(options?: AuthModuleOptions);
  authenticate(): RequestHandler;
  static enable(enabled: boolean): void;
  private initialize;
  private initializePubSubClient;
  private getAuthInfoFromRequest;
  private getPublicKeyFromKid;
  private getTokenInfo;
  private getInvalidatedTokens;
  private cleanExpiredInvalidatedTokens;
  private verifyToken;
  private parseScopes;
  private isPublicRoute;
  private isPublicHttpMethod;
  private validatePubSubMessageSignature;
  private onPubSubAuthTokenInvalidated;
  static requireScope(scope: string | string[]): any;
  static requireAllScopes(scopes: string[]): any;
  static checkScopes(scope: string | string[], checkAllScopes: boolean): any;
  static scopeMiddleware(scope: string | string[], checkAllScopes?: boolean): RequestHandler;
  private static hasRequiredScope;
  private static showAuthenticationPage;
}
type IncomingMessageWithAuth = IncomingMessage & {
  auth?: AuthInfo;
  logger?: any;
};
//#endregion
export { AuthInfo, AuthModule, type AuthModuleOptions, type RequestHandler };