export interface CacheStorage {
    getToken: () => Promise<TIDAuthToken | undefined>;
    storeToken: (authToken: TIDAuthToken) => Promise<void>;
    getUser: () => Promise<TIDUser | undefined>;
    storeUser: (user: TIDUser) => Promise<void>;
    clear: () => Promise<void>;
}
export interface TIDAuthToken {
    /** The id_token returned from the OIDC provider */
    id_token: string;
    /** The session state value returned from the OIDC provider (opaque) */
    session_state?: string;
    /** The identity provider value returned the provider used for the authentication (okta, email, google, etc..) */
    identity_provider?: string;
    /** The access token returned from the OIDC provider. */
    access_token: string;
    /** Refresh token returned from the OIDC provider (if requested) */
    refresh_token?: string;
    /** The token_type returned from the OIDC provider */
    token_type: string;
    /** The scope returned from the OIDC provider */
    scope: string;
    /** The expires at returned from the OIDC provider */
    expires_at: number;
    /** The custom state transferred in the last signin */
    state: any;
}
/**
 * Represents the token response like access_token, id_token, and expires_at.
 */
export interface TokenResponse {
    /** The id_token returned from the OIDC provider */
    id_token: string;
    /** The access token returned from the OIDC provider. */
    access_token: string;
    /** The expires at returned from the OIDC provider */
    expires_at: number;
}
export interface TIDUser {
    /** User's unique identifier */
    id?: string;
    /** End-User's full name */
    name?: string;
    /** Given name(s) or first name(s) of the End-User */
    given_name?: string;
    /** Surname(s) or last name(s) of the End-User */
    family_name?: string;
    /** URL of the End-User's profile picture */
    picture?: string;
    /** End-User's preferred e-mail address */
    email?: string;
    /** True if the End-User's e-mail address has been verified; otherwise false. */
    email_verified?: boolean;
}
export interface TIDJWTUser {
    /**
     * The issuer of a token
     * Prod: https://id.trimble.com
     * Stage: https://stage.id.trimblecloud.com
     * @type {string}
     */
    iss: string;
    /**
     * Time on or after which the JWT MUST NOT be accepted for processing
     * integer, (Seconds since midnight Jan 1, 1970)
     * @type {number}
     */
    exp: number;
    /**
     * Not Before Time. Used to determine the age of a JWT
     * integer, (Seconds since midnight Jan 1, 1970)
     * @type {number}
     */
    nbf: number;
    /**
     * Issued At Time. The time the token was issued
     * integer, (Seconds sing midnight Jan 1, 1970)
     * @type {number}
     */
    iat: number;
    /**
     * A unique identifier for the token
     * @type {string}
     */
    jti: string;
    /**
     * The version of this Trimble Identity Token
     * @type {number}
     */
    jwt_ver: number;
    /**
     * The subject of the JWT
     * user or application UUID
     * @type {string}
     */
    sub: string;
    /**
     * Audience an array of relying parties (client ID tokens) user or application UUID
     * For access tokens: an array of unique IDs for applications/APIs intended to consume this token
     * For ID token tokens: this is a single string ID in the application that made the authentication request
     * @type {string}
     */
    aud: string;
    /**
     * Logged user type (user or application)
     * @type {string}
     */
    identity_type: string;
    /**
     * The time when the authentication occurred
     * integer, (Seconds since midnight Jan 1, 1970)
     * @type {number}
     */
    auth_time: number;
    /**
     * Authentication Methods References
     * An array of strings giving information about how the user is authenticated
     *
     * Examples: password
     * mfa
     * sms_mfa
     * software_token_mfa
     * federated
     * trimble_okta
     * client_credentials
     * @type {Array<string>}
     */
    amr: Array<string>;
    /**
     * Authorizing Party. Relying party’s client ID token
     * @type {string}
     */
    azp: string;
    /**
     * Hash of the accompanying access token
     * @type {string}
     */
    at_hash: string;
    /**
     * The federated system the user is signed in to
     * e.g., trimble_okta
     * @type {string}
     */
    federation_origin: string;
    /**
     * Firstname or full name of this user
     * @type {string}
     */
    given_name: string;
    /**
     * Family name or surname of the user
     * @type {string}
     */
    family_name: string;
    /**
     * Email address of the user
     * @type {string}
     */
    email: string;
    /**
     * Whether the user’s email is verified or not
     * @type {string}
     */
    email_verified: true;
    /**
     * URL of user’s profile picture
     * @type {string}
     */
    picture: string;
    /**
     * Geographic region that user data is stored in (us/eu)
     * @type {string}
     */
    data_region: string;
}
export interface AuthState {
    authState: any;
}