/**
 * Copyright (c) Trimble Inc.
 */
import { TokenProvider } from '../interfaces/TokenProvider';
import { EndpointProvider } from '../interfaces/EndpointProvider';
import HttpClient from '../HttpClient';
/**
 * The Refresh Token grant type is used by clients to exchange a refresh token for an access token when the access token has expired.
 */
export default class RefreshableTokenProvider implements TokenProvider {
    protected readonly _endpointProvider: EndpointProvider;
    protected readonly _clientId: string;
    protected _clientSecret?: string;
    protected _codeVerifier?: any;
    private _accessToken?;
    private _tokenExpiry?;
    private _idToken?;
    private _refreshToken?;
    protected _logoutRedirectUrl?: string;
    protected readonly _httpClient: HttpClient;
    /**
     * Static method to generate a code verifier
     *
     * @returns A code verifier string
     */
    static GenerateCodeVerifier(): string;
    /**
     * Public constructor for RefreshableTokenProvider class
     *
     * @param endpointProvider An endpoint provider that provides the URL for the Trimble Identity token endpoint.
     * It can be OpenIdEndpointProvider/FixedEndpointProvider
     * @param clientId The client id for the calling application
     */
    constructor(endpointProvider: EndpointProvider, clientId: string);
    /**
     * Fluent extension for Authorization Code with PKCE
     *
     * @param codeVerifier The PKCE code verifier for the calling application
     */
    WithProofKeyForCodeExchange(codeVerifier: string): this;
    /**
     * Fluent extension for Authorization Code with consumer secret
     *
     * @param consumerSecret The consumer secret for the calling application
     * @deprecated
     */
    WithConsumerSecret(consumerSecret: string): this;
    /**
     * Fluent extension for Authorization Code with client secret
     *
     * @param clientSecret The client secret for the calling application
     */
    WithClientSecret(clientSecret: string): this;
    /**
     * Fluent extension for Authorization Code with access token
     *
     * @param accessToken The access token for the calling application
     * @param tokenExpiry The access token expiry as a Date object
     */
    WithAccessToken(accessToken: string, tokenExpiry: Date): this;
    /**
     * Fluent extension for Authorization Code with access token
     *
     * @param accessToken The access token for the calling application
     * @param tokenExpiry The access token expiry for the calling application
     * @deprecated Use the overload that accepts Date instead of any for better type safety
     */
    WithAccessToken(accessToken: string, tokenExpiry: any): this;
    /**
     * Fluent extension for Authorization Code with id token
     *
     * @param idToken The ID token for the calling application
     */
    WithIdToken(idToken: string): this;
    /**
     * Fluent extension for Authorization Code with refresh token
     *
     * @param refreshToken The refresh token for the calling application
     */
    WithRefreshToken(refreshToken: string): this;
    /**
     * Fluent extension to add logout redirect URL
     *
     * @param logoutRedirectUrl The logout redirect URL
     */
    WithLogoutRedirect(logoutRedirectUrl: string): this;
    /**
     * Retrieves an access token for the authenticated user
     *
     * @returns A Promise that resolves to the value of the access token on completion
     * @throws Thrown when a token endpoint is not provided by the endpoint provider
     * @throws Thrown when a call to the token endpoint fails
     */
    RetrieveToken(): Promise<string>;
    /**
     * Retrieves an access token expiry for the authenticated user
     *
     * @returns A Promise that resolves to the value of the access token expiry on completion
     */
    RetrieveTokenExpiry(): Promise<Date>;
    /**
     * Retrieves an ID token for the authenticated user
     *
     * @returns A Promise that resolves to the value of the ID token on completion
     * @throws Thrown when a token endpoint is not provided by the endpoint provider
     * @throws Thrown when a call to the token endpoint fails
     */
    RetrieveIdToken(): Promise<string>;
    /**
     * Retrieves a refresh token for the authenticated user
     *
     * @returns A Promise that resolves to the value of the refresh token on completion
     * @throws Thrown when a token endpoint is not provided by the endpoint provider
     * @throws Thrown when a call to the token endpoint fails
     */
    RetrieveRefreshToken(): Promise<string>;
    /**
     * Retrieves a code verifier for the authenticated user for PKCE grant
     *
     * @returns A Promise that resolves to the value of the code verifier on completion
     * @throws Thrown when a token endpoint is not provided by the endpoint provider
     * @throws Thrown when a call to the token endpoint fails
     */
    RetrieveCodeVerifier(): Promise<string>;
    /**
     * Revokes a refresh token for the authenticated user
     *
     * @returns A Promise that resolves to true if the refresh token is revoked
     * @throws Thrown when a token endpoint is not provided by the endpoint provider
     * @throws Thrown when a call to the token endpoint fails
     */
    RevokeRefreshToken(): Promise<boolean>;
    private _isJwt;
    private _jwtExpiry;
    private _refreshTokenInternal;
    protected _GenerateCodeChallenge(codeVerifier: string): string;
}