import { CustomOAuthStrategy, OAuthStrategy, PasswordStrategy } from "../auth/authenticate/strategies";
import { type Static } from "../core/utils";
import * as tbbox from "@sinclair/typebox";
export declare const Strategies: {
    readonly password: {
        readonly cls: typeof PasswordStrategy;
        readonly schema: tbbox.TObject<{
            hashing: tbbox.TUnsafe<"plain" | "sha256" | "bcrypt">;
            rounds: tbbox.TOptional<tbbox.TNumber>;
        }>;
    };
    readonly oauth: {
        readonly cls: typeof OAuthStrategy;
        readonly schema: tbbox.TObject<{
            name: tbbox.TUnsafe<"google" | "github">;
            type: tbbox.TUnsafe<"oidc" | "oauth2">;
            client: tbbox.TObject<{
                client_id: tbbox.TString;
                client_secret: tbbox.TString;
            }>;
        }>;
    };
    readonly custom_oauth: {
        readonly cls: typeof CustomOAuthStrategy;
        readonly schema: tbbox.TObject<{
            type: tbbox.TUnsafe<"oidc" | "oauth2">;
            name: tbbox.TString;
            client: tbbox.TObject<{
                client_id: tbbox.TString;
                client_secret: tbbox.TString;
                token_endpoint_auth_method: tbbox.TUnsafe<"client_secret_basic">;
            }>;
            as: tbbox.TObject<{
                issuer: tbbox.TString;
                code_challenge_methods_supported: tbbox.TOptional<tbbox.TUnsafe<"S256">>;
                scopes_supported: tbbox.TOptional<tbbox.TArray<tbbox.TString>>;
                scope_separator: tbbox.TOptional<tbbox.TString>;
                authorization_endpoint: tbbox.TOptional<tbbox.TString>;
                token_endpoint: tbbox.TOptional<tbbox.TString>;
                userinfo_endpoint: tbbox.TOptional<tbbox.TString>;
            }>;
        }>;
    };
};
export declare const STRATEGIES: {
    readonly password: {
        readonly cls: typeof PasswordStrategy;
        readonly schema: tbbox.TObject<{
            hashing: tbbox.TUnsafe<"plain" | "sha256" | "bcrypt">;
            rounds: tbbox.TOptional<tbbox.TNumber>;
        }>;
    };
    readonly oauth: {
        readonly cls: typeof OAuthStrategy;
        readonly schema: tbbox.TObject<{
            name: tbbox.TUnsafe<"google" | "github">;
            type: tbbox.TUnsafe<"oidc" | "oauth2">;
            client: tbbox.TObject<{
                client_id: tbbox.TString;
                client_secret: tbbox.TString;
            }>;
        }>;
    };
    readonly custom_oauth: {
        readonly cls: typeof CustomOAuthStrategy;
        readonly schema: tbbox.TObject<{
            type: tbbox.TUnsafe<"oidc" | "oauth2">;
            name: tbbox.TString;
            client: tbbox.TObject<{
                client_id: tbbox.TString;
                client_secret: tbbox.TString;
                token_endpoint_auth_method: tbbox.TUnsafe<"client_secret_basic">;
            }>;
            as: tbbox.TObject<{
                issuer: tbbox.TString;
                code_challenge_methods_supported: tbbox.TOptional<tbbox.TUnsafe<"S256">>;
                scopes_supported: tbbox.TOptional<tbbox.TArray<tbbox.TString>>;
                scope_separator: tbbox.TOptional<tbbox.TString>;
                authorization_endpoint: tbbox.TOptional<tbbox.TString>;
                token_endpoint: tbbox.TOptional<tbbox.TString>;
                userinfo_endpoint: tbbox.TOptional<tbbox.TString>;
            }>;
        }>;
    };
};
declare const strategiesSchema: tbbox.TUnion<tbbox.TObject<{
    enabled: tbbox.TOptional<tbbox.TBoolean>;
    type: tbbox.TLiteral<"password"> | tbbox.TLiteral<"oauth"> | tbbox.TLiteral<"custom_oauth">;
    config: tbbox.TObject<{
        hashing: tbbox.TUnsafe<"plain" | "sha256" | "bcrypt">;
        rounds: tbbox.TOptional<tbbox.TNumber>;
    }> | tbbox.TObject<{
        name: tbbox.TUnsafe<"google" | "github">;
        type: tbbox.TUnsafe<"oidc" | "oauth2">;
        client: tbbox.TObject<{
            client_id: tbbox.TString;
            client_secret: tbbox.TString;
        }>;
    }> | tbbox.TObject<{
        type: tbbox.TUnsafe<"oidc" | "oauth2">;
        name: tbbox.TString;
        client: tbbox.TObject<{
            client_id: tbbox.TString;
            client_secret: tbbox.TString;
            token_endpoint_auth_method: tbbox.TUnsafe<"client_secret_basic">;
        }>;
        as: tbbox.TObject<{
            issuer: tbbox.TString;
            code_challenge_methods_supported: tbbox.TOptional<tbbox.TUnsafe<"S256">>;
            scopes_supported: tbbox.TOptional<tbbox.TArray<tbbox.TString>>;
            scope_separator: tbbox.TOptional<tbbox.TString>;
            authorization_endpoint: tbbox.TOptional<tbbox.TString>;
            token_endpoint: tbbox.TOptional<tbbox.TString>;
            userinfo_endpoint: tbbox.TOptional<tbbox.TString>;
        }>;
    }>;
}>[]>;
export type AppAuthStrategies = Static<typeof strategiesSchema>;
export type AppAuthOAuthStrategy = Static<typeof STRATEGIES.oauth.schema>;
export type AppAuthCustomOAuthStrategy = Static<typeof STRATEGIES.custom_oauth.schema>;
export declare const guardRoleSchema: tbbox.TObject<{
    permissions: tbbox.TOptional<tbbox.TArray<tbbox.TString>>;
    is_default: tbbox.TOptional<tbbox.TBoolean>;
    implicit_allow: tbbox.TOptional<tbbox.TBoolean>;
}>;
export declare const authConfigSchema: tbbox.TObject<{
    enabled: tbbox.TBoolean;
    basepath: tbbox.TString;
    entity_name: tbbox.TString;
    allow_register: tbbox.TOptional<tbbox.TBoolean>;
    jwt: tbbox.TObject<{
        secret: tbbox.TString;
        alg: tbbox.TOptional<tbbox.TUnsafe<"HS256" | "HS384" | "HS512">>;
        expires: tbbox.TOptional<tbbox.TNumber>;
        issuer: tbbox.TOptional<tbbox.TString>;
        fields: tbbox.TArray<tbbox.TString>;
    }>;
    cookie: tbbox.TObject<{
        path: tbbox.TOptional<tbbox.TString>;
        sameSite: tbbox.TOptional<tbbox.TUnsafe<"strict" | "lax" | "none">>;
        secure: tbbox.TOptional<tbbox.TBoolean>;
        httpOnly: tbbox.TOptional<tbbox.TBoolean>;
        expires: tbbox.TOptional<tbbox.TNumber>;
        renew: tbbox.TOptional<tbbox.TBoolean>;
        pathSuccess: tbbox.TOptional<tbbox.TString>;
        pathLoggedOut: tbbox.TOptional<tbbox.TString>;
    }>;
    strategies: tbbox.TOptional<tbbox.TRecord<tbbox.TString, tbbox.TUnion<tbbox.TObject<{
        enabled: tbbox.TOptional<tbbox.TBoolean>;
        type: tbbox.TLiteral<"password"> | tbbox.TLiteral<"oauth"> | tbbox.TLiteral<"custom_oauth">;
        config: tbbox.TObject<{
            hashing: tbbox.TUnsafe<"plain" | "sha256" | "bcrypt">;
            rounds: tbbox.TOptional<tbbox.TNumber>;
        }> | tbbox.TObject<{
            name: tbbox.TUnsafe<"google" | "github">;
            type: tbbox.TUnsafe<"oidc" | "oauth2">;
            client: tbbox.TObject<{
                client_id: tbbox.TString;
                client_secret: tbbox.TString;
            }>;
        }> | tbbox.TObject<{
            type: tbbox.TUnsafe<"oidc" | "oauth2">;
            name: tbbox.TString;
            client: tbbox.TObject<{
                client_id: tbbox.TString;
                client_secret: tbbox.TString;
                token_endpoint_auth_method: tbbox.TUnsafe<"client_secret_basic">;
            }>;
            as: tbbox.TObject<{
                issuer: tbbox.TString;
                code_challenge_methods_supported: tbbox.TOptional<tbbox.TUnsafe<"S256">>;
                scopes_supported: tbbox.TOptional<tbbox.TArray<tbbox.TString>>;
                scope_separator: tbbox.TOptional<tbbox.TString>;
                authorization_endpoint: tbbox.TOptional<tbbox.TString>;
                token_endpoint: tbbox.TOptional<tbbox.TString>;
                userinfo_endpoint: tbbox.TOptional<tbbox.TString>;
            }>;
        }>;
    }>[]>>>;
    guard: tbbox.TOptional<tbbox.TObject<{
        enabled: tbbox.TOptional<tbbox.TBoolean>;
    }>>;
    roles: tbbox.TOptional<tbbox.TRecord<tbbox.TString, tbbox.TObject<{
        permissions: tbbox.TOptional<tbbox.TArray<tbbox.TString>>;
        is_default: tbbox.TOptional<tbbox.TBoolean>;
        implicit_allow: tbbox.TOptional<tbbox.TBoolean>;
    }>>>;
}>;
export type AppAuthSchema = Static<typeof authConfigSchema>;
export {};
