import { IDelegatedAuthConfig } from "../client";
import { ValidatedIssuerMetadata, BearerTokenResponse } from "./validate";
export type { BearerTokenResponse };
/**
 * Authorization parameters which are used in the authentication request of an OIDC auth code flow.
 *
 * See https://openid.net/specs/openid-connect-basic-1_0.html#RequestParameters.
 */
export type AuthorizationParams = {
    state: string;
    scope: string;
    redirectUri: string;
    codeVerifier: string;
    nonce: string;
};
/**
 * Generate authorization params to pass to {@link generateAuthorizationUrl}.
 *
 * Used as part of an authorization code OIDC flow: see https://openid.net/specs/openid-connect-basic-1_0.html#CodeFlow.
 *
 * @param redirectUri - absolute url for OP to redirect to after authorization
 * @returns AuthorizationParams
 */
export declare const generateAuthorizationParams: ({ redirectUri }: {
    redirectUri: string;
}) => AuthorizationParams;
/**
 * @deprecated use generateOidcAuthorizationUrl
 * Generate a URL to attempt authorization with the OP
 * See https://openid.net/specs/openid-connect-basic-1_0.html#CodeRequest
 * @param authorizationUrl - endpoint to attempt authorization with the OP
 * @param clientId - id of this client as registered with the OP
 * @param authorizationParams - params to be used in the url
 * @returns a Promise with the url as a string
 */
export declare const generateAuthorizationUrl: (authorizationUrl: string, clientId: string, { scope, redirectUri, state, nonce, codeVerifier }: AuthorizationParams) => Promise<string>;
/**
 * @experimental
 * Generate a URL to attempt authorization with the OP
 * See https://openid.net/specs/openid-connect-basic-1_0.html#CodeRequest
 * @param oidcClientSettings - oidc configuration
 * @param homeserverName - used as state
 * @returns a Promise with the url as a string
 */
export declare const generateOidcAuthorizationUrl: ({ metadata, redirectUri, clientId, homeserverUrl, identityServerUrl, nonce, }: {
    clientId: string;
    metadata: ValidatedIssuerMetadata;
    homeserverUrl: string;
    identityServerUrl?: string | undefined;
    redirectUri: string;
    nonce: string;
}) => Promise<string>;
/**
 * @experimental
 * Attempt to exchange authorization code for bearer token.
 *
 * Takes the authorization code returned by the OpenID Provider via the authorization URL, and makes a
 * request to the Token Endpoint, to obtain the access token, refresh token, etc.
 *
 * @param code - authorization code as returned by OP during authorization
 * @param storedAuthorizationParams - stored params from start of oidc login flow
 * @returns valid bearer token response
 * @throws when request fails, or returned token response is invalid
 */
export declare const completeAuthorizationCodeGrant: (code: string, state: string) => Promise<{
    oidcClientSettings: IDelegatedAuthConfig & {
        clientId: string;
    };
    tokenResponse: BearerTokenResponse;
    homeserverUrl: string;
    identityServerUrl?: string;
}>;
//# sourceMappingURL=authorize.d.ts.map