import { CallResourceParams, ExchangeCodeForTokenParams, GenerateAuthorizationUrlParams, OAuthTokenResponse, ServiceStructure, ValidateStateParams } from "./types";
/**
 * Encode the given service structure into Base64-encoded JSON.
 * @param serviceStructure The structure describing the services to request.
 */
export declare function encodeServiceStructure(serviceStructure: ServiceStructure[]): string;
/**
 * Generate the authorization URL.
 * @param oauthAuthorizeEndpoint OAuth authorization endpoint (e.g. https://sso.gov.mn/oauth2/authorize)
 * @param clientId Client ID issued by the OAuth-DAN server
 * @param redirectUri Redirect URI registered at the OAuth-DAN server
 * @param serviceStructure The service structure to request
 * @param state A unique, non-reusable state string (for CSRF protection)
 * @param loginType Optional login type: "OTP", "signature", or "bank"
 */
export declare function generateAuthorizationUrl({ oauthAuthorizeEndpoint, clientId, redirectUri, serviceStructure, state, loginType, }: GenerateAuthorizationUrlParams): string;
/**
 * Validate the returned state parameter.
 * @param returnedState The state value returned from the OAuth server after authorization
 * @param originalState The original state value sent
 */
export declare function validateState({ returnedState, originalState, }: ValidateStateParams): void;
/**
 * Exchange authorization code for access token.
 * @param oauthTokenEndpoint OAuth token endpoint (https://sso.gov.mn/oauth2/token)
 * @param clientId Client ID issued by the OAuth-DAN server
 * @param clientSecret Client Secret Key issued by the OAuth-DAN server
 * @param code The code returned by the OAuth-DAN server after user authorization
 * @param redirectUri Redirect URI registered at the OAuth-DAN server
 */
export declare function exchangeCodeForToken({ oauthTokenEndpoint, clientId, clientSecret, code, redirectUri, }: ExchangeCodeForTokenParams): Promise<OAuthTokenResponse>;
/**
 * Call a protected resource using the provided access token.
 * @param resourceEndpoint The protected resource endpoint
 * @param accessToken The access token obtained from the OAuth server
 */
export declare function callResource({ resourceEndpoint, accessToken, }: CallResourceParams): Promise<unknown>;
//# sourceMappingURL=utils.d.ts.map