import { Request, Response } from 'express';
import { WithConfig } from './app';
import { ICallback } from './types';
export interface WithSecurityStrategy {
    securityStrategy: SecurityStrategy;
}
export interface LoginStatusResponse {
    status: string;
    readOnlyAccess?: boolean;
    authenticationRequired?: boolean;
    allowNewUserRegistration?: boolean;
    allowDeviceAccessRequests?: boolean;
    userLevel?: any;
    username?: string;
}
export interface ACL {
    context: string;
    resources: Array<{
        paths?: string[];
        sources?: string[];
        permissions: Array<{
            subject: string;
            permission: string;
        }>;
    }>;
}
export interface User {
    username: string;
    type: string;
    password?: string;
}
export interface UserData {
    userId: string;
    type: string;
}
export interface UserDataUpdate {
    type?: string;
    password?: string;
}
export interface UserWithPassword {
    userId: string;
    type: string;
    password: string;
}
export interface Device {
    clientId: string;
    permissions: string;
    config: any;
    description: string;
    requestedPermissions: string;
}
export interface DeviceDataUpdate {
    permissions?: string;
    description?: string;
}
export interface SecurityConfig {
    immutableConfig: boolean;
    allow_readonly: boolean;
    allowNewUserRegistration: boolean;
    allowDeviceAccessRequests: boolean;
    allowedCorsOrigins?: string;
    expiration: string;
    devices: Device[];
    secretKey: string;
    users: User[];
    acls?: ACL[];
}
export interface RequestStatusData {
    expiration: string;
    permissions: any;
    config: any;
}
export interface SecurityStrategy {
    isDummy: () => boolean;
    allowReadOnly: () => boolean;
    shouldFilterDeltas: () => boolean;
    filterReadDelta: (user: any, delta: any) => any;
    configFromArguments: boolean;
    securityConfig: any;
    requestAccess: (config: any, request: any, ip: any, updateCb?: any) => any;
    getConfiguration: () => any;
    setAccessRequestStatus: (theConfig: SecurityConfig, identifier: string, status: string, body: RequestStatusData, cb: ICallback<SecurityConfig>) => void;
    getAccessRequestsResponse: any;
    getLoginStatus: (req: Request) => LoginStatusResponse;
    allowRestart: (req: Request) => boolean;
    allowConfigure: (req: Request) => boolean;
    getConfig: (ss: SecurityConfig) => Omit<SecurityConfig, 'secretKey' | 'users'>;
    setConfig: (prev: SecurityConfig, next: SecurityConfig) => SecurityConfig;
    validateConfiguration: (config: any) => void;
    getDevices: (theConfig: SecurityConfig) => Device[];
    updateDevice: (theConfig: SecurityConfig, clientId: string, updates: DeviceDataUpdate, cb: ICallback<SecurityConfig>) => void;
    deleteDevice: (theConfig: SecurityConfig, clientId: string, cb: ICallback<SecurityConfig>) => void;
    generateToken: (req: Request, res: Response, next: any, id: string, expiration: string) => void;
    getUsers: (theConfig: SecurityConfig) => UserData[];
    addUser: (theConfig: SecurityConfig, user: User, cb: ICallback<SecurityConfig>) => void;
    updateUser: (theConfig: SecurityConfig, username: string, userDataUpdate: UserDataUpdate, cb: ICallback<SecurityConfig>) => void;
    deleteUser: (theConfig: SecurityConfig, username: string, cb: ICallback<SecurityConfig>) => void;
    setPassword: (theConfig: SecurityConfig, username: string, password: string, cb: ICallback<SecurityConfig>) => void;
    shouldAllowPut: (req: Request, context: string, source: any, path: string) => boolean;
    addAdminMiddleware: (path: string) => void;
}
export declare class InvalidTokenError extends Error {
    constructor(...args: any[]);
}
export declare function startSecurity(app: WithSecurityStrategy & WithConfig, securityConfig: any): void;
export declare function getSecurityConfig(app: WithConfig & WithSecurityStrategy, forceRead?: boolean): any;
export declare function pathForSecurityConfig(app: WithConfig): string;
export declare function saveSecurityConfig(app: WithSecurityStrategy & WithConfig, data: any, callback: any): void;
export declare function getCertificateOptions(app: WithConfig, cb: any): void;
export declare function getCAChainArray(filename: string): string[];
export declare function createCertificateOptions(app: WithConfig, certFile: string, keyFile: string, cb: any): void;
export declare function requestAccess(app: WithSecurityStrategy & WithConfig, request: any, ip: any, updateCb: any): any;
export type SecurityConfigSaver = (app: any, securityConfig: any, cb: (err: any) => void) => void;
export type SecurityConfigGetter = (app: any) => any;
//# sourceMappingURL=security.d.ts.map