import { Algorithm, SignOptions, VerifyOptions } from 'jsonwebtoken';
export interface AuthOptions {
    /**
     * @description
     * The secret key that is used to encrypt/decrypt auth tokens.
     * If you want to use RSA or ECDSA, you should provide a authPrivateKey and authPublicKey instead of a authKey.
     * @default 256 bits cryptographically random hex string.
     */
    secretKey?: string | null;
    /**
     * @description
     * The default expiry of tokens in seconds.
     * @default 86400
     */
    defaultExpiry?: number;
    /**
     * @description
     * The algorithm that will be used to sign and verify jwt tokens.
     * @default 'HS256'
     */
    algorithm?: Algorithm;
    /**
     * @description
     * The private secret key to signing the jwt tokens.
     * For using asymmetric encryption, you also need to define the
     * public key and change the algorithm to a proper one, e.g. RSA or ECDSA.
     * @default null
     */
    privateKey?: string | null;
    /**
     * @description
     * The public secret key to verify the jwt tokens.
     * For using asymmetric encryption, you also need to define the
     * private key and change the algorithm to a proper one, e.g. RSA or ECDSA.
     * @default null
     */
    publicKey?: string | null;
}
export default class AuthEngine {
    private readonly _options;
    private _defaultSignOptions;
    private _defaultSignOptionsWithoutExp;
    private _defaultVerifyOptions;
    private _signatureKey;
    private _verificationKey;
    constructor(options?: AuthOptions);
    get options(): Required<AuthOptions>;
    updateOptions(options?: AuthOptions): void;
    verifyToken(signedAuthToken: any, options?: VerifyOptions): Promise<any>;
    signToken(token: any, options?: SignOptions): Promise<string>;
}