/**
 * Jira OAuth Token Management
 *
 * Handles per-user Jira OAuth tokens, including refresh logic
 */
export interface JiraCredential {
    id: string;
    accountId: string;
    cloudId: string | null;
    jiraBaseUrl: string | null;
    jiraEmail: string | null;
    accessToken: string;
    refreshToken: string;
    scope: string | null;
    expiresAt: Date;
    status: string;
    lastRefreshError: string | null;
    lastRefreshAt: Date | null;
    createdAt: Date;
    updatedAt: Date;
}
/** Thrown when credential exists but refresh failed and user must reconnect */
export declare class JiraTokenNeedsReauthError extends Error {
    readonly userId: string;
    readonly lastRefreshError: string | null;
    constructor(message: string, userId: string, lastRefreshError: string | null);
}
/**
 * Get Jira credential for a user
 * Automatically decrypts tokens if they are encrypted
 * @throws Error if user hasn't connected Jira
 */
export declare function getUserJiraCredential(userId: string): Promise<JiraCredential>;
/**
 * Refresh Jira token if needed (mutex-protected)
 * Automatically refreshes if token expires within 5 minutes
 */
export declare function refreshJiraTokenIfNeeded(userId: string): Promise<JiraCredential>;
/**
 * Disconnect Jira for a user
 */
export declare function disconnectJira(userId: string): Promise<void>;
/**
 * Check if user has connected Jira
 */
export declare function isJiraConnected(userId: string): Promise<boolean>;
//# sourceMappingURL=tokens.d.ts.map