import type { DpopNonceCache, DpopPrivateJwk } from '@atcute/oauth-crypto';
import type { Keyset } from '@atcute/oauth-keyset';
import type { AtprotoAuthorizationServerMetadata, OAuthClientMetadata } from '@atcute/oauth-types';
import { type ClientAuthMethod } from './oauth-client-auth.ts';
import { OAuthServerAgent } from './oauth-server-agent.ts';
import { OAuthResolver } from './resolvers/index.ts';
export interface OAuthServerFactoryOptions {
    /** client metadata */
    clientMetadata: OAuthClientMetadata;
    /** OAuth resolver for metadata discovery */
    resolver: OAuthResolver;
    /** client's private keyset, or undefined for public clients */
    keyset: Keyset | undefined;
    /** DPoP nonce cache, keyed by origin */
    dpopNonces: DpopNonceCache;
    /** custom fetch implementation */
    fetch?: typeof globalThis.fetch;
}
/**
 * factory for creating OAuthServerAgent instances.
 *
 * used to recreate agents from stored session data for token refresh.
 */
export declare class OAuthServerFactory {
    readonly clientMetadata: OAuthClientMetadata;
    readonly resolver: OAuthResolver;
    readonly keyset: Keyset | undefined;
    readonly dpopNonces: DpopNonceCache;
    readonly fetch?: typeof globalThis.fetch;
    constructor(options: OAuthServerFactoryOptions);
    /**
     * creates an OAuthServerAgent from an issuer and stored session data.
     *
     * @param issuer authorization server issuer
     * @param authMethod client authentication method from stored session
     * @param dpopKey DPoP key from stored session
     * @param options fetch options
     * @returns configured OAuthServerAgent
     */
    fromIssuer(issuer: string, authMethod: ClientAuthMethod, dpopKey: DpopPrivateJwk, options?: {
        signal?: AbortSignal;
        noCache?: boolean;
    }): Promise<OAuthServerAgent>;
    /**
     * creates an OAuthServerAgent from resolved metadata.
     *
     * @param serverMetadata authorization server metadata
     * @param authMethod client authentication method
     * @param dpopKey DPoP private key
     * @returns configured OAuthServerAgent
     */
    fromMetadata(serverMetadata: AtprotoAuthorizationServerMetadata, authMethod: ClientAuthMethod, dpopKey: DpopPrivateJwk): OAuthServerAgent;
    /**
     * creates an OAuthServerAgent for a new authorization flow.
     *
     * negotiates the auth method with the server.
     *
     * @param serverMetadata authorization server metadata
     * @param dpopKey DPoP private key
     * @returns configured OAuthServerAgent
     */
    fromMetadataNewSession(serverMetadata: AtprotoAuthorizationServerMetadata, dpopKey: DpopPrivateJwk): OAuthServerAgent;
}
//# sourceMappingURL=oauth-server-factory.d.ts.map