import * as _backstage_backend_plugin_api from '@backstage/backend-plugin-api';
import { AuditorServiceEventSeverityLevel, AuditorService, AuthService, HttpAuthService, PluginMetadataService, AuditorServiceCreateEventOptions, AuditorServiceEvent } from '@backstage/backend-plugin-api';
import { JsonObject } from '@backstage/types';
import { Request } from 'express';
import { Config } from '@backstage/config';
import { Format } from 'logform';
import * as winston from 'winston';

/** @public */
type AuditorEventActorDetails = {
    actorId?: string;
    ip?: string;
    hostname?: string;
    userAgent?: string;
};
/** @public */
type AuditorEventRequest = {
    url: string;
    method: string;
};
/** @public */
type AuditorEventStatus = {
    status: 'initiated';
} | {
    status: 'succeeded';
} | {
    status: 'failed';
    error: Error;
};
/**
 * Options for creating an auditor event.
 *
 * @public
 */
type AuditorEventOptions<TMeta extends JsonObject> = {
    /**
     * Use kebab-case to name audit events (e.g., "user-login", "file-download").
     *
     * The `pluginId` already provides plugin/module context, so avoid redundant prefixes in the `eventId`.
     */
    eventId: string;
    severityLevel?: AuditorServiceEventSeverityLevel;
    /** (Optional) The associated HTTP request, if applicable. */
    request?: Request<any, any, any, any, any>;
    /** (Optional) Additional metadata relevant to the event, structured as a JSON object. */
    meta?: TMeta;
} & AuditorEventStatus;
/**
 * Common fields of an audit event.
 *
 * @public
 */
type AuditorEvent = {
    plugin: string;
    eventId: string;
    severityLevel: AuditorServiceEventSeverityLevel;
    actor: AuditorEventActorDetails;
    meta?: JsonObject;
    request?: AuditorEventRequest;
} & AuditorEventStatus;
/**
 * Logging function used by the auditor.
 * @public
 */
type AuditorLogFunction = (event: AuditorEvent) => void | Promise<void>;
/**
 * A {@link @backstage/backend-plugin-api#AuditorService} implementation that logs events using a provided callback.
 *
 * @public
 *
 * @example
 * ```ts
 * export const auditorServiceFactory = createServiceFactory({
 *   service: coreServices.auditor,
 *   deps: {
 *     logger: coreServices.logger,
 *     auth: coreServices.auth,
 *     httpAuth: coreServices.httpAuth,
 *     plugin: coreServices.pluginMetadata,
 *   },
 *   factory({ logger, plugin, auth, httpAuth }) {
 *     const auditLogger = logger.child({ isAuditEvent: true });
 *     return DefaultAuditorService.create(
 *       event => auditLogger.info(`${event.plugin}.${event.eventId}`, event),
 *       { plugin, auth, httpAuth },
 *     );
 *   },
 * });
 * ```
 */
declare class DefaultAuditorService implements AuditorService {
    private readonly logFn;
    private readonly auth;
    private readonly httpAuth;
    private readonly plugin;
    private constructor();
    /**
     * Creates a {@link DefaultAuditorService} instance.
     */
    static create(logFn: AuditorLogFunction, deps: {
        auth: AuthService;
        httpAuth: HttpAuthService;
        plugin: PluginMetadataService;
    }): DefaultAuditorService;
    private log;
    createEvent(options: AuditorServiceCreateEventOptions): Promise<AuditorServiceEvent>;
    private getActorId;
}

/**
 * Plugin-level auditing.
 *
 * See {@link @backstage/code-plugin-api#AuditorService}
 * and {@link https://backstage.io/docs/backend-system/core-services/auditor | the service docs}
 * for more information.
 *
 * @public
 */
declare const auditorServiceFactory: _backstage_backend_plugin_api.ServiceFactory<_backstage_backend_plugin_api.AuditorService, "plugin", "singleton">;

/**
 * Options for creating a {@link WinstonRootAuditorService}.
 * @public
 */
type WinstonRootAuditorServiceOptions = {
    meta?: JsonObject;
    format?: Format;
    transports?: winston.transport[];
};
/**
 * An implementation of the {@link @backstage/backend-plugin-api#AuditorService} that logs events using a separate winston logger.
 *
 * @public
 *
 * @example
 * ```ts
 * export const auditorServiceFactory = createServiceFactory({
 *   service: coreServices.auditor,
 *   deps: {
 *     auth: coreServices.auth,
 *     httpAuth: coreServices.httpAuth,
 *     plugin: coreServices.pluginMetadata,
 *   },
 *   createRootContext() {
 *     return WinstonRootAuditorService.create();
 *   },
 *   factory({ plugin, auth, httpAuth }, root) {
 *     return root.forPlugin({ plugin, auth, httpAuth });
 *   },
 * });
 * ```
 */
declare class WinstonRootAuditorService {
    private readonly winstonLogger;
    private constructor();
    /**
     * Creates a {@link WinstonRootAuditorService} instance.
     */
    static create(options?: WinstonRootAuditorServiceOptions): WinstonRootAuditorService;
    forPlugin(deps: {
        auth: AuthService;
        config: Config;
        httpAuth: HttpAuthService;
        plugin: PluginMetadataService;
    }): AuditorService;
}

export { DefaultAuditorService, WinstonRootAuditorService, auditorServiceFactory };
export type { AuditorEvent, AuditorEventActorDetails, AuditorEventOptions, AuditorEventRequest, AuditorEventStatus, AuditorLogFunction, WinstonRootAuditorServiceOptions };