import { WebTokenManipulator } from './web-token-manipulator.js';
import { LoggerLevelName } from '@bitblit/ratchet-common/logger/logger-level-name';
import { JwtTokenBase } from '@bitblit/ratchet-common/jwt/jwt-token-base';
import { JwtRatchet } from '@bitblit/ratchet-node-only/jwt/jwt-ratchet';
export declare class LocalWebTokenManipulator<T extends JwtTokenBase> implements WebTokenManipulator<T> {
    private encryptionKeys;
    private issuer;
    private _ratchet;
    constructor(encryptionKeys: string[], issuer: string);
    withExtraDecryptionKeys(keys: string[]): LocalWebTokenManipulator<T>;
    withParseFailureLogLevel(logLevel: LoggerLevelName): LocalWebTokenManipulator<T>;
    withOldKeyUseLogLevel(logLevel: LoggerLevelName): LocalWebTokenManipulator<T>;
    get jwtRatchet(): JwtRatchet;
    get selectRandomEncryptionKey(): Promise<string>;
    createRefreshedJWTString(tokenString: string, expirationSeconds: number, allowExpired?: boolean): Promise<string>;
    parseAndValidateJWTStringAsync<T extends JwtTokenBase>(tokenString: string): Promise<T>;
    createJWTStringAsync<T>(principal: string, userObject: T, roles?: string[], expirationSeconds?: number, proxyUser?: T): Promise<string>;
    extractTokenFromAuthorizationHeader<T extends JwtTokenBase>(header: string): Promise<T>;
}