/**
 * A JSON Web Token header
 *
 * RFC source: https://www.rfc-editor.org/rfc/rfc7519
 *
 * @property typ The type of the token (usually 'JWT')
 * @property alg Signing algorithm used
 * @property kid Key ID parameter which is used to match a specific key
 */
export interface JwtHeader {
    typ?: string | null;
    alg?: string | null;
    kid?: string | null;
}
/**
 * A JSON Web Token body
 *
 * The fields are a combination of the following specs:
 *
 * RFC: https://www.rfc-editor.org/rfc/rfc7519
 * OpenID: https://openid.net/specs/openid-connect-core-1_0.html
 * OAuth 2.0: https://www.rfc-editor.org/rfc/rfc6749.html
 * OpenID Connect Front-Channel Logout 1.0: https://openid.net/specs/openid-connect-frontchannel-1_0.html
 *
 * @property iss            Issuing authority of this token, i.e. our identity provider
 * @property ons            Organization namespace this token is issued within
 * @property sub            Identifier for the party this token is issued on behalf of
 * @property aud            Target audience for this token, i.e. our applications
 * @property acr            The level of authentication, i.e. AM1
 * @property jti            Unique id for this token
 * @property sid            Unique id for this session
 * @property amr            Access methods used to obtain this token, can be a combination, i.e. password and sms otp
 * @property exp            Timestamp for expiry
 * @property iat            Timestamp for issuing date
 * @property nbf            Timestamp which this token should not be used before
 * @property clt            Current life time counting number of refreshes in this session
 * @property email          End-User's preferred e-mail address
 * @property email_verified True if the End-User's e-mail address has been verified; otherwise false
 */
export interface JwtBody {
    iss?: string | null;
    ons?: string | null;
    sub?: string | null;
    aud?: string | string[] | null;
    acr?: string | null;
    jti?: string | null;
    sid?: string | null;
    amr?: string[] | null;
    exp?: number | null;
    iat?: number | null;
    nbf?: number | null;
    clt?: number | null;
    email?: string | null;
    email_verified?: boolean | null;
    scope?: string | string[] | null;
}
/**
 * A JSON Web Key (does not contain all fields mentioned in the RFC)
 *
 * RFC source: https://www.rfc-editor.org/rfc/rfc7517
 *
 * @property kid Key ID parameter which is used to match a specific key
 * @property kty Key Type parameter which identifies the cryptographic algorithm family used with the key, such as "RSA" or "EC"
 * @property use Public Key Use parameter which identifies the intended use of the public key (e.g. encrypting, verifying etc.)
 * @property alg Algorithm parameter which identifies the algorithm intended for use with the key
 * @property e   Public exponent for RSA Key blinding operations
 * @property n   Modulus component for RSA Key blinding operations
 * @property crv Curve parameter for elliptic curve keys
 * @property x   Base64-encoded x coordinate for elliptic curve keys
 * @property y   Base64-encoded y coordinate for elliptic curve keys
 */
export interface JwkBody {
    kid?: string | null;
    kty: string;
    use?: string | null;
    alg?: string | null;
    e?: string | null;
    n?: string | null;
    crv?: string | null;
    x?: string | null;
    y?: string | null;
}
export declare function isJwtHeader(obj: unknown): obj is JwtHeader;
export declare function isJwtBody(obj: unknown): obj is JwtBody;
export declare function isJwkBody(obj: unknown): obj is JwkBody;