import type { ProviderSnapshot, SessionMode } from '../session.types';
import { Scope } from '../../../scope';
export interface BaseCreateCtx {
    id: string;
    sessionId?: string;
    scope: Scope;
    issuer: string;
    token: string;
    user: SessionUser;
    claims?: SessionClaims;
    createdAt?: number;
    authorizedProviders?: Record<string, ProviderSnapshot>;
    authorizedProviderIds?: string[];
    authorizedApps?: Record<string, {
        id: string;
        toolIds: string[];
    }>;
    authorizedAppIds?: string[];
    authorizedResources?: string[];
    scopes?: string[];
    authorizedTools?: Record<string, {
        executionPath: [string, string];
        details?: Record<string, any>;
    }>;
    authorizedToolIds?: string[];
    authorizedPrompts?: Record<string, {
        executionPath: [string, string];
        details?: Record<string, any>;
    }>;
    authorizedPromptIds?: string[];
}
export interface SessionUser {
    sub?: string;
    name?: string;
    email?: string;
    picture?: string;
}
export interface SessionClaims {
    [key: string]: any;
}
export declare abstract class Session {
    #private;
    readonly id: string;
    abstract readonly mode: SessionMode;
    readonly createdAt: number;
    readonly scopeId: string;
    readonly user: SessionUser;
    readonly claims?: Record<string, unknown>;
    /** Epoch millis when the bearer token expires (if available). */
    readonly expiresAt?: number;
    readonly authorizedProviders: Record<string, ProviderSnapshot>;
    readonly authorizedProviderIds: string[];
    readonly authorizedApps: Record<string, {
        id: string;
        toolIds: string[];
    }>;
    readonly authorizedAppIds: string[];
    readonly authorizedResources: string[];
    readonly scopes?: string[];
    readonly authorizedTools?: Record<string, {
        executionPath: [string, string];
        details?: Record<string, any>;
    }>;
    readonly authorizedToolIds?: string[];
    readonly authorizedPrompts?: Record<string, {
        executionPath: [string, string];
        details?: Record<string, any>;
    }>;
    readonly authorizedPromptIds?: string[];
    protected token: string;
    protected constructor(ctx: BaseCreateCtx);
    /**
     * Get the scope associated with this session.
     * Can be used by subclasses to implement custom scope handling.
     * @protected
     */
    protected get scope(): Scope;
    get issuer(): string;
    getTransportSessionId(): Promise<string>;
    /**
     * Get the access token for a given provider.
     * Must be implemented in subclasses based on session topology.
     * @protected
     * @param providerId
     */
    abstract getToken(providerId?: string): Promise<string> | string;
    scoped(allowed: string | string[] | ((id: string) => boolean)): SessionView;
}
export declare class SessionView {
    private readonly parent;
    private readonly allow;
    constructor(parent: Session, allow: (id: string) => boolean);
    get id(): string;
    get mode(): SessionMode;
    get user(): SessionUser;
    get claims(): Record<string, unknown> | undefined;
    get authorizedApps(): Record<string, {
        id: string;
        toolIds: string[];
    }>;
    getToken(providerId: string): Promise<string>;
    get transportId(): () => Promise<string>;
}