/**
 * API Security Validator
 * Implements security best practices for API interactions
 */
import type { Message, ToolCall, AskOptions } from "../types.js";
/**
 * API Key validation patterns for different providers
 */
declare const API_KEY_PATTERNS: {
    readonly anthropic: RegExp;
    readonly openai: RegExp;
    readonly google: RegExp;
};
/**
 * Security configuration
 */
export interface SecurityConfig {
    maxMessageLength: number;
    maxMessages: number;
    allowedRoles: string[];
    requireHTTPS: boolean;
    sanitizeErrors: boolean;
}
/**
 * Default security configuration
 */
export declare const DEFAULT_SECURITY_CONFIG: SecurityConfig;
/**
 * API Security Validator
 */
export declare class APISecurityValidator {
    private config;
    constructor(config?: SecurityConfig);
    /**
     * Validate API key format (not validity)
     */
    validateAPIKeyFormat(key: string, provider: keyof typeof API_KEY_PATTERNS): boolean;
    /**
     * Validate messages array
     */
    validateMessages(messages: Message[]): {
        valid: boolean;
        errors: string[];
    };
    /**
     * Sanitize error messages to prevent information leakage
     */
    sanitizeError(error: Error): Error;
    /**
     * Validate URL security
     */
    validateURL(url: string): boolean;
    /**
     * Validate tool call
     */
    validateToolCall(toolCall: ToolCall): boolean;
    /**
     * Create safe request options
     */
    createSafeRequestOptions(options?: AskOptions): AskOptions;
    /**
     * Check for common injection patterns
     */
    private containsInjectionPattern;
    /**
     * Check for common injection patterns
     */
    private containsInjection;
    /**
     * Get safe error message
     */
    private getSafeErrorMessage;
    /**
     * Check if IP is in private range
     */
    private isPrivateIP;
}
/**
 * Rate limiter for API calls
 */
export declare class RateLimiter {
    private maxRequests;
    private windowMs;
    private requests;
    constructor(maxRequests?: number, windowMs?: number);
    /**
     * Check if request is allowed
     */
    isAllowed(key: string): boolean;
    /**
     * Get remaining requests
     */
    getRemaining(key: string): number;
    /**
     * Cleanup old entries
     */
    private cleanup;
}
/**
 * Request sanitizer
 */
export declare class RequestSanitizer {
    /**
     * Sanitize string input
     */
    static sanitizeString(input: string, maxLength?: number): string;
    /**
     * Sanitize object recursively
     */
    static sanitizeObject(obj: any, maxDepth?: number): any;
}
/**
 * Export singleton instances
 */
export declare const apiValidator: APISecurityValidator;
export declare const rateLimiter: RateLimiter;
export declare const sanitizer: typeof RequestSanitizer;
export {};
//# sourceMappingURL=api-validator.d.ts.map