/**
 * Signed cookie session provider.
 *
 * Stores session data in signed cookies. No server-side storage required.
 */
import type { Session, ISessionProvider } from '../../interfaces/index.js';
/**
 * Options for CookieSessionProvider.
 */
export interface CookieSessionProviderOptions {
    /** Secret for signing cookies (required) */
    secret: string;
    /** Session TTL in milliseconds (default: 7 days) */
    ttl?: number;
    /** Cookie name (default: 'mastra_session') */
    cookieName?: string;
    /** Cookie path (default: '/') */
    cookiePath?: string;
    /** Cookie domain */
    cookieDomain?: string;
    /** Use secure cookies (default: true in production) */
    secure?: boolean;
}
/**
 * Signed cookie session provider.
 *
 * Stores session data in signed cookies. The session is validated
 * by verifying the signature on each request.
 *
 * @example
 * ```typescript
 * const sessionProvider = new CookieSessionProvider({
 *   secret: process.env.SESSION_SECRET!,
 *   ttl: 7 * 24 * 60 * 60 * 1000, // 7 days
 * });
 * ```
 */
export declare class CookieSessionProvider implements ISessionProvider {
    private secret;
    private ttl;
    private cookieName;
    private cookiePath;
    private cookieDomain?;
    private secure;
    constructor(options: CookieSessionProviderOptions);
    createSession(userId: string, metadata?: Record<string, unknown>): Promise<Session>;
    validateSession(_sessionId: string): Promise<Session | null>;
    destroySession(_sessionId: string): Promise<void>;
    refreshSession(_sessionId: string): Promise<Session | null>;
    getSessionIdFromRequest(request: Request): string | null;
    /**
     * Get full session from cookie.
     */
    getSessionFromCookie(request: Request): Session | null;
    getSessionHeaders(session: Session): Record<string, string>;
    getClearSessionHeaders(): Record<string, string>;
    /**
     * Sign and encode session data.
     */
    private signAndEncode;
    /**
     * Decode and verify session cookie.
     */
    private decodeAndVerify;
    /**
     * Create HMAC-SHA256 signature.
     */
    private sign;
    /**
     * Base64 encode (consistent across Node.js and browser runtimes).
     */
    private base64Encode;
    /**
     * Base64 decode (consistent across Node.js and browser runtimes).
     */
    private base64Decode;
    /**
     * Constant-time string comparison.
     */
    private secureCompare;
}
//# sourceMappingURL=cookie.d.ts.map