import type { McpAuthModuleOptions } from '../interfaces/auth-module-options.interface';
import type { AuthorizeQueryDto, OAuthClient, TokenIntrospectionResponse, TokenResponse } from '../interfaces/oauth-types.interface';
import type { IOAuthStore } from '../stores/oauth-store.interface';
import { AuthAuditService } from './auth-audit.service';
import { OAuthClientService } from './client.service';
import { JwtTokenService } from './jwt-token.service';
export type AuthFlowOutcome = {
    type: 'granted';
    code: string;
    redirectUri: string;
    state: string;
} | {
    type: 'denied';
    error: string;
    errorDescription: string;
    redirectUri: string;
    state: string;
};
export declare class OAuthFlowService {
    private readonly options;
    private readonly jwtService;
    private readonly clientService;
    private readonly store;
    private readonly auditService?;
    private readonly grantHandlers;
    constructor(options: McpAuthModuleOptions, jwtService: JwtTokenService, clientService: OAuthClientService, store: IOAuthStore, auditService?: AuthAuditService | undefined);
    authorize(query: AuthorizeQueryDto, req: unknown): Promise<AuthFlowOutcome>;
    handleGrant(body: Record<string, unknown>): Promise<TokenResponse>;
    exchangeCode(body: Record<string, unknown>): Promise<TokenResponse>;
    refreshToken(body: Record<string, unknown>): Promise<TokenResponse>;
    revokeToken(body: Record<string, unknown>): Promise<{
        success: boolean;
    }>;
    introspectToken(body: Record<string, unknown>): Promise<TokenIntrospectionResponse>;
    registerClient(body: Record<string, unknown>): Promise<OAuthClient>;
}
//# sourceMappingURL=oauth-flow.service.d.ts.map