/**
 * Encryption Interceptors
 * Request/response interceptors for automatic field encryption/decryption
 */
import type { EncryptionConfig } from '@plyaz/types/api';
import type { RequestConfig, FetchResponse } from 'fetchff';
/**
 * Create request interceptor for automatic encryption
 *
 * This interceptor:
 * - Encrypts fields in request body, query params, and headers
 * - Supports field patterns with wildcards
 * - Handles key providers for multi-tenant scenarios
 * - Implements error handling strategies
 *
 * @param config - Encryption configuration
 * @returns Request interceptor function
 *
 * @example
 * ```typescript
 * const api = createApiClient({
 *   onRequest: createEncryptionInterceptor({
 *     enabled: true,
 *     fields: ['user.ssn', 'payment.*.cardNumber'],
 *     key: encryptionKey,
 *     target: ['body', 'params']
 *   })
 * });
 * ```
 */
export declare function createEncryptionInterceptor(config: EncryptionConfig): <TResponse = unknown, TParams = unknown, TPath = unknown, TBody = unknown>(requestConfig: RequestConfig<TResponse, TParams, TPath, TBody>) => Promise<RequestConfig<TResponse, TParams, TPath, TBody>>;
/**
 * Create response interceptor for automatic decryption
 *
 * This interceptor:
 * - Automatically detects encrypted fields in responses
 * - Decrypts fields with EncryptedFieldMetadata format
 * - Handles key rotation via keyId matching
 * - Implements error handling strategies
 *
 * @param config - Encryption configuration
 * @returns Response interceptor function
 *
 * @example
 * ```typescript
 * const api = createApiClient({
 *   onResponse: createDecryptionInterceptor({
 *     enabled: true,
 *     autoDecrypt: true,
 *     key: encryptionKey
 *   })
 * });
 * ```
 */
export declare function createDecryptionInterceptor(config: EncryptionConfig): <TResponse = unknown, TBody = unknown, TParams = unknown, TPath = unknown>(response: FetchResponse<TResponse, TBody, TParams, TPath>) => Promise<FetchResponse<TResponse, TBody, TParams, TPath>>;
/**
 * Create combined encryption/decryption interceptors
 *
 * Convenience function that creates both request and response interceptors
 *
 * @param config - Encryption configuration
 * @returns Object with request and response interceptors
 *
 * @example
 * ```typescript
 * const { onRequest, onResponse } = createEncryptionInterceptors({
 *   enabled: true,
 *   algorithm: 'AES-GCM',
 *   key: encryptionKey,
 *   fields: ['user.*.ssn', 'payment.cardNumber'],
 *   autoDecrypt: true
 * });
 *
 * const api = createApiClient({
 *   onRequest,
 *   onResponse
 * });
 * ```
 */
export declare function createEncryptionInterceptors(config: EncryptionConfig): {
    onRequest: (requestConfig: RequestConfig) => Promise<RequestConfig>;
    onResponse: (response: FetchResponse) => Promise<FetchResponse>;
};
/**
 * Validate encryption configuration
 *
 * Checks if encryption config is valid before use
 *
 * @param config - Encryption configuration to validate
 * @throws {ApiPackageError} When configuration is invalid
 */
export declare function validateEncryptionConfig(config: EncryptionConfig): void;
/**
 * Check if request has fields that need encryption
 *
 * Utility to determine if a request contains fields matching encryption patterns
 *
 * @param requestConfig - Request configuration to check
 * @param config - Encryption configuration with field patterns
 * @returns True if request has fields that need encryption
 */
export declare function hasEncryptableFields(requestConfig: RequestConfig, config: EncryptionConfig): boolean;
//# sourceMappingURL=interceptors.d.ts.map