/**
 * HTTP Server for Frame Ingestion API
 *
 * Provides REST API endpoints for Frame ingestion from external tools
 *
 * SECURITY NOTICE:
 * - HTTP mode requires mandatory API key authentication
 * - For local development, prefer MCP stdio mode (safer, no network exposure)
 * - Production deployments MUST use reverse proxy with TLS (nginx, Caddy)
 * - See SECURITY.md for deployment best practices
 */
import { Express } from "express";
import type Database from "better-sqlite3-multiple-ciphers";
export interface HttpServerOptions {
    port?: number;
    apiKey?: string;
    rateLimitWindowMs?: number;
    rateLimitMaxRequests?: number;
    enableOAuth?: boolean;
    github?: {
        clientId: string;
        clientSecret: string;
        redirectUri: string;
    };
    jwtPublicKey?: string;
    jwtPrivateKey?: string;
}
/**
 * Create and configure the HTTP server with security hardening
 */
export declare function createHttpServer(db: Database.Database, options: HttpServerOptions): Express;
/**
 * Start the HTTP server with authentication
 *
 * @throws Error if neither OAuth nor API key is configured
 */
export declare function startHttpServer(db: Database.Database, options: HttpServerOptions): Promise<void>;