import type Credential from "@arcgis/core/identity/Credential";
import type Portal from "@arcgis/core/portal/Portal";
import type PortalGroup from "@arcgis/core/portal/PortalGroup";
import type { Principal } from "@vertigis/viewer-spec/messaging/registry/auth";
import type { HasVisibility } from "../support/HasVisibility";
/**
 * A service that handles ArcGIS Portal authentication.
 */
export interface AuthenticationService {
    /**
     * The current user of the application.
     */
    readonly user: Principal;
    /**
     * The groups associated with the current user of the application.
     */
    readonly userGroups: PortalGroup[];
    /**
     * The accountId of the current custom domain if applicable.
     */
    readonly accountId: string;
    /**
     * Will append a token to the url if required. Otherwise will return the
     * original url.
     */
    appendToken(url: string): string;
    /**
     * Finds the Credential for a resource identified by a given url.
     */
    findCredential(url: string, userId?: string): Credential;
    /**
     * Implements the "auth.sign-in" command.
     */
    signIn(): Promise<void>;
    /**
     * Implements the "auth.is-sign-in-available" operation.
     */
    isSignInAvailable(): boolean;
    /**
     * Returns whether or not a model's component(s) will be visible to the
     * current user of the application.
     *
     * @param model The ComponentModel whose components' visibility will be
     *   checked against the current user of the application.
     */
    isVisibleToUser(model: HasVisibility): boolean;
    /**
     * Implements the "auth.sign-out" command.
     */
    signOut(): Promise<void>;
    /**
     * Gets the authentication token for the specified portal.
     *
     * If you must have a token when working with IWA secured portals, consider
     * using `fetchPortalToken` instead.
     */
    getPortalToken(portal: Portal): string | undefined;
    /**
     * Fetches the authentication token for the specified portal.
     *
     * If the portal is IWA secured, there is OAuth2 app info available for the
     * portal, and the user has yet to fetch an OAuth2 token for it, this method
     * will initiate the OAuth2 sign-in flow to obtain a token.
     *
     * If you do not need a token when working with IWA secured portals, like in
     * most use cases when accessing portal resources normally, consider using
     * `getPortalToken` instead.
     */
    fetchPortalToken(portal: Portal): Promise<string | undefined>;
}