/**
 * @license
 * Copyright 2025 Google LLC
 * SPDX-License-Identifier: Apache-2.0
 */
import type { OAuthCredentials, TokenStorage } from './token-storage/types.js';
import type { MCPOAuthToken, MCPOAuthCredentials } from './token-store.js';
export type { MCPOAuthToken, MCPOAuthCredentials } from './token-store.js';
/**
 * Token storage wrapper that bridges the legacy static API with the new
 * shared TokenStorage interface used across the MCP stack. By default it
 * delegates to a KeychainTokenStorage that uses SecureStore internally
 * for keychain + encrypted-file fallback.
 *
 * @plan PLAN-20260211-SECURESTORE.P09
 */
export declare class MCPOAuthTokenStorage implements TokenStorage {
    private readonly storage;
    private static tokenStore;
    constructor(storage?: TokenStorage);
    /**
     * Swap out the underlying token store implementation. Useful for testing or
     * for embedding environments that need a custom persistence layer.
     */
    static setTokenStore(store: TokenStorage): void;
    static getTokenStore(): TokenStorage;
    /**
     * Legacy helper that loads all stored credentials.
     */
    static loadTokens(): Promise<Map<string, MCPOAuthCredentials>>;
    /**
     * Legacy helper that persists credentials for a server.
     */
    static saveToken(serverName: string, token: MCPOAuthToken, clientId?: string, tokenUrl?: string, mcpServerUrl?: string): Promise<void>;
    /**
     * Legacy helper that retrieves credentials for a server.
     */
    static getToken(serverName: string): Promise<MCPOAuthCredentials | null>;
    /**
     * Legacy helper that removes credentials for a server.
     */
    static removeToken(serverName: string): Promise<void>;
    /**
     * Legacy helper that clears all persisted credentials.
     */
    static clearAllTokens(): Promise<void>;
    /**
     * Determine whether a token is expired (with a buffer to avoid clock skew).
     */
    static isTokenExpired(token: MCPOAuthToken): boolean;
    /**
     * TokenStorage implementation - delegate all operations to the injected store.
     */
    getCredentials(serverName: string): Promise<OAuthCredentials | null>;
    setCredentials(credentials: OAuthCredentials): Promise<void>;
    deleteCredentials(serverName: string): Promise<void>;
    listServers(): Promise<string[]>;
    getAllCredentials(): Promise<Map<string, OAuthCredentials>>;
    clearAll(): Promise<void>;
    /**
     * Convenience instance wrapper for legacy saveToken signature.
     */
    saveToken(serverName: string, token: MCPOAuthToken, clientId?: string, tokenUrl?: string, mcpServerUrl?: string): Promise<void>;
    /**
     * Convenience instance wrapper for legacy getToken signature.
     */
    getToken(serverName: string): Promise<MCPOAuthCredentials | null>;
    removeToken(serverName: string): Promise<void>;
    loadTokens(): Promise<Map<string, MCPOAuthCredentials>>;
    private static validateServerName;
    private static validateToken;
    private static createCredentials;
}