import { GraphqlClient } from '../common/GraphqlClient';
import { HttpClient } from '../common/HttpClient';
import { AuthenticationTokenProvider } from './AuthenticationTokenProvider';
import { Lang } from '../../types';
/**
 * Initialize the parameters of AuthenticationClientOptions
 */
export interface AuthenticationClientOptions {
    /** App ID */
    appId: string;
    /** Application full domain name, such as https://sample-app.approw.cn, without the final slash '/'。 */
    appHost?: string;
    /** Application key */
    secret?: string;
    /** Application Identity Protocol */
    protocol?: 'oauth' | 'oidc' | 'saml' | 'cas';
    /** Get the token endpoint authentication method */
    tokenEndPointAuthMethod?: 'client_secret_post' | 'client_secret_basic' | 'none';
    /** Check the token endpoint authentication method */
    introspectionEndPointAuthMethod?: 'client_secret_post' | 'client_secret_basic' | 'none';
    /** Withdraw token endpoint authentication method */
    revocationEndPointAuthMethod?: 'client_secret_post' | 'client_secret_basic' | 'none';
    /** Application callback address */
    redirectUri?: string;
    /** Request timeout **/
    timeout?: number;
    /** Error callback function, the default is (err: Error) => {throw err} throws an error directly **/
    onError?: (code: number, message: string, data?: any) => void;
    /** Websocket server domain name */
    websocketHost?: string;
    /** Request source */
    requestFrom?: string;
    /** token */
    token?: string;
    /** Encryption function */
    encryptFunction?: (plainText: string, publicKey: string) => Promise<string>;
    /** Password transmission encryption public key */
    publicKey?: string;
    httpClient?: typeof HttpClient;
    graphqlClient?: typeof GraphqlClient;
    tokenProvider?: typeof AuthenticationTokenProvider;
    /**
     * Language
     */
    lang?: Lang;
    /**
     * @deprecated This parameter is obsolete, please use appHost
     */
    host?: string;
    /**
     * @deprecated This parameter is obsolete, please use appHost
     */
    domain?: string;
}
export interface QRCodeUserInfo {
    nickname: string;
    photo: string;
    id?: string;
    email?: string;
    emailVerified?: boolean;
    unionid?: string;
    openid?: string;
    oauth?: string;
    registerMethod?: string;
    username?: string;
    company?: string;
    token?: string;
    phone?: string;
    tokenExpiredAt?: string;
    loginsCount?: number;
    lastIP?: string;
    signedUp?: string;
    blocked?: boolean;
    isDeleted?: boolean;
}
export interface QRCodeStatus {
    random: string;
    /** QR code status: 0-not used, 1-scanned, 2-authorized, 3-canceled authorization, -1-expired */
    status: number;
    ticket?: string;
    userInfo?: QRCodeUserInfo;
}
export interface QRCodeGenarateResult {
    random: string;
    url: string;
}
export declare type IMfaAuthenticators = Array<{
    id: string;
    createdAt: string;
    updatedAt: string;
    userId: string;
    enable: boolean;
    secret: string;
    authenticatorType: string;
    recoveryCode: string;
}>;
export declare type IMfaAssociation = {
    authenticator_type: string;
    secret: string;
    qrcode_uri: string;
    qrcode_data_url: string;
    recovery_code: string;
};
export declare type IMfaConfirmAssociation = {
    code: number;
    message: string;
};
export declare type IMfaDeleteAssociation = {
    code: number;
    message: string;
};
/**
 * Password security level
 */
export declare enum PasswordSecurityLevel {
    LOW = 1,
    MIDDLE = 2,
    HIGH = 3
}
export interface SecurityLevel {
    email: boolean;
    mfa: boolean;
    password: boolean;
    phone: boolean;
    passwordSecurityLevel: PasswordSecurityLevel | null;
    score: number;
}
export declare enum SocialConnectionProvider {
    ALIPAY = "alipay",
    GOOGLE = "google",
    WECHATPC = "wechat:pc",
    WECHATMP = "wechat:webpage-authorization",
    WECHAT_MINIPROGRAM = "wechat:miniprogram:default",
    WECHAT_MINIPROGRAM_QRCODE = "wechat:miniprogram:qrconnect",
    WECHAT_MINIPROGRAM_APPLAUNCH = "wechat:miniprogram:app-launch",
    WECHATMOBILE = "wechat:mobile",
    GITHUB = "github",
    QQ = "qq",
    WECHATWORK_ADDRESS_BOOK = "wechatwork:addressbook",
    WECHATWORK_CORP_QRCONNECT = "wechatwork:corp:qrconnect",
    WECHATWORK_SERVICEPROVIDER_QRCONNECT = "wechatwork:service-provider:qrconnect",
    DINGTALK = "dingtalk",
    WEIBO = "weibo",
    APPLE = "apple",
    APPLE_WEB = "apple:web",
    OAUTH = "oauth",
    BAIDU = "baidu"
}
export declare enum Protocol {
    OIDC = "oidc",
    OAUTH = "oauth",
    SAML = "saml",
    CAS = "cas",
    AZURE_AD = "azure-ad"
}
export declare enum AppPasswordStrengthLimit {
    NoCheck = 0,
    Low = 1,
    Middle = 2,
    High = 3
}
export declare enum RegisterMethods {
    Email = "email",
    Phone = "phone"
}
export declare enum LoginMethods {
    LDAP = "ldap",
    AppQr = "app-qrcode",
    Password = "password",
    PhoneCode = "phone-code",
    WxMinQr = "wechat-miniprogram-qrcode",
    AD = "ad"
}
export interface IOAuthConnectionConfig {
    authEndPoint: string;
    tokenEndPoint: string;
    scope: string;
    clientId: string;
    clientSecret: string;
    authUrlTemplate: string;
    codeToTokenScript: string;
    tokenToUserInfoScript: string;
    tokenToUserInfoScriptFuncId: string;
    codeToTokenScriptFuncId: string;
    authUrl?: string;
}
export interface ISamlConnectionConfig {
    signInEndPoint: string;
    samlRequest?: string;
    samlIdpCert: string;
    samlSpCert: string;
    samlSpKey: string;
    signOutEndPoint: string;
    signSamlRequest: boolean;
    signatureAlgorithm: string;
    digestAlgorithm: string;
    protocolBinding: string;
}
export interface ICasConnectionConfig {
    casConnectionLoginUrl: string;
}
export declare enum OIDCConnectionMode {
    FRONT_CHANNEL = "FRONT_CHANNEL",
    BACK_CHANNEL = "BACK_CHANNEL"
}
export interface IAzureAdConnectionConfig {
    microsoftAzureAdDomain: string;
    clientId: string;
    syncUserProfileOnLogin: string;
    emailVerifiedDefault: boolean;
    authorizationUrl: string;
    callbackUrl: string;
}
export interface OIDCConnectionConfig {
    issuerUrl: string;
    authorizationEdpoint: string;
    responseType: string;
    mode: OIDCConnectionMode;
    clientId: string;
    clientSecret: string;
    scopes: string;
    redirectUri: string;
}
export interface ApplicationConfig {
    id: string;
    cdnBase: string;
    userPoolId: string;
    rootUserPoolId: string;
    publicKey: string;
    passwordStrength: AppPasswordStrengthLimit;
    css: string;
    name: string;
    logo: string;
    redirectUris: string[];
    registerDisabled: boolean;
    registerTabs: {
        list: RegisterMethods[];
        default: string;
        title: {
            [x: string]: string;
        };
    };
    loginTabs: {
        list: LoginMethods[];
        default: string;
        title: {
            [x: string]: string;
        };
    };
    socialConnections: {
        provider: string;
        name: string;
        authorizationUrl: string;
    }[];
    agreementEnabled: boolean;
    extendsFieldsEnabled: boolean;
    identityProviders: {
        identifier: string;
        protocol: Protocol;
        displayName: string;
        logo: string;
        config: ISamlConnectionConfig | OIDCConnectionConfig | ICasConnectionConfig | IAzureAdConnectionConfig | IOAuthConnectionConfig;
    }[];
    ssoPageComponentDisplay: {
        autoRegisterThenLoginHintInfo: boolean;
        forgetPasswordBtn: boolean;
        idpBtns: boolean;
        loginBtn: boolean;
        loginByPhoneCodeTab: boolean;
        loginByUserPasswordTab: boolean;
        loginMethodNav: boolean;
        phoneCodeInput: boolean;
        registerBtn: boolean;
        registerByEmailTab: boolean;
        registerByPhoneTab: boolean;
        registerMethodNav: boolean;
        socialLoginBtns: boolean;
        userPasswordInput: boolean;
        wxMpScanTab: boolean;
    };
    protocol: Protocol;
    oidcConfig: OidcClientMetadata;
    enableSubAccount: boolean;
    userPoolInWhitelist: boolean;
    userPortal: UserPortalConfig;
    /** websocket domain name*/
    websocket: string;
    verifyCodeLength: number;
}
export interface OidcClientMetadata {
    grant_types: string[];
    client_id: string;
    redirect_uris: string[];
    scope: string;
    response_types: ResponseType[];
}
export interface UserPortalConfig {
    cdnBase: string;
    assetsBase: string;
    assetsVersion: string;
    icpRecord: string;
    psbRecord: string;
}
export interface IOidcParams {
    appId?: string;
    redirectUri?: string;
    responseType?: 'code' | 'code id_token token' | 'code id_token' | 'code token' | 'id_token token' | 'id_token' | 'none';
    responseMode?: 'query' | 'fragment' | 'form_post';
    state?: string;
    nonce?: string;
    scope?: string;
    codeChallengeMethod?: 'plain' | 'S256';
    codeChallenge?: string;
}
export interface IOauthParams {
    appId?: string;
    redirectUri?: string;
    responseType?: 'code' | 'token';
    state?: string;
    scope?: string;
}
export interface ILogoutParams {
    expert?: boolean;
    redirectUri?: string;
    idToken?: string;
}
export interface ICasParams {
    service?: string;
}
export declare type TotpSource = 'APPLICATION' | 'SELF';
export declare type ProviderType = 'wechat:pc' | 'github' | 'google' | 'qq' | 'apple' | 'baidu' | 'alipay' | 'lark:app-store' | 'lark:custom-app' | 'weibo' | 'dingtalk' | 'wechat:webpage-authorization' | 'alipay' | 'wechat:miniprogram:default' | 'wechat:mobile' | 'wechatwork:service-provider:authorization' | 'wechatwork:service-provider:qrconnect' | 'wechatwork:corp:qrconnect' | 'wechat:miniprogram:app-launch' | 'wechat:miniprogram:qrconnect';