/// <reference types="express" />
import { Request, Response, NextFunction } from 'express';
import { PasswordTokenRequest, RefreshTokenRequest } from '../utils/auth-requests';
export declare type Success<T> = {
    isSuccess: true;
    value: T;
};
export declare type Failure<T> = {
    isSuccess: false;
    type: string;
    error: T;
};
export declare function success<T>(value?: T): Success<T>;
export declare function failure<T>(type: string, error?: T): Failure<T>;
export declare type ModelError = {
    type: 'ModelError';
    message: string;
    translationKey?: string;
    translationObject?: any;
    fieldErrors?: FieldError[];
};
export declare type FieldError = {
    field: string;
    message: string;
    translationKey: string;
    translationObject?: any;
};
export declare type Token = {
    jti: string;
    iss: string;
    sub: string;
    exp: number;
    iat: number;
    name: string;
    permissions: string;
};
export declare type IdentityUser = {
    _id: string;
    email: string;
    permissions: string;
};
export declare type TokenRequest = PasswordTokenRequest | RefreshTokenRequest;
export declare type IdentityConfig = {
    issuer: string;
    secretKey: string;
    tokenExpiration: number;
    refreshTokenExpiration: number;
};
export declare type TokenData = {
    token: Token;
    signedToken: string;
    refreshToken: string;
    refreshTokenExpiration: Date;
    identity: IdentityUser;
    clientId: string;
};
export declare type RefreshToken = {
    refreshToken: string;
    expires: Date;
    userId: string;
    clientId: string;
};
export declare const ensureToken: (req: Request & {
    token: string;
}, res: Response, next: NextFunction) => void;
export declare class Identity {
    private configuration;
    constructor(configuration: IdentityConfig);
    grant(): (req: Request, res: Response, next: NextFunction) => Promise<void>;
    decodeToken(): (req: any, _: any, next: NextFunction) => void;
    private renderResponse(_, res, next);
    private grantRefreshToken();
    private grantPassword();
    private generateToken(identity, clientId);
    private generateAccessToken(user);
    private signToken(token);
    validatePasswordTokenRequest(request: PasswordTokenRequest): Success<PasswordTokenRequest> | Failure<ModelError>;
    validateRefreshTokenRequest(request: RefreshTokenRequest): Success<RefreshTokenRequest> | Failure<ModelError>;
    loadUser(request: PasswordTokenRequest): Promise<Success<IdentityUser> | Failure<ModelError> | Failure<string>>;
    loadUserForRefreshToken(request: RefreshToken): Promise<Success<IdentityUser> | Failure<ModelError> | Failure<string>>;
    saveAccessToken(signedAccessToken: string, clientId: string, expires: Date, user: IdentityUser): Promise<void>;
    saveRefreshToken(refreshToken: string, clientId: string, expires: Date, user: IdentityUser): Promise<void>;
    loadRefreshToken(refreshToken: string, clientId: string): Promise<RefreshToken>;
    removeTokens(identity: IdentityUser, clientId: string): Promise<void>;
    removeRefreshToken(token: string): Promise<void>;
    removeAccessToken(accessToken: string): Promise<void>;
    validateRefreshToken(refreshToken: RefreshToken): Success<RefreshToken> | Failure<ModelError> | Failure<Error> | Failure<string>;
}