/** * Returns whether `serverUrl` targets one of the recognized local * development hostnames. Invalid URLs return `false` so callers can * always proceed as if the target is remote. */ export declare function isLocalDevelopmentServerUrl(serverUrl: string): boolean; /** * Resolves a Vercel OIDC token for the development client. * * Tries the `@vercel/oidc` SDK first (refreshes a freshly-issued token * when the CLI is linked to a Vercel project), then falls back to the * `VERCEL_OIDC_TOKEN` environment variable. Returns an empty string * when no token is available so callers can proceed without auth. */ export declare function resolveDevelopmentOidcToken(): Promise; /** * Vercel header used to bypass preview protection for framework-owned routes * during local CLI development. Paired with a Protection Bypass for * Automation token issued from Project Settings. */ export declare const VERCEL_PROTECTION_BYPASS_HEADER = "x-vercel-protection-bypass"; /** * Vercel header used to bypass deployment protection by presenting a * trusted OIDC token issued by Vercel for the linked project. When the * CLI is `vercel link`-ed (or running inside a Vercel function), the * platform mints an OIDC token whose audience and subject match the * deployment, and accepts it as proof that the caller is authorized. * * This is preferred over {@link VERCEL_PROTECTION_BYPASS_HEADER} because * it requires no per-project secret — the token is already available via * `@vercel/oidc`. */ export declare const VERCEL_TRUSTED_OIDC_IDP_TOKEN_HEADER = "x-vercel-trusted-oidc-idp-token"; /** * Vercel request header that carries the runtime OIDC token on function * invocations. */ export declare const VERCEL_OIDC_TOKEN_HEADER = "x-vercel-oidc-token"; /** * Header values accepted by eve's development client helpers. */ export type DevelopmentRequestHeaders = Headers | ReadonlyArray | Record; /** * Creates request headers for one service-issued development request and * opportunistically refreshes a linked local Vercel OIDC token for eve-owned * routes when no explicit authorization header is present. */ export declare function createDevelopmentRequestHeadersAsync(input: { headers?: DevelopmentRequestHeaders; resourceUrl: URL; }): Promise; /** * Resolves the per-request custom headers used by the development client * when constructing requests against a configured server URL. * * - {@link VERCEL_PROTECTION_BYPASS_HEADER} is attached when * `VERCEL_AUTOMATION_BYPASS_SECRET` is set. * - {@link VERCEL_TRUSTED_OIDC_IDP_TOKEN_HEADER} is attached when a Vercel * OIDC token is available locally (either via `vercel link` + * `@vercel/oidc` or via the `VERCEL_OIDC_TOKEN` environment variable). * This lets the CLI bypass Vercel Deployment Protection without the user * creating a project-scoped Bypass for Automation token first. * * Both headers are sent when both sources are available; the platform * accepts whichever it can validate. * * Local dev servers skip the OIDC token entirely — the framework's * default channel auth chain is `[localDev(), vercelOidc()]`, and * `localDev()` accepts off Vercel infrastructure, so attaching the * bypass token would be wasted work. */ export declare function resolveDevelopmentClientHeaders(input: { readonly serverUrl: string; }): Promise>;