import { MakePropertyRequired, Signer } from '../types'; import { Verifier } from '../types'; type ReturnJwtWithHeaderAndPayload, P extends Record, T extends Jwt> = MakePropertyRequired; type ReturnJwtWithHeader, P extends Record, T extends Jwt> = MakePropertyRequired; type ReturnJwtWithPayload, P extends Record, T extends Jwt> = MakePropertyRequired; type ReturnJwtWithSignature, P extends Record, T extends Jwt> = MakePropertyRequired; export type JwtOptions, P extends Record> = { header?: H; payload?: P; signature?: Uint8Array; }; export type JwtAdditionalOptions

= Record> = { signer?: Signer

; }; export type JwtVerificationResult = { isValid: boolean; isSignatureValid: boolean; isNotBeforeValid?: boolean; isExpiryTimeValid?: boolean; areRequiredClaimsIncluded?: boolean; }; export declare class Jwt

= Record, Payload extends Record = Record> { /** * * non-compact structure for a header of a JWT. * * Defined in: {@link https://datatracker.ietf.org/doc/html/rfc7519#section-5 | RFC 7519} * */ header?: Header; /** * * non-compact structure for a payload of a JWT. * * Defined in: {@link https://datatracker.ietf.org/doc/html/rfc7519#section-4 | RFC 7519} * */ payload?: Payload; /** * * Signature over the BASE64URL(HEADER) || '.' || BASE64URL(PAYLOAD). * * Defined in: {@link https://datatracker.ietf.org/doc/html/rfc7515 | RFC 7515} * */ signature?: Uint8Array; /** * * Callback that will be used when creating a signature over the JWT. * */ signer?: Signer

; constructor(options?: JwtOptions, additionalOptions?: JwtAdditionalOptions); /** * * Instantiate a JWT from a compact format. * * Two generics may be supplied for typing on the Header and Payload. These are not enforced. * * Defined in: {@link https://datatracker.ietf.org/doc/html/rfc7519#section-3 | RFC 7519 } * */ static fromCompact

= Record, Payload extends Record = Record>(compact: string): ReturnJwtWithHeaderAndPayload>; /** * * Replaces the current Header a new one. * */ withHeader(header: Header): ReturnJwtWithHeader; /** * * Add a new claim to the Header, overriding the old one if it already is on there. * */ addHeaderClaim(item: keyof Header | string, value: Header[typeof item] | unknown): ReturnJwtWithHeader; /** * * Replaces the current Payload a new one. * */ withPayload(payload: Payload): ReturnJwtWithPayload; /** * * Add a new claim to the Payload, overriding the old one if it already is on there. * */ addPayloadClaim(item: keyof Payload | string, value: Payload[typeof item] | unknown): ReturnJwtWithPayload; /** * * Manually append a signature to the JWT. This signature is not validated. * * @note Only use this if the supplying a signing callback does not fit your use case. * */ withSignature(signature: Uint8Array): ReturnJwtWithSignature; /** * * Add a signing callback to the JWT that will be used for creating the signature. * */ withSigner(signer: Signer): this; /** * * Assert that there is a Header on the JWT. * * @throws when the Header is not defined * */ assertHeader(): void; /** * * Assert that there is a Payload on the JWT. * * @throws when the Payload is not defined * */ assertPayload(): void; /** * * Assert that there is a Signature on the JWT. * * @throws when the Signature is not defined * */ assertSignature(): void; /** * * Assert that there is a Signing callback on the JWT. * * @throws when the Signer is not defined * */ assertSigner(): void; /** * * Assert that there is a specific claim, possibly with value, in the Header. * */ assertClaimInHeader(claimKey: keyof Header | string, claimValue?: Header[typeof claimKey] | unknown): void; /** * * Assert that there is a specific claim, possibly with value, in the Payload. * */ assertClaimInPayload(claimKey: keyof Payload | string, claimValue?: Payload[typeof claimKey] | unknown): void; private assertClaimInObject; /** * * Get a claim within the payload. * * @throws when the payload is not defined * @throws when the claim could not be found at any level * */ getClaimInPayload(claimKey: keyof Payload | string): T; /** * * Get a claim within the payload. * * @throws when the payload is not defined * @throws when the claim could not be found at any level * */ getClaimInHeader(claimKey: keyof Header | string): T; private getClaimInObject; /** * * Returns a string of what needs to be signed. * * Defined in: {@link https://datatracker.ietf.org/doc/html/rfc7519#section-3 | RFC 7519} * */ get signableInput(): string; /** * * Sign the Header and Payload and append the signature to the JWT. * */ signAndAdd(): Promise>; private get compactHeader(); private get compactPayload(); /** * * Create a compact format of the JWT. * * This will add a signature if there is none. * * @throws When the signature and signer are not defined * */ toCompact(): Promise; /** * * Verify the JWT. * * - Check the nbf claim with `now` * - Check the exp claim with `now` * - Additionally validate any required claims * - Additionally pass in a specific publicKeyJwk to validate the signature * */ verify(verifySignature: Verifier

, requiredClaims?: Array, publicKeyJwk?: Record): Promise; } export {};