import { Hex } from 'ox';
import { Authentication, type Types } from 'ox/webauthn';
/** Credential request options. */
export type Options = Types.CredentialRequestOptions<true>;
/** Authentication response. */
export type Response = Authentication.Response<true>;
/**
 * Generates serialized `PublicKeyCredentialRequestOptions` for authentication.
 *
 * A random 32-byte challenge is generated by default. The challenge is
 * returned alongside the options so it can be stored for later verification.
 *
 * @example
 * ```ts
 * import { Authentication } from 'webauthx/server'
 *
 * async function handler(request: Request) {
 *   const { challenge, options } = Authentication.getOptions({
 *     credentialId: storedCredential.id,
 *     rpId: 'example.com',
 *   })
 *   await db.storeChallenge(challenge)
 *   return Response.json(options)
 * }
 * ```
 */
export declare function getOptions(options?: getOptions.Options): getOptions.ReturnType;
export declare namespace getOptions {
    type Options = Omit<Authentication.getOptions.Options, 'challenge'> & {
        challenge?: Hex.Hex | undefined;
    };
    type ReturnType = {
        challenge: Hex.Hex;
        options: Types.CredentialRequestOptions<true>;
    };
    type ErrorType = Authentication.getOptions.ErrorType | Authentication.serializeOptions.ErrorType;
}
/**
 * Verifies a serialized authentication response from the client.
 *
 * Deserializes the response, then validates the rpIdHash, origin,
 * challenge, and P256 signature.
 *
 * @example
 * ```ts
 * import { Authentication } from 'webauthx/server'
 * import { db } from './db'
 *
 * async function handler(request: Request) {
 *   const response = await request.json()
 *   const challenge = await db.consumeChallenge(request)
 *   const credential = await db.getCredential(response.id)
 *   const valid = Authentication.verify(response, {
 *     challenge,
 *     publicKey: credential.publicKey,
 *     origin: 'https://example.com',
 *     rpId: 'example.com',
 *   })
 * }
 * ```
 */
export declare function verify(response: Response, options: verify.Options): boolean;
export declare namespace verify {
    type Options = Omit<Authentication.verify.Options, 'metadata' | 'signature' | 'publicKey'> & {
        publicKey: Hex.Hex;
    };
    type ErrorType = Authentication.verify.ErrorType | Authentication.deserializeResponse.ErrorType;
}
//# sourceMappingURL=Authentication.d.ts.map