import { JwtService } from '@nestjs/jwt'; import { ConfigService } from '@nestjs/config'; import { PrismaService } from "../../../core/database/prisma/prisma.service"; import { AuditService } from "../../../core/observability/audit/audit.service"; import { LdapService } from '../ldap/ldap.service'; import { EntraService } from '../entra/entra.service'; import { LoginDto, RegisterDto, ChangePasswordDto, DevEmailLoginDto } from './dto/auth.dto'; import { TokenService } from './services/token.service'; import { AuthCacheService } from './services/auth-cache.service'; import { PermissionDelegationService } from "../../../common/services/permission-delegation.service"; import { SsoConfigService } from './sso/sso-config.service'; export declare class AuthService { private prisma; private jwtService; private ldapService; private entraService; private configService; private tokenService; private authCache; private delegationService; private ssoConfig; private auditService; private readonly logger; constructor(prisma: PrismaService, jwtService: JwtService, ldapService: LdapService, entraService: EntraService, configService: ConfigService, tokenService: TokenService, authCache: AuthCacheService, delegationService: PermissionDelegationService, ssoConfig: SsoConfigService, auditService: AuditService); register(registerDto: RegisterDto): Promise<{ user: { displayName: string; id: string; createdAt: Date; status: import("@prisma/client").$Enums.UserStatus; username: string; email: string; source: import("@prisma/client").$Enums.UserSource; }; token: { accessToken: string; refreshToken: string; }; }>; login(loginDto: LoginDto): Promise<{ accessToken: string; refreshToken: string; tokenType: string; expiresIn: number; user: { id: string; username: string; email: string; displayName: string; avatar: string | null; source: import("@prisma/client").$Enums.UserSource; status: "ACTIVE"; employeeId: string | null; department: string | undefined; position: string | undefined; roles: string[]; permissions: string[]; defaultRegion: string; accessibleRegions: string[]; regionPermissions: Record; }; }>; loginViaSSO(params: { email: string; oid: string; entraTid: string; ipAddress: string; userAgent: string; }): Promise<{ accessToken: string; refreshToken: string; userId: string; }>; private buildSsoAuditPayload; private writeSsoAudit; devEmailLogin(body: DevEmailLoginDto): Promise<{ accessToken: string; refreshToken: string; tokenType: string; expiresIn: number; user: { id: string; username: string; email: string; displayName: string; avatar: string | null; source: import("@prisma/client").$Enums.UserSource; status: import("@prisma/client").$Enums.UserStatus; employeeId: string | null; department: string | undefined; position: string | undefined; roles: string[]; permissions: string[]; defaultRegion: string; accessibleRegions: string[]; regionPermissions: Record; }; }>; private updateLdapUserInfo; validateUser(userId: string, currentOrganizationId?: string): Promise<{ userId: string; username: string | undefined; email: string | undefined; defaultRegion: string | undefined; currentOrganizationId: string | undefined; roles: string[]; permissions: string[]; organizationPermissions: Record; organizationRoles: Record; regionPermissions: Record; regionRoles: Record; dataScopes: { resource: string; scopeType: string; }[]; } | null>; private sliceAuthPayload; private loadInboundDelegationScopes; refresh(refreshToken: string): Promise<{ accessToken: string; refreshToken: string; tokenType: string; expiresIn: number; }>; logout(accessToken: string): Promise<{ message: string; }>; isJtiBlacklisted(jti: string): Promise; revokeAllTokens(userId: string): Promise; private generateToken; private syncLdapUser; private assignDefaultRoles; private syncUserRoles; private mapLdapGroupsToRoles; private syncPosition; private getRegionPermissions; private getAccessibleRegions; changePassword(userId: string, changePasswordDto: ChangePasswordDto): Promise; private getPasswordChangeErrorMessage; resetPassword(userId: string, newPassword: string): Promise; }