npm - ksef-client-ts - Versions diffs - 0.3.0 → 0.5.0 - Mend

ksef-client-ts 0.3.0 → 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

package/dist/index.d.ts CHANGED Viewed

@@ -1,3 +1,4 @@
+import { ZodType } from 'zod';
 import * as crypto from 'node:crypto';
 interface EnvironmentConfig {
@@ -459,6 +460,123 @@ declare const SUBUNIT_NAME_MAX_LENGTH = 256;
 declare const PERMISSION_DESCRIPTION_MIN_LENGTH = 5;
 declare const PERMISSION_DESCRIPTION_MAX_LENGTH = 256;
+/**
+ * XML-to-Object converter for Zod schema validation.
+ *
+ * Converts XML string → plain JS object matching the shape expected by
+ * generated Zod schemas (element children → properties, repeated elements → arrays,
+ * attributes → @-prefixed keys, namespace prefixes stripped).
+ */
+/** Result of XML-to-object conversion. */
+interface XmlConversionResult {
+    /** The converted root object (null if parsing failed). */
+    object: Record<string, unknown> | null;
+    /** Detected root element local name (e.g. "Faktura"). */
+    rootElement: string | null;
+    /** Detected namespace URI from the root element. */
+    namespace: string | null;
+    /** Parse errors, if any. */
+    errors: string[];
+}
+/**
+ * Convert an XML string to a plain JS object suitable for Zod validation.
+ *
+ * - Element children become object properties
+ * - Repeated elements with the same name become arrays
+ * - Attributes are prefixed with `@` (e.g. `@kodSystemowy`)
+ * - Namespace prefixes are stripped from element and attribute names
+ * - Text-only elements become string values
+ * - Mixed content (text + children) puts text in `#text` key
+ */
+declare function xmlToObject(xml: string): XmlConversionResult;
+/** Schema type identifiers */
+type SchemaType = 'FA3' | 'FA2' | 'RR1_V11E' | 'RR1_V10E' | 'PEF3' | 'PEF_KOR3';
+/**
+ * Schema Registry — lazy-loads generated Zod schemas and provides
+ * auto-detection of schema type from XML namespace or root element.
+ */
+declare const SchemaRegistry: {
+    /**
+     * Get a Zod schema by type. Lazy-loads the module on first access.
+     */
+    get(type: SchemaType): Promise<ZodType>;
+    /**
+     * List all available schema types.
+     */
+    availableSchemas(): SchemaType[];
+    /**
+     * Detect schema type from XML namespace URI and/or root element name.
+     *
+     * Detection priority:
+     * 1. Namespace URI match (unique per FA/RR schemas)
+     * 2. Root element name match (for PEF/PEF_KOR which use UBL namespaces)
+     */
+    detect(namespace: string | null, rootElement: string | null): SchemaType | null;
+};
+/**
+ * Invoice XML validation service.
+ *
+ * Three independent validation levels:
+ * - Level 1: XML well-formedness (xmldom parse)
+ * - Level 2: Schema validation (xml→object→Zod safeParse)
+ * - Level 3: Business rules (NIP/PESEL checksum verification)
+ */
+type InvoiceValidationErrorCode = 'MALFORMED_XML' | 'MISSING_REQUIRED_ELEMENT' | 'INVALID_VALUE' | 'INVALID_ENUM_VALUE' | 'PATTERN_MISMATCH' | 'MAX_OCCURS_EXCEEDED' | 'UNKNOWN_SCHEMA' | 'SCHEMA_VALIDATION_ERROR' | 'INVALID_NIP_CHECKSUM' | 'INVALID_PESEL_CHECKSUM';
+interface InvoiceValidationError {
+    /** Error classification code. */
+    code: InvoiceValidationErrorCode;
+    /** Human-readable error message. */
+    message: string;
+    /** XPath-like path to the invalid element (e.g. "/Faktura/Podmiot1/NIP"). */
+    path?: string;
+}
+interface InvoiceValidationResult {
+    /** Whether the invoice passed all requested validation levels. */
+    valid: boolean;
+    /** Detected or overridden schema type. */
+    schemaType: SchemaType | null;
+    /** Validation errors from all levels. */
+    errors: InvoiceValidationError[];
+}
+interface ValidateOptions {
+    /** Explicit schema type override (skip auto-detection). */
+    schema?: SchemaType;
+}
+/**
+ * Check that the XML string is well-formed (parseable).
+ *
+ * @param xml - Raw XML string.
+ * @param _parsed - Pre-parsed XML result (internal optimisation, avoids re-parsing in `validate()`).
+ */
+declare function validateWellFormedness(xml: string, _parsed?: XmlConversionResult): InvoiceValidationResult;
+/**
+ * Validate XML against its Zod schema (auto-detected or explicit).
+ *
+ * @param xml - Raw XML string.
+ * @param options - Validation options (e.g. explicit schema type override).
+ * @param _parsed - Pre-parsed XML result (internal optimisation, avoids re-parsing in `validate()`).
+ */
+declare function validateSchema(xml: string, options?: ValidateOptions, _parsed?: XmlConversionResult): Promise<InvoiceValidationResult>;
+/**
+ * Validate business rules: NIP/PESEL checksum verification on Podmiot elements.
+ *
+ * @param xml - Raw XML string.
+ * @param _parsed - Pre-parsed XML result (internal optimisation, avoids re-parsing in `validate()`).
+ */
+declare function validateBusinessRules(xml: string, _parsed?: XmlConversionResult): InvoiceValidationResult;
+/**
+ * Run all three validation levels (well-formedness → schema → business rules).
+ * Short-circuits on first failing level.
+ *
+ * XML is parsed once and the result is reused across all three levels.
+ */
+declare function validate(xml: string, options?: ValidateOptions): Promise<InvoiceValidationResult>;
 interface OperationResponse {
     referenceNumber: string;
 }
@@ -625,6 +743,11 @@ interface BatchPartSendingInfo {
     metadata: FileMetadata;
     ordinalNumber: number;
 }
+interface BatchPartStreamSendingInfo {
+    dataStream: ReadableStream<Uint8Array>;
+    metadata: FileMetadata;
+    ordinalNumber: number;
+}
 interface SessionsFilter {
     referenceNumber?: string;
@@ -1634,6 +1757,78 @@ interface QrCodeOptions {
     errorCorrectionLevel?: 'L' | 'M' | 'Q' | 'H';
 }
+declare const SystemCode: {
+    readonly FA_2: "FA (2)";
+    readonly FA_3: "FA (3)";
+    readonly PEF_3: "PEF (3)";
+    readonly PEF_KOR_3: "PEF_KOR (3)";
+    readonly FA_RR_1: "FA_RR (1)";
+};
+type SystemCode = (typeof SystemCode)[keyof typeof SystemCode];
+declare const FORM_CODES: {
+    readonly FA_2: {
+        readonly systemCode: "FA (2)";
+        readonly schemaVersion: "1-0E";
+        readonly value: "FA";
+    };
+    readonly FA_3: {
+        readonly systemCode: "FA (3)";
+        readonly schemaVersion: "1-0E";
+        readonly value: "FA";
+    };
+    readonly PEF_3: {
+        readonly systemCode: "PEF (3)";
+        readonly schemaVersion: "2-1";
+        readonly value: "PEF";
+    };
+    readonly PEF_KOR_3: {
+        readonly systemCode: "PEF_KOR (3)";
+        readonly schemaVersion: "2-1";
+        readonly value: "PEF";
+    };
+    readonly FA_RR_1_LEGACY: {
+        readonly systemCode: "FA_RR (1)";
+        readonly schemaVersion: "1-0E";
+        readonly value: "RR";
+    };
+    readonly FA_RR_1_TRANSITION: {
+        readonly systemCode: "FA_RR (1)";
+        readonly schemaVersion: "1-1E";
+        readonly value: "RR";
+    };
+    readonly FA_RR_1: {
+        readonly systemCode: "FA_RR (1)";
+        readonly schemaVersion: "1-1E";
+        readonly value: "FA_RR";
+    };
+};
+/** Default form code for sessions and CLI commands (FA(3) since 2026-02-01). */
+declare const DEFAULT_FORM_CODE: {
+    readonly systemCode: "FA (3)";
+    readonly schemaVersion: "1-0E";
+    readonly value: "FA";
+};
+type OnlineSessionFormCode = (typeof FORM_CODES)[keyof typeof FORM_CODES];
+type BatchSessionFormCode = typeof FORM_CODES.FA_2 | typeof FORM_CODES.FA_3 | typeof FORM_CODES.FA_RR_1_LEGACY | typeof FORM_CODES.FA_RR_1_TRANSITION | typeof FORM_CODES.FA_RR_1;
+declare const INVOICE_TYPES_BY_SYSTEM_CODE: Record<SystemCode, readonly InvoiceType[]>;
+declare const FORM_CODE_KEYS: Record<string, FormCode>;
+/**
+ * Returns the default FormCode constant for a given SystemCode.
+ * For FA_RR_1, returns the current variant (schemaVersion 1-1E, value FA_RR).
+ */
+declare function getFormCode(systemCode: SystemCode): FormCode;
+/**
+ * Matches a raw FormCode from an API response to the closest typed constant.
+ * Returns the raw object unchanged if no exact match is found.
+ */
+declare function parseFormCode(raw: FormCode): FormCode;
+/**
+ * Validates whether a FormCode is valid for the given session type.
+ * Batch sessions do not support PEF or PEF_KOR document types.
+ */
+declare function validateFormCodeForSession(formCode: FormCode, sessionType: 'online' | 'batch'): boolean;
 declare class AuthService {
     private readonly restClient;
     constructor(restClient: RestClient);
@@ -1666,6 +1861,12 @@ declare class BatchSessionService {
     constructor(restClient: RestClient);
     openSession(request: OpenBatchSessionRequest, upoVersion?: UpoVersion | string): Promise<OpenBatchSessionResponse>;
     sendParts(openResponse: OpenBatchSessionResponse, parts: BatchPartSendingInfo[]): Promise<void>;
+    /**
+     * Upload parts sequentially (not in parallel) because each part uses a
+     * streaming body (`duplex: 'half'`). Parallel streaming uploads can cause
+     * backpressure issues and exceed memory limits for large payloads.
+     */
+    sendPartsWithStream(openResponse: OpenBatchSessionResponse, parts: BatchPartStreamSendingInfo[]): Promise<void>;
     closeSession(batchRef: string): Promise<void>;
 }
@@ -1902,6 +2103,12 @@ interface BatchFileBuildResult {
     /** Encrypted parts ready for upload, indexed 0..N-1. */
     encryptedParts: Uint8Array[];
 }
+interface BatchStreamBuildResult {
+    /** Metadata for OpenBatchSessionRequest.batchFile. */
+    batchFile: BatchFileInfo;
+    /** Stream-based encrypted parts ready for upload. */
+    streamParts: BatchPartStreamSendingInfo[];
+}
 /**
  * Splits a ZIP file into parts, encrypts each part, and computes
  * all SHA-256 hashes required by the KSeF batch API.
@@ -1915,6 +2122,19 @@ declare class BatchFileBuilder {
      * @param options - Optional configuration
      */
     static build(zipBytes: Uint8Array, encryptFn: (part: Uint8Array) => Uint8Array, options?: BatchFileBuildOptions): BatchFileBuildResult;
+    /**
+     * Stream-based variant: two-pass build from a stream factory.
+     *
+     * Pass 1: consume stream to compute ZIP hash.
+     * Pass 2: re-create stream, split into parts, encrypt each, compute per-part metadata.
+     *
+     * @param zipStreamFactory - Factory that creates a fresh ReadableStream of the ZIP data
+     * @param zipSize - Total ZIP byte size (from fs.stat or known in advance)
+     * @param encryptStreamFn - Stream-to-stream AES-256-CBC encryption function
+     * @param hashStreamFn - Stream-to-FileMetadata hashing function
+     * @param options - Optional configuration
+     */
+    static buildFromStream(zipStreamFactory: () => ReadableStream<Uint8Array>, zipSize: number, encryptStreamFn: (stream: ReadableStream<Uint8Array>) => ReadableStream<Uint8Array>, hashStreamFn: (stream: ReadableStream<Uint8Array>) => Promise<FileMetadata>, options?: BatchFileBuildOptions): Promise<BatchStreamBuildResult>;
 }
 declare class CertificateFetcher {
@@ -1945,6 +2165,11 @@ declare class CryptographyService {
     init(): Promise<void>;
     /** Encrypt with AES-256-CBC (PKCS7 padding is automatic in Node). */
     encryptAES256(content: Uint8Array, key: Uint8Array, iv: Uint8Array): Uint8Array;
+    /**
+     * Encrypt with AES-256-CBC as a streaming transform.
+     * Returns a ReadableStream that yields encrypted chunks as the input is read.
+     */
+    encryptAES256Stream(input: ReadableStream<Uint8Array>, key: Uint8Array, iv: Uint8Array): ReadableStream<Uint8Array>;
     /** Decrypt with AES-256-CBC. */
     decryptAES256(content: Uint8Array, key: Uint8Array, iv: Uint8Array): Uint8Array;
     /**
@@ -1968,6 +2193,8 @@ declare class CryptographyService {
     encryptKsefToken(token: string, challengeTimestamp: string): Uint8Array;
     /** Compute SHA-256 hash (base64) and byte length. */
     getFileMetadata(file: Uint8Array): FileMetadata;
+    /** Compute SHA-256 hash (base64) and byte length from a ReadableStream. */
+    getFileMetadataFromStream(stream: ReadableStream<Uint8Array>): Promise<FileMetadata>;
     /** Generate an RSA-2048 CSR (PKCS#10, DER) and return it together with the private key PEM. */
     generateCsrRsa(fields: X500NameFields): Promise<CsrResult>;
     /** Generate an ECDSA P-256 CSR (PKCS#10, DER) and return it together with the private key PEM. */
@@ -2005,9 +2232,10 @@ declare class SignatureService {
      * @param xml          - The XML document to sign (string).
      * @param certPem      - The signing certificate in PEM format.
      * @param privateKeyPem - The private key in PEM format.
+     * @param passphrase   - Optional passphrase for encrypted PEM private keys.
      * @returns The signed XML document as a string.
      */
-    static sign(xml: string, certPem: string, privateKeyPem: string): string;
+    static sign(xml: string, certPem: string, privateKeyPem: string, passphrase?: string): string;
 }
 declare class CertificateService {
@@ -2024,6 +2252,20 @@ declare class Pkcs12Loader {
     static load(p12: Buffer | Uint8Array, password: string): Pkcs12Result;
 }
+interface AuthTokenRequestXmlOptions {
+    challenge: string;
+    contextIdentifier: ContextIdentifier;
+    subjectIdentifierType?: XadesSubjectIdentifierType;
+}
+/**
+ * Build an unsigned KSeF auth token request XML document.
+ *
+ * Supports all four context identifier types: Nip, InternalId, NipVatUe, PeppolId.
+ * The returned XML is ready for external signing (e.g. HSM, EPUAP, smart cards)
+ * or can be signed internally via {@link SignatureService.sign}.
+ */
+declare function buildUnsignedAuthTokenRequestXml(options: AuthTokenRequestXmlOptions): string;
 declare class VerificationLinkService {
     private readonly baseQrUrl;
     constructor(baseQrUrl: string);
@@ -2048,6 +2290,89 @@ declare class QrCodeService {
     static generateResult(url: string, options?: QrCodeOptions): Promise<QrCodeResult>;
 }
+interface ZipEntryInput {
+    fileName: string;
+    content: Buffer | Uint8Array;
+}
+interface UnzipOptions {
+    maxFiles?: number;
+    maxTotalUncompressedSize?: number;
+    maxFileUncompressedSize?: number;
+    maxCompressionRatio?: number | null;
+}
+declare function createZip(entries: ZipEntryInput[]): Promise<Buffer>;
+declare function unzip(buffer: Buffer, options?: UnzipOptions): Promise<Map<string, Buffer>>;
+interface KSeFTokenContext {
+    type?: string;
+    contextIdentifierType?: string;
+    contextIdentifierValue?: string;
+    authMethod?: string;
+    permissions?: string[];
+    subjectDetails?: Record<string, unknown>;
+    authorSubjectIdentifier?: Record<string, unknown>;
+    issuedAt?: number;
+    expiresAt?: number;
+}
+/**
+ * Decodes the payload of a JWT token without verifying its signature.
+ * Intended for display purposes only (e.g., the `whoami` command).
+ */
+declare function decodeJwtPayload(token: string): Record<string, unknown> | null;
+declare function parseKSeFTokenContext(token: string): KSeFTokenContext | null;
+type UpoContextId = {
+    kind: 'Nip';
+    nip: string;
+} | {
+    kind: 'IdWewnetrzny';
+    idWewnetrzny: string;
+} | {
+    kind: 'IdZlozonyVatUE';
+    idZlozonyVatUE: string;
+} | {
+    kind: 'IdDostawcyUslugPeppol';
+    idDostawcyUslugPeppol: string;
+};
+type UpoAuthProof = {
+    kind: 'NumerReferencyjnyTokenaKSeF';
+    numerReferencyjnyTokenaKSeF: string;
+} | {
+    kind: 'SkrotDokumentuUwierzytelniajacego';
+    skrotDokumentuUwierzytelniajacego: string;
+};
+interface UpoUwierzytelnienie {
+    idKontekstu: UpoContextId;
+    proof: UpoAuthProof;
+}
+interface UpoOpisPotwierdzenia {
+    strona: number;
+    liczbaStron: number;
+    zakresDokumentowOd: number;
+    zakresDokumentowDo: number;
+    calkowitaLiczbaDokumentow: number;
+}
+interface UpoDokument {
+    nipSprzedawcy: string;
+    numerKSeFDokumentu: string;
+    numerFaktury: string;
+    dataWystawieniaFaktury: string;
+    dataPrzeslaniaDokumentu: string;
+    dataNadaniaNumeruKSeF: string;
+    skrotDokumentu: string;
+    trybWysylki: string;
+}
+interface UpoPotwierdzenie {
+    nazwaPodmiotuPrzyjmujacego: string;
+    numerReferencyjnySesji: string;
+    uwierzytelnienie: UpoUwierzytelnienie;
+    opisPotwierdzenia?: UpoOpisPotwierdzenia;
+    nazwaStrukturyLogicznej: string;
+    kodFormularza: string;
+    dokumenty: UpoDokument[];
+}
+declare function parseUpoXml(xml: string | Buffer): UpoPotwierdzenie;
 interface PollOptions {
     intervalMs?: number;
     maxAttempts?: number;
@@ -2059,6 +2384,7 @@ interface OnlineSessionHandle {
     sendInvoice(invoiceXml: string | Uint8Array): Promise<string>;
     close(): Promise<void>;
     waitForUpo(options?: PollOptions): Promise<UpoInfo>;
+    waitForUpoParsed(options?: PollOptions): Promise<ParsedUpoInfo>;
 }
 interface UpoInfo {
     pages: Array<{
@@ -2069,10 +2395,17 @@ interface UpoInfo {
     successfulInvoiceCount?: number;
     failedInvoiceCount?: number;
 }
+interface ParsedUpoInfo extends UpoInfo {
+    parsed: UpoPotwierdzenie[];
+}
 interface BatchUploadResult {
     sessionRef: string;
     upo: UpoInfo;
 }
+interface ParsedBatchUploadResult {
+    sessionRef: string;
+    upo: ParsedUpoInfo;
+}
 interface ExportResult {
     parts: Array<{
         ordinalNumber: number;
@@ -2086,10 +2419,14 @@ interface ExportResult {
     invoiceCount: number;
     isTruncated: boolean;
     permanentStorageHwmDate?: string;
+    lastPermanentStorageDate?: string;
 }
 interface ExportDownloadResult extends ExportResult {
     decryptedParts: Uint8Array[];
 }
+interface ExportExtractedResult extends ExportResult {
+    files: Map<string, Buffer>;
+}
 declare function pollUntil<T>(action: () => Promise<T>, condition: (result: T) => boolean, options?: PollOptions & {
     description?: string;
@@ -2115,7 +2452,7 @@ declare class KSeFClient {
     readonly authManager: AuthManager;
     constructor(options?: KSeFClientOptions);
     loginWithToken(token: string, nip: string): Promise<void>;
-    loginWithCertificate(certPem: string, keyPem: string, nip: string): Promise<void>;
+    loginWithCertificate(certPem: string, keyPem: string, nip: string, keyPassword?: string): Promise<void>;
     loginWithPkcs12(p12: Buffer | Uint8Array, password: string, nip: string): Promise<void>;
     private awaitAuthReady;
     logout(): Promise<void>;
@@ -2124,6 +2461,8 @@ declare class KSeFClient {
 interface OpenOnlineSessionOptions {
     formCode?: FormCode;
     upoVersion?: UpoVersion | string;
+    /** Validate invoices against XSD schema before sending. Default: false. */
+    validate?: boolean;
 }
 interface SendAndCloseOptions extends OpenOnlineSessionOptions {
     pollOptions?: PollOptions;
@@ -2142,6 +2481,10 @@ interface BatchUploadOptions {
 }
 declare function uploadBatch(client: KSeFClient, zipData: Uint8Array, options?: BatchUploadOptions): Promise<BatchUploadResult>;
+declare function uploadBatchStream(client: KSeFClient, zipStreamFactory: () => ReadableStream<Uint8Array>, zipSize: number, options?: BatchUploadOptions): Promise<BatchUploadResult>;
+declare function uploadBatchStreamParsed(client: KSeFClient, zipStreamFactory: () => ReadableStream<Uint8Array>, zipSize: number, options?: BatchUploadOptions): Promise<ParsedBatchUploadResult>;
+declare function uploadBatchParsed(client: KSeFClient, zipData: Uint8Array, options?: BatchUploadOptions): Promise<ParsedBatchUploadResult>;
 interface ExportOptions {
     onlyMetadata?: boolean;
     pollOptions?: PollOptions;
@@ -2149,10 +2492,63 @@ interface ExportOptions {
 interface ExportAndDownloadOptions extends ExportOptions {
     /** Custom fetch function for downloading parts (defaults to global fetch). */
     transport?: typeof fetch;
+    /** When true, concatenate and extract the ZIP, returning named files. */
+    extract?: boolean;
+    /** Options for ZIP extraction safety limits (only used when extract is true). */
+    unzipOptions?: UnzipOptions;
 }
 declare function exportInvoices(client: KSeFClient, filters: InvoiceQueryFilters, options?: ExportOptions): Promise<ExportResult>;
+declare function exportAndDownload(client: KSeFClient, filters: InvoiceQueryFilters, options: ExportAndDownloadOptions & {
+    extract: true;
+}): Promise<ExportExtractedResult>;
 declare function exportAndDownload(client: KSeFClient, filters: InvoiceQueryFilters, options?: ExportAndDownloadOptions): Promise<ExportDownloadResult>;
+type ContinuationPoints = Record<string, string | undefined>;
+declare function updateContinuationPoint(points: ContinuationPoints, subjectType: string, pkg: Pick<InvoiceExportPackage, 'isTruncated' | 'lastPermanentStorageDate' | 'permanentStorageHwmDate'>): void;
+declare function getEffectiveStartDate(points: ContinuationPoints, subjectType: string, windowFrom: string): string;
+declare function deduplicateByKsefNumber<T extends {
+    ksefNumber: string;
+}>(entries: T[]): T[];
+interface HwmStore {
+    load(): Promise<ContinuationPoints>;
+    save(points: ContinuationPoints): Promise<void>;
+}
+declare class InMemoryHwmStore implements HwmStore {
+    private points;
+    load(): Promise<ContinuationPoints>;
+    save(points: ContinuationPoints): Promise<void>;
+}
+declare class FileHwmStore implements HwmStore {
+    private readonly filePath;
+    constructor(filePath: string);
+    load(): Promise<ContinuationPoints>;
+    save(points: ContinuationPoints): Promise<void>;
+}
+interface IncrementalExportOptions {
+    subjectType: InvoiceSubjectType;
+    windowFrom: string;
+    windowTo: string;
+    continuationPoints: ContinuationPoints;
+    maxIterations?: number;
+    filtersFactory?: (from: string, to: string) => InvoiceQueryFilters;
+    pollOptions?: PollOptions;
+    onlyMetadata?: boolean;
+    transport?: typeof fetch;
+    store?: HwmStore;
+    onIterationComplete?: (iteration: number, result: ExportResult) => void;
+}
+interface IncrementalExportResult {
+    referenceNumbers: string[];
+    /** Deduplicated invoice metadata. Empty until P3.2 (UPO Parsing) integrates metadata extraction. */
+    invoices: InvoiceMetadata[];
+    decryptedParts: Uint8Array[];
+    continuationPoints: ContinuationPoints;
+    iterationCount: number;
+}
+declare function incrementalExportAndDownload(client: KSeFClient, options: IncrementalExportOptions): Promise<IncrementalExportResult>;
 interface AuthResult {
     accessToken: string;
     accessTokenValidUntil: string;
@@ -2169,6 +2565,7 @@ interface CertificateAuthOptions {
     nip: string;
     certPem: string;
     keyPem: string;
+    keyPassword?: string;
     verifyCertificateChain?: boolean;
     enforceXadesCompliance?: boolean;
     pollOptions?: PollOptions;
@@ -2183,6 +2580,14 @@ interface Pkcs12AuthOptions {
 }
 declare function authenticateWithToken(client: KSeFClient, options: TokenAuthOptions): Promise<AuthResult>;
 declare function authenticateWithCertificate(client: KSeFClient, options: CertificateAuthOptions): Promise<AuthResult>;
+interface ExternalSignatureAuthOptions {
+    contextIdentifier: ContextIdentifier;
+    signXml: (unsignedXml: string) => Promise<string> | string;
+    verifyCertificateChain?: boolean;
+    enforceXadesCompliance?: boolean;
+    pollOptions?: PollOptions;
+}
+declare function authenticateWithExternalSignature(client: KSeFClient, options: ExternalSignatureAuthOptions): Promise<AuthResult>;
 declare function authenticateWithPkcs12(client: KSeFClient, options: Pkcs12AuthOptions): Promise<AuthResult>;
-export { ActiveSessionsService, type AllowedIps, type AmountType, type ApiErrorResponse, type ApiRateLimitValuesOverride, type ApiRateLimitsOverride, type AttachmentPermissionGrantRequest, type AttachmentPermissionRevokeRequest, type AuthChallengeResponse, type AuthKsefTokenRequest, AuthKsefTokenRequestBuilder, type AuthManager, type AuthResult, AuthService, type AuthSessionInfo, type AuthTokenRequest, AuthTokenRequestBuilder, type AuthenticationInitResponse, type AuthenticationKsefToken, type AuthenticationListResponse, type AuthenticationMethod, type AuthenticationMethodInfo, type AuthenticationMethodInfoCategory, type AuthenticationOperationStatusResponse, type AuthenticationTokenRefreshResponse, type AuthenticationTokensResponse, type AuthorizationGrant, AuthorizationPermissionGrantBuilder, type AuthorizationPolicy, BATCH_MAX_PARTS, BATCH_MAX_PART_SIZE, BATCH_MAX_TOTAL_SIZE, Base64String, type BatchFileBuildOptions, type BatchFileBuildResult, BatchFileBuilder, type BatchFileInfo, type BatchFilePartInfo, type BatchPartSendingInfo, type BatchSessionContextLimitsOverride, type BatchSessionEffectiveContextLimits, BatchSessionService, type BatchUploadOptions, type BatchUploadResult, type BlockContextAuthenticationRequest, type BuyerIdentifierType, CERTIFICATE_NAME_MAX_LENGTH, CERTIFICATE_NAME_MIN_LENGTH, CertificateApiService, type CertificateAuthOptions, type CertificateEffectiveSubjectLimits, type CertificateEnrollmentDataResponse, type CertificateEnrollmentStatusResponse, CertificateFetcher, CertificateFingerprint, type CertificateLimit, type CertificateLimitsResponse, type CertificateListItem, CertificateName, type CertificateRevocationReason, CertificateService, type CertificateStatus, type CertificateSubjectIdentifier, type CertificateSubjectIdentifierType, type CertificateSubjectLimitsOverride, type CertificateType, type ContextIdentifier, type ContextIdentifierType, type CryptoEncryptionMethod, CryptographyService, type CsrResult, DefaultAuthManager, ENFORCE_XADES_COMPLIANCE, type EffectiveApiRateLimitValues, type EffectiveApiRateLimits, type EffectiveContextLimits, type EffectiveSubjectLimits, type EncryptionData, type EncryptionInfo, type EnrollCertificateRequest, type EnrollCertificateResponse, type EnrollmentEffectiveSubjectLimits, type EnrollmentSubjectLimitsOverride, type EntityAuthorizationGrant, type EntityAuthorizationPermissionType, type EntityAuthorizationPermissionsSubjectIdentifierType, type EntityAuthorizationSubjectIdentifier, type EntityAuthorizationsAuthorIdentifier, type EntityAuthorizationsAuthorIdentifierType, type EntityAuthorizationsAuthorizedEntityIdentifier, type EntityAuthorizationsAuthorizedEntityIdentifierType, type EntityAuthorizationsAuthorizingEntityIdentifier, type EntityAuthorizationsAuthorizingEntityIdentifierType, type EntityAuthorizationsQueryType, type EntityByFingerprintDetails, type EntityDetails, type EntityPermission, EntityPermissionGrantBuilder, type EntityPermissionItem, type EntityPermissionItemType, type EntityPermissionsContextIdentifier, type EntityPermissionsContextIdentifierType, type EntityRole, type EntityRoleType, type EntityRolesParentEntityIdentifier, type EntityRolesParentEntityIdentifierType, type EntitySubjectByFingerprintDetailsType, type EntitySubjectByIdentifierDetailsType, type EntitySubjectDetailsType, type EntitySubjectIdentifier, Environment, type EnvironmentConfig, type EnvironmentName, type EuEntityAdministrationContextIdentifier, type EuEntityAdministrationPermissionsContextIdentifierType, type EuEntityAdministrationPermissionsSubjectIdentifierType, type EuEntityAdministrationSubjectIdentifier, type EuEntityDetails, type EuEntityPermission, type EuEntityPermissionSubjectDetails, type EuEntityPermissionSubjectDetailsType, type EuEntityPermissionType, type EuEntityPermissionsAuthorIdentifier, type EuEntityPermissionsAuthorIdentifierType, type EuEntityPermissionsQueryPermissionType, type EuEntityPermissionsSubjectIdentifier, type EuEntityPermissionsSubjectIdentifierType, type ExceptionDetails, type ExportAndDownloadOptions, type ExportDownloadResult, type ExportOptions, type ExportResult, type FileMetadata, type ForbiddenProblemDetails, type ForbiddenReasonCode, type FormCode, type FormType, type GrantPermissionsAuthorizationRequest, type GrantPermissionsEntityRequest, type GrantPermissionsEuEntityAdminRequest, type GrantPermissionsEuEntityRepresentativeRequest, type GrantPermissionsEuEntityRequest, type GrantPermissionsIndirectRequest, type GrantPermissionsPersonRequest, type GrantPermissionsSubunitRequest, type HttpMethod, type IdDocument, type IndirectPermissionType, type IndirectPermissionsSubjectIdentifier, type IndirectPermissionsSubjectIdentifierType, type IndirectPermissionsTargetIdentifier, type IndirectPermissionsTargetIdentifierType, InternalId, InvoiceDownloadService, type InvoiceExportPackage, type InvoiceExportPackagePart, type InvoiceExportRequest, type InvoiceExportStatusResponse, type InvoiceMetadata, type InvoiceMetadataAuthorizedSubject, type InvoiceMetadataBuyer, type InvoiceMetadataBuyerIdentifier, type InvoiceMetadataSeller, type InvoiceMetadataThirdSubject, type InvoiceMetadataThirdSubjectIdentifier, type InvoicePermissionType, type InvoiceQueryAmount, type InvoiceQueryBuyerIdentifier, type InvoiceQueryDateRange, type InvoiceQueryDateType, InvoiceQueryFilterBuilder, type InvoiceQueryFilters, type InvoiceStatusInfo, type InvoiceSubjectType, type InvoiceType, type InvoicingMode, Ip4Address, Ip4Mask, Ip4Range, KSEF_FEATURE_HEADER, KSeFApiError, KSeFAuthStatusError, KSeFClient, type KSeFClientOptions, KSeFError, KSeFForbiddenError, KSeFRateLimitError, KSeFSessionExpiredError, KSeFUnauthorizedError, KSeFValidationError, type KsefMessagesResponse, KsefNumber, KsefNumberV35, KsefNumberV36, type KsefStatusResponse, type KsefSystemStatus, type KsefTokenPermissionType, type KsefTokenRequest, type KsefTokenResponse, type KsefTokenStatus, type LighthouseMessage, LighthouseService, LimitsService, Nip, NipVatUe, type OnlineSessionContextLimitsOverride, type OnlineSessionEffectiveContextLimits, type OnlineSessionHandle, OnlineSessionService, type OpenBatchSessionRequest, type OpenBatchSessionResponse, type OpenOnlineSessionOptions, type OpenOnlineSessionRequest, type OpenOnlineSessionResponse, type OperationResponse, type OperationStatusInfo, PERMISSION_DESCRIPTION_MAX_LENGTH, PERMISSION_DESCRIPTION_MIN_LENGTH, type PagedAuthorizationsResponse, type PagedPermissionsResponse, type PagedRolesResponse, type PartUploadRequest, PeppolId, type PeppolProvider, PeppolService, type PermissionState, type PermissionSubjectIdentifierType, type PermissionWithDelegate, type PermissionsAttachmentAllowedResponse, type PermissionsEuEntityDetails, type PermissionsOperationStatusResponse, PermissionsService, type PermissionsSubjectEntityByFingerprintDetails, type PermissionsSubjectEntityByIdentifierDetails, type PermissionsSubjectEntityDetails, type PermissionsSubjectPersonByFingerprintDetails, type PermissionsSubjectPersonDetails, type PersonByFingerprintWithIdentifierDetails, type PersonByFingerprintWithoutIdentifierDetails, type PersonByIdentifierDetails, type PersonCreateRequest, type PersonIdentifier, type PersonIdentifierType, type PersonPermission, PersonPermissionGrantBuilder, type PersonPermissionSubjectDetails, type PersonPermissionType, type PersonPermissionsAuthorIdentifier, type PersonPermissionsAuthorIdentifierType, type PersonPermissionsAuthorizedIdentifier, type PersonPermissionsAuthorizedIdentifierType, type PersonPermissionsContextIdentifier, type PersonPermissionsContextIdentifierType, type PersonPermissionsQueryType, type PersonPermissionsTargetIdentifier, type PersonPermissionsTargetIdentifierType, type PersonRemoveRequest, type PersonSubjectByFingerprintDetailsType, type PersonSubjectDetailsType, type PersonSubjectIdentifier, type PersonalPermission, type PersonalPermissionScopeType, type PersonalPermissionsAuthorizedIdentifier, type PersonalPermissionsAuthorizedIdentifierType, type PersonalPermissionsContextIdentifier, type PersonalPermissionsContextIdentifierType, type PersonalPermissionsTargetIdentifier, type PersonalPermissionsTargetIdentifierType, Pesel, type Pkcs12AuthOptions, Pkcs12Loader, type Pkcs12Result, type PollOptions, type PresignedUrlPolicy, type PublicKeyCertificate, type PublicKeyCertificateUsage, type QRCodeContextIdentifierType, type QrCodeOptions, type QrCodeResult, QrCodeService, type QueryAuthorizationsGrantsRequest, type QueryCertificatesRequest, type QueryCertificatesResponse, type QueryEntitiesGrantsRequest, type QueryEntitiesRolesRequest, type QueryEuEntitiesGrantsRequest, type QueryInvoicesMetadataResponse, type QueryKsefTokensOptions, type QueryKsefTokensResponse, type QueryPeppolProvidersResponse, type QueryPersonalGrantsRequest, type QueryPersonsGrantsRequest, type QuerySubordinateEntitiesRolesRequest, type QuerySubunitsGrantsRequest, type QueryTokensResponseItem, REQUIRED_CHALLENGE_LENGTH, type RateLimitConfig, RateLimitPolicy, ReferenceNumber, type ResolvedOptions, RestClient, RestRequest, type RestResponse, type RetrieveCertificatesListItem, type RetrieveCertificatesRequest, type RetrieveCertificatesResponse, type RetryPolicy, type RevokeCertificateRequest, RouteBuilder, Routes, SUBUNIT_NAME_MAX_LENGTH, SUBUNIT_NAME_MIN_LENGTH, type SelfSignedCertificateResult, type SendAndCloseOptions, type SendInvoiceRequest, type SendInvoiceResponse, type SessionInvoiceStatusResponse, type SessionInvoicesResponse, type SessionStatus, type SessionStatusResponse, SessionStatusService, type SessionType, type SessionsFilter, type SessionsQueryResponse, type SessionsQueryResponseItem, type SetRateLimitsRequest, type SetSessionLimitsRequest, type SetSubjectLimitsRequest, Sha256Base64, SignatureService, type SortOrder, type StatusInfo, type SubjectCreateRequest, type SubjectRemoveRequest, type SubjectType, type SubordinateEntityRole, type SubordinateEntityRoleType, type SubordinateRoleSubordinateEntityIdentifier, type SubordinateRoleSubordinateEntityIdentifierType, type Subunit, type SubunitPermission, type SubunitPermissionScope, type SubunitPermissionsAuthorIdentifier, type SubunitPermissionsAuthorIdentifierType, type SubunitPermissionsAuthorizedIdentifier, type SubunitPermissionsContextIdentifier, type SubunitPermissionsContextIdentifierType, type SubunitPermissionsSubjectIdentifier, type SubunitPermissionsSubjectIdentifierType, type SubunitPermissionsSubunitIdentifier, type SubunitPermissionsSubunitIdentifierType, type TestDataAuthenticationContextIdentifier, type TestDataAuthenticationContextIdentifierType, type TestDataAuthorizedIdentifier, type TestDataAuthorizedIdentifierType, type TestDataContextIdentifier, type TestDataContextIdentifierType, type TestDataPermission, type TestDataPermissionType, type TestDataPermissionsGrantRequest, type TestDataPermissionsRevokeRequest, TestDataService, type ThirdSubjectIdentifierType, type TokenAuthOptions, type TokenAuthorIdentifier, type TokenAuthorIdentifierType, type TokenContextIdentifier, type TokenContextIdentifierType, type TokenInfo, TokenService, type TokenStatusResponse, type TransportFn, type UnauthorizedProblemDetails, type UnblockContextAuthenticationRequest, type UpoInfo, type UpoPage, type UpoResponse, type UpoResult, UpoVersion, UpoVersion as UpoVersionType, type ValidationDetail, VatUe, VerificationLinkService, type X500NameFields, type XadesSubjectIdentifierType, authenticateWithCertificate, authenticateWithPkcs12, authenticateWithToken, calculateBackoff, defaultPresignedUrlPolicy, defaultRateLimitPolicy, defaultRetryPolicy, defaultTransport, exportAndDownload, exportInvoices, isRetryableError, isRetryableStatus, isValidBase64, isValidCertificateFingerprint, isValidCertificateName, isValidInternalId, isValidIp4Address, isValidKsefNumber, isValidKsefNumberV35, isValidKsefNumberV36, isValidNip, isValidNipVatUe, isValidPeppolId, isValidPesel, isValidReferenceNumber, isValidSha256Base64, isValidVatUe, openOnlineSession, openSendAndClose, parseRetryAfter, pollUntil, resolveOptions, sleep, uploadBatch, validatePresignedUrl };
+export { ActiveSessionsService, type AllowedIps, type AmountType, type ApiErrorResponse, type ApiRateLimitValuesOverride, type ApiRateLimitsOverride, type AttachmentPermissionGrantRequest, type AttachmentPermissionRevokeRequest, type AuthChallengeResponse, type AuthKsefTokenRequest, AuthKsefTokenRequestBuilder, type AuthManager, type AuthResult, AuthService, type AuthSessionInfo, type AuthTokenRequest, AuthTokenRequestBuilder, type AuthTokenRequestXmlOptions, type AuthenticationInitResponse, type AuthenticationKsefToken, type AuthenticationListResponse, type AuthenticationMethod, type AuthenticationMethodInfo, type AuthenticationMethodInfoCategory, type AuthenticationOperationStatusResponse, type AuthenticationTokenRefreshResponse, type AuthenticationTokensResponse, type AuthorizationGrant, AuthorizationPermissionGrantBuilder, type AuthorizationPolicy, BATCH_MAX_PARTS, BATCH_MAX_PART_SIZE, BATCH_MAX_TOTAL_SIZE, Base64String, type BatchFileBuildOptions, type BatchFileBuildResult, BatchFileBuilder, type BatchFileInfo, type BatchFilePartInfo, type BatchPartSendingInfo, type BatchPartStreamSendingInfo, type BatchSessionContextLimitsOverride, type BatchSessionEffectiveContextLimits, type BatchSessionFormCode, BatchSessionService, type BatchStreamBuildResult, type BatchUploadOptions, type BatchUploadResult, type BlockContextAuthenticationRequest, type BuyerIdentifierType, CERTIFICATE_NAME_MAX_LENGTH, CERTIFICATE_NAME_MIN_LENGTH, CertificateApiService, type CertificateAuthOptions, type CertificateEffectiveSubjectLimits, type CertificateEnrollmentDataResponse, type CertificateEnrollmentStatusResponse, CertificateFetcher, CertificateFingerprint, type CertificateLimit, type CertificateLimitsResponse, type CertificateListItem, CertificateName, type CertificateRevocationReason, CertificateService, type CertificateStatus, type CertificateSubjectIdentifier, type CertificateSubjectIdentifierType, type CertificateSubjectLimitsOverride, type CertificateType, type ContextIdentifier, type ContextIdentifierType, type ContinuationPoints, type CryptoEncryptionMethod, CryptographyService, type CsrResult, DEFAULT_FORM_CODE, DefaultAuthManager, ENFORCE_XADES_COMPLIANCE, type EffectiveApiRateLimitValues, type EffectiveApiRateLimits, type EffectiveContextLimits, type EffectiveSubjectLimits, type EncryptionData, type EncryptionInfo, type EnrollCertificateRequest, type EnrollCertificateResponse, type EnrollmentEffectiveSubjectLimits, type EnrollmentSubjectLimitsOverride, type EntityAuthorizationGrant, type EntityAuthorizationPermissionType, type EntityAuthorizationPermissionsSubjectIdentifierType, type EntityAuthorizationSubjectIdentifier, type EntityAuthorizationsAuthorIdentifier, type EntityAuthorizationsAuthorIdentifierType, type EntityAuthorizationsAuthorizedEntityIdentifier, type EntityAuthorizationsAuthorizedEntityIdentifierType, type EntityAuthorizationsAuthorizingEntityIdentifier, type EntityAuthorizationsAuthorizingEntityIdentifierType, type EntityAuthorizationsQueryType, type EntityByFingerprintDetails, type EntityDetails, type EntityPermission, EntityPermissionGrantBuilder, type EntityPermissionItem, type EntityPermissionItemType, type EntityPermissionsContextIdentifier, type EntityPermissionsContextIdentifierType, type EntityRole, type EntityRoleType, type EntityRolesParentEntityIdentifier, type EntityRolesParentEntityIdentifierType, type EntitySubjectByFingerprintDetailsType, type EntitySubjectByIdentifierDetailsType, type EntitySubjectDetailsType, type EntitySubjectIdentifier, Environment, type EnvironmentConfig, type EnvironmentName, type EuEntityAdministrationContextIdentifier, type EuEntityAdministrationPermissionsContextIdentifierType, type EuEntityAdministrationPermissionsSubjectIdentifierType, type EuEntityAdministrationSubjectIdentifier, type EuEntityDetails, type EuEntityPermission, type EuEntityPermissionSubjectDetails, type EuEntityPermissionSubjectDetailsType, type EuEntityPermissionType, type EuEntityPermissionsAuthorIdentifier, type EuEntityPermissionsAuthorIdentifierType, type EuEntityPermissionsQueryPermissionType, type EuEntityPermissionsSubjectIdentifier, type EuEntityPermissionsSubjectIdentifierType, type ExceptionDetails, type ExportAndDownloadOptions, type ExportDownloadResult, type ExportExtractedResult, type ExportOptions, type ExportResult, type ExternalSignatureAuthOptions, FORM_CODES, FORM_CODE_KEYS, FileHwmStore, type FileMetadata, type ForbiddenProblemDetails, type ForbiddenReasonCode, type FormCode, type FormType, type GrantPermissionsAuthorizationRequest, type GrantPermissionsEntityRequest, type GrantPermissionsEuEntityAdminRequest, type GrantPermissionsEuEntityRepresentativeRequest, type GrantPermissionsEuEntityRequest, type GrantPermissionsIndirectRequest, type GrantPermissionsPersonRequest, type GrantPermissionsSubunitRequest, type HttpMethod, type HwmStore, INVOICE_TYPES_BY_SYSTEM_CODE, type IdDocument, InMemoryHwmStore, type IncrementalExportOptions, type IncrementalExportResult, type IndirectPermissionType, type IndirectPermissionsSubjectIdentifier, type IndirectPermissionsSubjectIdentifierType, type IndirectPermissionsTargetIdentifier, type IndirectPermissionsTargetIdentifierType, InternalId, InvoiceDownloadService, type InvoiceExportPackage, type InvoiceExportPackagePart, type InvoiceExportRequest, type InvoiceExportStatusResponse, type InvoiceMetadata, type InvoiceMetadataAuthorizedSubject, type InvoiceMetadataBuyer, type InvoiceMetadataBuyerIdentifier, type InvoiceMetadataSeller, type InvoiceMetadataThirdSubject, type InvoiceMetadataThirdSubjectIdentifier, type InvoicePermissionType, type InvoiceQueryAmount, type InvoiceQueryBuyerIdentifier, type InvoiceQueryDateRange, type InvoiceQueryDateType, InvoiceQueryFilterBuilder, type InvoiceQueryFilters, type InvoiceStatusInfo, type InvoiceSubjectType, type InvoiceType, type InvoiceValidationError, type InvoiceValidationErrorCode, type InvoiceValidationResult, type InvoicingMode, Ip4Address, Ip4Mask, Ip4Range, KSEF_FEATURE_HEADER, KSeFApiError, KSeFAuthStatusError, KSeFClient, type KSeFClientOptions, KSeFError, KSeFForbiddenError, KSeFRateLimitError, KSeFSessionExpiredError, type KSeFTokenContext, KSeFUnauthorizedError, KSeFValidationError, type KsefMessagesResponse, KsefNumber, KsefNumberV35, KsefNumberV36, type KsefStatusResponse, type KsefSystemStatus, type KsefTokenPermissionType, type KsefTokenRequest, type KsefTokenResponse, type KsefTokenStatus, type LighthouseMessage, LighthouseService, LimitsService, Nip, NipVatUe, type OnlineSessionContextLimitsOverride, type OnlineSessionEffectiveContextLimits, type OnlineSessionFormCode, type OnlineSessionHandle, OnlineSessionService, type OpenBatchSessionRequest, type OpenBatchSessionResponse, type OpenOnlineSessionOptions, type OpenOnlineSessionRequest, type OpenOnlineSessionResponse, type OperationResponse, type OperationStatusInfo, PERMISSION_DESCRIPTION_MAX_LENGTH, PERMISSION_DESCRIPTION_MIN_LENGTH, type PagedAuthorizationsResponse, type PagedPermissionsResponse, type PagedRolesResponse, type ParsedBatchUploadResult, type ParsedUpoInfo, type PartUploadRequest, PeppolId, type PeppolProvider, PeppolService, type PermissionState, type PermissionSubjectIdentifierType, type PermissionWithDelegate, type PermissionsAttachmentAllowedResponse, type PermissionsEuEntityDetails, type PermissionsOperationStatusResponse, PermissionsService, type PermissionsSubjectEntityByFingerprintDetails, type PermissionsSubjectEntityByIdentifierDetails, type PermissionsSubjectEntityDetails, type PermissionsSubjectPersonByFingerprintDetails, type PermissionsSubjectPersonDetails, type PersonByFingerprintWithIdentifierDetails, type PersonByFingerprintWithoutIdentifierDetails, type PersonByIdentifierDetails, type PersonCreateRequest, type PersonIdentifier, type PersonIdentifierType, type PersonPermission, PersonPermissionGrantBuilder, type PersonPermissionSubjectDetails, type PersonPermissionType, type PersonPermissionsAuthorIdentifier, type PersonPermissionsAuthorIdentifierType, type PersonPermissionsAuthorizedIdentifier, type PersonPermissionsAuthorizedIdentifierType, type PersonPermissionsContextIdentifier, type PersonPermissionsContextIdentifierType, type PersonPermissionsQueryType, type PersonPermissionsTargetIdentifier, type PersonPermissionsTargetIdentifierType, type PersonRemoveRequest, type PersonSubjectByFingerprintDetailsType, type PersonSubjectDetailsType, type PersonSubjectIdentifier, type PersonalPermission, type PersonalPermissionScopeType, type PersonalPermissionsAuthorizedIdentifier, type PersonalPermissionsAuthorizedIdentifierType, type PersonalPermissionsContextIdentifier, type PersonalPermissionsContextIdentifierType, type PersonalPermissionsTargetIdentifier, type PersonalPermissionsTargetIdentifierType, Pesel, type Pkcs12AuthOptions, Pkcs12Loader, type Pkcs12Result, type PollOptions, type PresignedUrlPolicy, type PublicKeyCertificate, type PublicKeyCertificateUsage, type QRCodeContextIdentifierType, type QrCodeOptions, type QrCodeResult, QrCodeService, type QueryAuthorizationsGrantsRequest, type QueryCertificatesRequest, type QueryCertificatesResponse, type QueryEntitiesGrantsRequest, type QueryEntitiesRolesRequest, type QueryEuEntitiesGrantsRequest, type QueryInvoicesMetadataResponse, type QueryKsefTokensOptions, type QueryKsefTokensResponse, type QueryPeppolProvidersResponse, type QueryPersonalGrantsRequest, type QueryPersonsGrantsRequest, type QuerySubordinateEntitiesRolesRequest, type QuerySubunitsGrantsRequest, type QueryTokensResponseItem, REQUIRED_CHALLENGE_LENGTH, type RateLimitConfig, RateLimitPolicy, ReferenceNumber, type ResolvedOptions, RestClient, RestRequest, type RestResponse, type RetrieveCertificatesListItem, type RetrieveCertificatesRequest, type RetrieveCertificatesResponse, type RetryPolicy, type RevokeCertificateRequest, RouteBuilder, Routes, SUBUNIT_NAME_MAX_LENGTH, SUBUNIT_NAME_MIN_LENGTH, SchemaRegistry, type SelfSignedCertificateResult, type SendAndCloseOptions, type SendInvoiceRequest, type SendInvoiceResponse, type SessionInvoiceStatusResponse, type SessionInvoicesResponse, type SessionStatus, type SessionStatusResponse, SessionStatusService, type SessionType, type SessionsFilter, type SessionsQueryResponse, type SessionsQueryResponseItem, type SetRateLimitsRequest, type SetSessionLimitsRequest, type SetSubjectLimitsRequest, Sha256Base64, SignatureService, type SortOrder, type StatusInfo, type SubjectCreateRequest, type SubjectRemoveRequest, type SubjectType, type SubordinateEntityRole, type SubordinateEntityRoleType, type SubordinateRoleSubordinateEntityIdentifier, type SubordinateRoleSubordinateEntityIdentifierType, type Subunit, type SubunitPermission, type SubunitPermissionScope, type SubunitPermissionsAuthorIdentifier, type SubunitPermissionsAuthorIdentifierType, type SubunitPermissionsAuthorizedIdentifier, type SubunitPermissionsContextIdentifier, type SubunitPermissionsContextIdentifierType, type SubunitPermissionsSubjectIdentifier, type SubunitPermissionsSubjectIdentifierType, type SubunitPermissionsSubunitIdentifier, type SubunitPermissionsSubunitIdentifierType, SystemCode, type TestDataAuthenticationContextIdentifier, type TestDataAuthenticationContextIdentifierType, type TestDataAuthorizedIdentifier, type TestDataAuthorizedIdentifierType, type TestDataContextIdentifier, type TestDataContextIdentifierType, type TestDataPermission, type TestDataPermissionType, type TestDataPermissionsGrantRequest, type TestDataPermissionsRevokeRequest, TestDataService, type ThirdSubjectIdentifierType, type TokenAuthOptions, type TokenAuthorIdentifier, type TokenAuthorIdentifierType, type TokenContextIdentifier, type TokenContextIdentifierType, type TokenInfo, TokenService, type TokenStatusResponse, type TransportFn, type UnauthorizedProblemDetails, type UnblockContextAuthenticationRequest, type UnzipOptions, type UpoAuthProof, type UpoContextId, type UpoDokument, type UpoInfo, type UpoOpisPotwierdzenia, type UpoPage, type UpoPotwierdzenie, type UpoResponse, type UpoResult, type UpoUwierzytelnienie, UpoVersion, UpoVersion as UpoVersionType, type ValidateOptions, type ValidationDetail, VatUe, VerificationLinkService, type X500NameFields, type XadesSubjectIdentifierType, type XmlConversionResult, type ZipEntryInput, authenticateWithCertificate, authenticateWithExternalSignature, authenticateWithPkcs12, authenticateWithToken, buildUnsignedAuthTokenRequestXml, calculateBackoff, createZip, decodeJwtPayload, deduplicateByKsefNumber, defaultPresignedUrlPolicy, defaultRateLimitPolicy, defaultRetryPolicy, defaultTransport, exportAndDownload, exportInvoices, getEffectiveStartDate, getFormCode, incrementalExportAndDownload, isRetryableError, isRetryableStatus, isValidBase64, isValidCertificateFingerprint, isValidCertificateName, isValidInternalId, isValidIp4Address, isValidKsefNumber, isValidKsefNumberV35, isValidKsefNumberV36, isValidNip, isValidNipVatUe, isValidPeppolId, isValidPesel, isValidReferenceNumber, isValidSha256Base64, isValidVatUe, openOnlineSession, openSendAndClose, parseFormCode, parseKSeFTokenContext, parseRetryAfter, parseUpoXml, pollUntil, resolveOptions, sleep, unzip, updateContinuationPoint, uploadBatch, uploadBatchParsed, uploadBatchStream, uploadBatchStreamParsed, validate, validateBusinessRules, validateFormCodeForSession, validatePresignedUrl, validateSchema, validateWellFormedness, xmlToObject };