The signature algorithm ID. <p> [0;2] = HS256/384/512 | [3;5] = RS256/384/512 | [6;8] = PS256/384/512 | [9;11] = ES256/384/512 <p> This affects what should be the value of {@link #verification_key}
Small inconsistencies in time can happen, or also latency between clients and servers. That's just life. You can forgive a few seconds of expiration, but don't exaggerate this! <p> Only taken into consideration if {@link #validate_exp} is set to <code>1</code>.
The amount of seconds to subtract from the current time when comparing the "issued at" claim, to allow for a small tolerance time frame. Only taken into consideration if {@link #validate_iat} is set to <code>1</code>.
The token to decode and validate.
The jwt string length.
The amount of seconds to subtract from the current time when comparing the "not before" claim, to allow for a small tolerance time frame. Only taken into consideration if {@link #validate_nbf} is set to <code>1</code>.
OPTIONAL The audience claim (who is the JWT intended for? Who is the intended JWT's recipient?). <p> Set to <code>NULL</code> if you don't want to validate the audience. <p> The JWT will only pass verification if its <code>aud</code> matches this string. @see https://tools.ietf.org/html/rfc7519#section-4.1.3
validate_aud string length.
Should the expiration claim be verified? If this is set to <code>1</code>, the <code>exp</code> claim will be compared to the current date and time + {@link #exp_tolerance_seconds}
Should the "issued at" claim be verified? If this is set to <code>1</code>, the <code>iat</code> claim will be compared to the current date and time + {@link #iat_tolerance_seconds}
OPTIONAL The issuer claim (who issued the JWT?). <p> Set to <code>NULL</code> if you don't want to validate the issuer. <p> The JWT will only pass verification if its <code>iss</code> claim matches this string. @see https://tools.ietf.org/html/rfc7519#section-4.1.1
validate_iss string length.
OPTIONAL The JWT ID. Provides a unique identifier for the token. <p> Set to <code>NULL</code> if you don't want to validate the jti claim. <p> The JWT will only pass verification if its <code>jti</code> matches this string. @see https://tools.ietf.org/html/rfc7519#section-4.1.7
validate_jti claim length.
Should the "not before" claim be verified? If this is set to <code>1</code>, the <code>nbf</code> claim will be compared to the current date and time + {@link #nbf_tolerance_seconds}
OPTIONAL The subject claim (who is the JWT about?). <p> Set to <code>NULL</code> if you don't want to validate the subject claim. <p> The JWT will only pass verification if its <code>sub</code> matches this string. @see https://tools.ietf.org/html/rfc7519#section-4.1.2
validate_sub string length.
OPTIONAL The typ claim (what type is the token?). <p> Set to <code>NULL</code> if you don't want to validate the "typ" claim. <p>
validate_typ string length.
The key to use for verifying the token's signature (e.g. if you chose HS256 as algorithm, this will be the HMAC secret; for RS512 this will be the PEM-formatted public RSA key string, etc...).
Length of the {@link #verification_key}
Struct containing the parameters to use for decoding and validating a JWT.