It always base64 decode the header and checks "alg" value in it.
Payload is decoded only when payloadSink is provided, otherwise it's just skipped.
Sign part is base64 decoded and passed to the provided validator implementation to check.
JSON header and payload validation is out of scope of this function. It just checks the basic structure of JWT.
Note: Only compact encoded JWS format is supported.
booldecode(V validator, T token, HS headSink, PS payloadSink)
Decodes and validates the JWT token.
It always base64 decode the header and checks "alg" value in it. Payload is decoded only when payloadSink is provided, otherwise it's just skipped. Sign part is base64 decoded and passed to the provided validator implementation to check.
JSON header and payload validation is out of scope of this function. It just checks the basic structure of JWT. Note: Only compact encoded JWS format is supported.