нУЁh&  ▀>  wІЧ                   	  
                                               !  "  #  $  %  &  '  (  )  *  +  ,  -  .  /  0  1  2  3  4  5  6  7  8  9  :  ;  <  =  >  ?  @  A  B  C  D  E  F  G  H  I  J  K  L  M  N  O  P  Q  R  S  T  U  V  W  X  Y  Z  [  \  ]  ^  _  `  a  b  c  d  e  f  g  h  i  j  k  l  m  n  o  p  q  r  s  t  u  v  w  x  y  z  {  |  }  ~    ─  │  ┌  ┐  └  ┘  ├  ┤  ┬  ┴  ┼  ▀  ▄  █  ▌  ▐  ░  ▒  ▓  ⌠  ■  ∙  √  ≈  ≤  ≥     ⌡  °  ²  ·  ÷  ═  ║  ╒  ё  є  ╔  і  ї  ╗  ╘  ╙  ╚  ╛  ґ  ў  ╞  ╟  ╠  ╡  Ё  Є  ╣  І  Ї  ╦  ╧  ╨  ╩  ╪  Ґ  Ў  ©  ю  а  б  ц  д  е  ф  г  х  и  й  к  л  м  н  о  п  я  р  с  т  у  ж  в  ь  ы  з  ш  э  щ  ч  ъ  Ю  А  Б  Ц  Д  Е  Ф  Г  Х  И  Й  К  Л  М  Н  О  П  Я  Р  С  Т  У  Ж  В  Ь  Ы  З  Ш  Э  Щ  Ч  Ъ  ─  │  ┌  ┐  └  ┘  ├  ┤  ┬  ┴  ┼  ▀  ▄  █  ▌  ▐  ░  ▒  ▓  ⌠  ■  ∙  √  ≈  ≤  ≥     ⌡  °  ²  ·  ÷  ═  ║  ╒  ё  є  ╔  і  ї  ╗  ╘  ╙  ╚  ╛  ґ  ў  ╞  ╟  ╠  ╡  Ё  Є  ╣  І  Ї  ╦  ╧  ╨  ╩  ╪  Ґ  Ў  ©  ю  а  б  ц  д  е  ф  г  х  и  й  к  	л  	м  	н  	о  
п  
я  
р  
с  
т  
у  
ж  
в  
ь  
ы  
з  
ш  
э  
щ  
ч  
ъ  
Ю  
А  
Б  
Ц  
Д  
Е  
Ф  
Г  
Х  
И  
Й  
К  
Л  
М  
Н  
О  
П  
Я  
Р  
С  
Т  
У  
Ж  
В  
Ь  
Ы  
З  
Ш  
Э  
Щ  
Ч  
Ъ  
─  
│  
┌  
┐  
└  
┘  
├  
┤  
┬  
┴  
┼  
▀  
▄  █  ▌  ▐  ░  ▒  ▓  ⌠  ■  ∙  √  ≈  ≤  ≥     ⌡  °  ²  ·  ÷  ═  ║  ╒  ё  є  ╔  і  ї  ╗  ╘  ╙  ╚  ╛  ґ  ў  ╞  ╟  ╠  ╡  Ё  Є  ╣  І  Ї  ╦  ╧  ╨  ╩  ╪  Ґ  Ў  ©  ю  а  б  ц  д  е  ф  г  х  и  й  к  л  м  н  о  п  я  р  с  т  у  ж  в  ь  ы  з  ш  э  щ  ч  ъ  Ю  А  Б  Ц  Д  Е  Ф  Г  Х  И  Й  К  Л  М  Н  О  П  Я  Р  С  Т  У  Ж  В  Ь  Ы  З  Ш  Э  Щ  Ч  Ъ  ─  │  ┌  ┐  └  ┘  ├  ┤  ┬  ┴  ┼  ▀  ▄  █  ▌  ▐  ░  ▒  ▓  ⌠  ■  ∙  √  ≈  ≤  ≥     ⌡  °  ²  ·  ÷  ═  ║  ╒  ё  є  ╔  і  ї  ╗  ╘  ╙  ╚  ╛  ґ  ў  ╞  ╟  ╠  ╡  Ё  Є  ╣  І  Ї  ╦  ╧  ╨  ╩  ╪  Ґ  Ў  ©  ю  а  б  ц  д  е  ф  г  х  и  й  к  л  м  н  о  п  я  р  с  т  у  ж  в  ь  ы  з  ш  э  щ  ч  ъ  Ю  А  Б  Ц  Д  Е  Ф  Г  Х  И  Й  К  Л  М  Н  О  П  Я  Р  С  Т  У  Ж  В  Ь  Ы  З  Ш  Э  Щ           Safe-Inferredэ   % joseWrap a secret.И Input size must be a multiple of 8 bytes, and at least 16 bytes.
 Output size is input size plus 8 bytes. joseUnwrap a secret.Й Input size must be a multiple of 8 bytes, and at least 24 bytes.
 Output size is input size minus 8 bytes.Returns  ЧД  if inherent integrity check fails.  Otherwise,
 the chance that the key data is corrupt is 2 ^ -64.Ъ joseregister josestep (t) and offset (i)─ joseregister josestep (t) and offset (i)           Safe-Inferredа ц д е   H joseВ An error when decoding a JOSE compact object.
 JSON decoding errors that occur during compact object processing
 throw  . jose:Bad UTF-8 data in a compact object, at the specified index	 joseй The wrong number of parts were found when decoding a
 compact JOSE object.
 joseexpected vs actual parts jose+Get the expected or actual number of parts. jose+Get the expected or actual number of parts. joseAll the errors that can occur. jose(A requested algorithm is not implemented jose$A requested algorithm cannot be used joseWrong type of key was given joseKey size is too small jose,RSA private key with >2 primes not supported jose+RSA encryption, decryption or signing error jose&Various cryptonite library error cases jose.Wrong number of parts in compact serialisation joseJSON (Aeson) decoding error jose*No usable keys were found in the key store joseAnyValidated2 policy active, and no valid signature encountered joseAllValidated1 policy active, and invalid signature encountered  joseAllValidatedщ  policy active, and there were no signatures on object
   that matched the allowed algorithms8 joseRun the  & computation.  Result is an 
Either e a
 where e is the error type (typically   or  )9 joseGet the inner  │ value of the  & computation.
 Typically  86 would be preferred, unless you specifically
 need an  │ value. .	
 !"&'()*+,-./0123456789.89&' ()*+,-./01234567	
!"           Safe-Inferred"  ╛B jose7Data that can be converted to a compact representation.D jose6Data that can be parsed from a compact representation.F jose Decode a compact representation.G jose(Encode data to a compact representation. BCDEFGDEFBCG           Safe-Inferred   и┌ joseб Expression for an end guard.  Arg describes type it was expecting.┐ joseг Build a catch-all guard that fails.  String describes what is expected.└ joseц Derive a JOSE sum type with nullary data constructors, along
 with  ┘ and  ├
 instances└  jose
Type name. jose╡List of JSON string values.  The corresponding constructor
 is derived by upper-casing the first letter and converting
 non-alpha-numeric characters are converted to underscores.└            Safe-Inferred"  DH joseб RFC 7518 ї3.1.  "alg" (Algorithm) Header Parameters Values for JWS HVWUTSRQPONMLKJIHVWUTSRQPONMLKJI           Safe-Inferred"  P] joseа RFC 7518 ї4.1.  "alg" (Algorithm) Header Parameter Values for JWEП This section is shuffled off into its own module to avoid
 circular import via Crypto.JOSE.JWK, which needs Alg. ]nmlhgfed`_kjicba^]nmlhgfed`_kjicba^           Safe-Inferred"б   ┬	┤ jose.Insert the given key and value into the given Value, which
 is expected to be an Object.  If the value is not an Object,
 this is a no-op.┬ jose,Insert several key/value pairs to the given Value, which
 is expected to be an Object.  If the value is not an Object,
 this is a no-op.┴ joseа Produce a parser of base64 encoded text from a bytestring parser.┼ jose.Convert a bytestring to a base64 encoded JSON  ▀t jose(Prism for encoding / decoding base64url.To encode,  ▄
 base64url.
 To decode,  █
 base64url.+Works with any combinations of strict/lazy 
ByteString.▌ joseд Produce a parser of base64url encoded text from a bytestring parser.▐ jose1Convert a bytestring to a base64url encoded JSON  ▀░ joseл Convert an unsigned big endian octet sequence to the integer
 it represents.▒ joseс Convert an integer to its unsigned big endian representation as
 an octet sequence. ┤┬┴┼t▌▐░▒▓⌠            Safe-Inferred"  "L	u jose=A base64url encoded octet sequence interpreted as an integer.ъ The value is encoded in the minimum number of octets (no leading
 zeros) with the exception of 0 which is encoded as AA,.
 A leading zero when decoding is an error.y jose#A base64 encoded X.509 certificate.{ joseм A base64url encoded SHA-256 digest.  Used for X.509 certificate
 thumbprints.} joseк A base64url encoded SHA-1 digest.  Used for X.509 certificate
 thumbprints. joseЬ A base64url encoded octet sequence.  Used for payloads,
 signatures, symmetric keys, salts, initialisation vectors, etc.│ jose├A base64url encoded octet sequence interpreted as an integer
 and where the number of octets carries explicit bit-length
 information.■ jose(Parse an octet sequence into an integer.2This function deals with ugly special cases from
 -https://tools.ietf.org/html/rfc7518#section-2 , specificallyThe empty sequence is invalid9Leading null byte is invalid (unless it is the only byte)└ jose	Create a SizedBase64Integer'	 from an  ∙.┘ jose	Parsed a  │ with an expected number of bytes.  tuvyz{|}~─│┌┐└┘uv┐│┌└┘─}~{|yz t           Safe-Inferred"%&э Ц   %є° joseParameters for RSA Keys· jose"Parameters for Elliptic Curve Keys÷ joseRSA private key parametersё jose(Optional parameters for RSA private keys╚ jose#"oth" (Other Primes Info) Parameter╟ jose"crv" (Curve) Parameter√ jose,Conversion from known curves and back again.у jose'Keys that may have have public materialж joseGet the public keyв joseKeygen parameters.ь jose(Generate an EC key with specified curve.ы jose+Generate an RSA key with specified size in bytes.з jose0Generate a symmetric key with specified size in bytes.ш jose;Generate an EdDSA or Edwards ECDH key with specified curve.э joseKey material sum type.К joseSymmetric key parameters data. ь ≈≤≥ ⌡°²·÷═║╒ёє╔ії╗°²·÷═║╒ёє╔ії╗╘╙╚╛ґў╞╟╠╡ЁЄ╣ІЇ╦╧╨╩╪ҐужвьызшэщчъЮАБЦДЕФГХИЙКЛМНОПЯРСТУЖВЬф уж╟╠╡ЁЄ·╣ІЇ╦╨╩╪Ґ╧╚╛ґў╞ёє╔ії╗╘╙÷═║╒°²ЯРМНОСПКЛТФГХИЙАБЦДЕУвьызшэщчъЮЖВЬ           Safe-Inferred   '  ╘╙            Safe-Inferred"%&(б л з   .ч▐ jose+RFC 7517 ї4.4.  "alg" (Algorithm) ParameterСSee also RFC 7518 ї6.4. which states that for "oct" keys, an
 "alg" member SHOULD be present to identify the algorithm intended
 to be used with the key, unless the application uses another
 means or convention to determine the algorithm used.√ jose4RFC 7517 ї4.3.  "key_ops" (Key Operations) Parameterє jose'RFC 7517 ї4.  JSON Web Key (JWK) Format╔ jose0RFC 7517 ї4.2.  "use" (Public Key Use) Parameter╞ joseRFC 7517 ї5.  JWK Set Format╧ jose╞Get the certificate chain.  Not a lens, because the key of the first
 certificate in the chain must correspond be the public key of the JWK.
 To set the certificate chain use  ╨.╨ joseSet the "x5c"Э  Certificate Chain parameter.  If setting the list,
 checks that the key in the first certificate matches the JWK; returns
 Nothing if it does not.╩ joseх Generate a JWK.  Apart from key parameters, no other parameters are set.Ґ jose"Convert RSA private key into a JWK╚ jose$Convert an RSA public key into a JWK╛ jose#Convert an EC public key into a JWKЎ joseConvert octet string into a JWK© jose(Convert an X.509 certificate into a JWK.с Supports RSA and ECDSA (when the curve is supported).  Other key types
 will throw  .The "x5c"5 field of the resulting JWK contains the certificate.ю joseSanity-check a JWK.≥Return an appropriate error if the key is size is too small to be
 used with any JOSE algorithm, or for other problems that mean the
 key cannot be used.а joseУ Choose the cryptographically strongest JWS algorithm for a
 given key.  The JWK "alg" algorithm parameter is ignored.б jose#Compute the JWK Thumbprint of a JWKц josePrism from ByteString to HashAlgorithm a => Digest a.Use  ґ digest to view the bytes of a digestў jose,JWK canonicalised for thumbprint computation Х≈≤≥ ⌡°²·÷═║╒ёє╔ії╗╞╟╠╡ЁЄ╣ІЇ╦╧╨╩╪ҐЎ©юабцдефгхийклмнопярстужвьызшэщчъЮАБЦДЕФГХИЙКЛМНОПЯРСТУЖВЬЫЗШЭЩЧЪ─│┌┐└┘├┤┬┴┼▀▄█▌▐░▒▓⌠■∙√≈≤t°²·÷╒═║ё╙╘╗їіє╔╚╞ў╛ґ╟╠╡ЁЄ╣ІЇ╦╧╨╩╪ҐужвьызшэЮъщчАБЦДЕФЙИГХКЛМНОПЯРСТУЖВЬ▐░▒√≈≤≥ ⌡°²·є╔ії╞╟╠╡ЁЄ╣ІЇ╦╧╨╩╪ҐЎ©юабц7╩вьызш╟╠╡ЁЄАБЦДЕєужЄ╣╔ії╡√≈≤≥ ⌡°²·╠▐░▒Ё╦╧╨ІЇ╪ҐЎ©бцt╞╟юа    	       Safe-Inferredа ц д е   4к jose.Verification keys.  Lookup operates in effect m( with access
 to the JWS header of type h and a payload of type s.б The returned keys are not guaranteed to be used, e.g. if the JWK
 "use" or 	"key_ops"+ field does not allow use for verification.л jose4Look up verification keys by JWS header and payload.м joseUse a  ╞ as a  к│.  Can be used with
 any payload type.  Returns all keys in the set; header and
 payload are ignored.  No filtering is performed.н joseUse a  є as a  кД .  Can be used with any
 payload type.  Header and payload are ignored.  No filtering is
 performed.л  jose
JWS header josePayloadклкл    
       Safe-Inferred"  6Фо joseа RFC 7518 ї4.8.1.  Header Parameters Used for PBES2 Key Encryptionя josePBKDF2 salt inputр jose)PBKDF2 iteration count ; POSITIVE integerс joseц RFC 7518 ї4.7.1.  Header Parameters Used for AES GCM Key Encryptionу jose)Initialization Vector  (must be 96 bits?)ж jose&Authentication Tag (must be 128 bits?)в jose?RFC 7518 ї4.6.1.  Header Parameters Used for ECDH Key Agreementы jose'Ephemeral Public Key ; a JWK PUBLIC keyз joseAgreement PartyUInfoш joseAgreement PartyVInfoэ jose9RFC 7518 ї4.  Cryptographic Algorithms for Key Management─ jose<RFC 7518 ї5  Cryptographic Algorithms for Content Encryption (оряпсжутвшзыьэМЛКГФЕДЦъчЙИХБАЮщНО─┐┌│├┘└(эМЛКГФЕДЦъчЙИХБАЮщНОвшзыьсжуторяп─┐┌│├┘└           Safe-Inferredл э   ?Щ╒ jose2A header value, along with a protection indicator.╔ jose&Get a value for indicating protection.і joseGet a  ≥* a value for indicating no protection, or  Ч3
 if the type does not support unprotected headers.ї jose,Whether a header is protected or unprotected╙ joseA thing with parameters.╚ joseн Return a list of parameters,
 each paired with whether it is protected or not.╛ joseж List of "known extensions", i.e. keys that may appear in the
 "crit" header parameter.ў jose:Parse a pair of objects (protected and unprotected header)This internally invokes  ґ≥ applied to a proxy for
 the target type.  (This allows the parsing of the "crit" parameter
 to access "known extensions" understood by the target type.)╞ jose1Return the base64url-encoded protected parameters╟ jose$Return unprotected params as a JSON  ▀ (always an object)╠ joseLens for the  ї of a  ╒╡ joseLens for a  ╒ valueЁ jose+Getter for whether a parameter is protectedЄ joseЦ Parse an optional parameter that may be carried in either
 the protected or the unprotected header.╣ joseЙ Parse an optional parameter that may be carried in either
 the protected or the unprotected header.  Like  Є0,
 but with an explicit argument for the parser.І joseв Parse an optional parameter that, if present, MUST be carried
 in the protected header.Ї joseБ Parse a required parameter that may be carried in either
 the protected or the unprotected header.╦ joseи Parse a required parameter that MUST be carried
 in the protected header.╧ joseParse a "crit" header param	Fails if:,any reserved header appears in "crit" header1any value in "crit" is not a recognised extensionц any value in "crit" does not have a corresponding key in the objectў  joseprotected header joseunprotected header  joseObject ╟ joseObject ╧  josereserved header parameters joserecognised extensions jose8full header (union of protected and unprotected headers) josecrit header.▄█▌▐░▒▓⌠■∙√≈≤≥ ⌡°²·÷═║╒ёє╔ії╗╘╙╚╛ґў╞╟╠╡ЁЄ╣ІЇ╦╧.╒ёє╔ії╗╘╠Ё╡╙╚╛ґЇ╦Є╣Іў╧╞╟═║·÷°² ⌡≤≥√≈■∙▓⌠░▒▌▐▄█           Safe-Inferred"а б ц э   P	и joseValidation settings:*The set of acceptable signature algorithmsThe validation policyй joseValidation policy.к jose2One successfully validated signature is sufficientл joseЬ All signatures in all configured algorithms must be validated.
 No signatures in configured algorithms is also an error.м joseо A JWS with one signature which only allows protected
 parameters.  Can use the flattened serialisation	 or
 the compact serialisation.н jose*A JWS with one signature, which uses the
 flattened serialisation.  Headers may be  ╗
 or  ╘.о jose;A JWS that allows multiple signatures, and cannot use
 the compact serialisation.  Headers may be  ╗
 or  ╘.п joseж JSON Web Signature data type.  The payload can only be
 accessed by verifying the JWS.;Parameterised by the signature container type, the header
  є" type, and the header record type.Use  ⌡ and  °4 to convert a JWS to or from JSON.
 When encoding a  п []" with exactly one signature, the
  flattened JWS JSON serialisation  syntax is used, otherwise
 the general JWS JSON serialisation is used.
 When decoding a  п []" either serialisation is accepted. п  ²/ uses the flattened JSON serialisation
 or the JWS compact serialisation (see  F and
  G).Use  ш to create a signed/MACed JWS.Use  ч) to verify a JWS and extract the payload.я jose8Signature object containing header, and signature bytes.ЎIf it was decoded from a serialised JWS, it "remembers" how the
 protected header was encoded; the remembered value is used when
 computing the signing input and when serialising the object.╨The remembered value is not used in equality checks, i.e. two
 decoded signatures with differently serialised by otherwise equal
 protected headers, and equal signature bytes, are equal.т joseJWS Header data type.· joseJWK Set URL÷ joseinterpretation unspecified═ joseContent Type (of object)║ joseContent Type (of payload)у joseж Construct a minimal header with the given algorithm and
 protection indicator for the alg header.ж jose,Make a JWS header for the given signing key.Uses  а- to choose the algorithm.
 If set, the JWK's "kid", "x5u", "x5c", "x5t" and
 
"x5t#S256"д  parameters are copied to the JWS header (as
 protected parameters).May return   or  .в jose Getter for header of a signatureь joseGetter for signature bytesз jose░Return the raw base64url-encoded protected header value.
 If the Signature was decoded from JSON, this returns the
 original string value as-is.у Application code should never need to use this.  It is exposed
 for testing purposes.ш joseс Create a signed or MACed JWS with the given payload by
 traversing a collection of (header, key) pairs.э jose The default validation settings.,All algorithms except "none" are acceptable.х All signatures must be valid (and there must be at least one signature.)щ jose2Verify a JWS with the default validation settings.	See also  э.ч joseVerify a JWS.ы Signatures made with an unsupported algorithms are ignored.
 If the validation policy is  кз , a single successfully
 validated signature is sufficient.  If the validation policy is
  лк  then all remaining signatures (there must be at least one)
 must be valid.-Returns the payload if successfully verified.ш  josePayload jose Traversable of header, key pairsщ  josekey or key store joseJWSч  josevalidation settings josekey or key store joseJWSъ  josepayload decoder josevalidation settings josekey or key store joseJWSС≈≤≥ ⌡°²·÷═║╒ёє╔ії╗╞╟╠╡ЁЄ╣ІЇ╦╧╨╩╪ҐЎ©юабцдефгхийклмнопярстужвьызшэщчъЮАБЦДЕФГХИЙКЛМНОПЯРСТУЖВЬЫЗШЭЩЧЪ─│┌┐└┘├┤┬┴┼▀▄█▌▐░▒▓⌠■∙√≈≤	
 !"&'(76543210/.-,+)*89HIJKLMNOPQRSTUWVt°²·÷╒═║ё╙╘╗їіє╔╚╞ў╛ґ╟ЄЁ╠╡╣ІЇ╦╧╨╩╪ҐужвшзьыэЮъщчАЕДБЦФЙИГХКЛМНОПЯРСТУЖВЬ▐░▒√·²°⌡ ≥≈≤є╔ії╞╟╠╡ЁЄ╣ІЇ╦╧╨╩╪ҐЎ©юабц▄█▌▐░▒▓⌠■∙√≈≤≥ ⌡°²·÷═║╒ёє╔ії╗╘╙ґ╚╛ў╞╟╠╡ЁЄ╣ІЇ╦╧абцдефгхийклмнопярстужвьызшэщчъ/понмужшчщъэийклефгхцдабыявьзHIJKLMNOPQRSTUWVрст           Safe-Inferred   T┌Ъ joseaesonц  supports multiple map implementations.  The
 implementation using Data.HashMapП from *unordered-containers*
 is vulnerable to hash-flooding DoS attacks.  If your program
 processes JOSE objects from untrusted sources, you can check this
 value to find out if the *aeson* build uses a secure map
 implementation, or not. Э≈≤≥ ⌡°²·÷═║╒ёє╔ії╗╞╟╠╡ЁЄ╣ІЇ╦╧╨╩╪ҐЎ©юабцдефгхийклмнопярстужвьызшэщчъЮАБЦДЕФГХИЙКЛМНОПЯРСТУЖВЬЫЗШЭЩЧЪ─│┌┐└┘├┤┬┴┼▀▄█▌▐░▒▓⌠■∙√≈≤	
 !"&'(76543210/.-,+)*89BCDEFGHVWUTSRQPONMLKIJt°²·÷╒═║ё╙╘╗їіє╔╚╞ў╛ґ╟ЄЁ╠╡╣ІЇ╦╧╨╩╪ҐужвшзьыэЮъщчАЕДБЦФЙИГХКЛМНОПЯРСТУЖВЬ▐░▒√·²°⌡ ≥≈≤є╔ії╞╟╠╡ЁЄ╣ІЇ╦╧╨╩╪ҐЎ©юабцкл▄█▌▐░▒▓⌠■∙√≈≤≥ ⌡°²·÷═║╒ёє╔ії╗╘╙ґ╚╛ў╞╟╠╡ЁЄ╣ІЇ╦╧абцдехфгийклмнопярстужвьызшэщчъЪЪ           Safe-Inferred"д е т э   YД┌ jose&Encoded protected header, if available┐ joseJWE Initialization Vector└ joseJWE AAD┘ joseJWE Ciphertext├ joseJWE Authentication Tag╒ joseJWE Encrypted Key■ joseContent Type (of object)∙ joseContent Type (of payload)ё josemessage (key to wrap)є joseplaintext key (to be encrypted) joseencrypted key╔ josekey josemessage joseAADі josekey josemessage joseadditional authenticated data joseIV, cipertext and MACї josekey josemessage joseadditional authenticated data joseIV, tag and ciphertext─│┌┐└┘├┤┬┴┼▀▄█▌▐░▒▓⌠■∙√┬┴┼▀▄█▌▐░▒▓⌠■∙√─│┌┐└┘├┤           Safe-Inferred	 "а б ц   sУ÷ jose.A JOSE error occurred while processing the JWT═ jose'The JWT payload is not a JWT Claims Set╗ joseЬ A JSON numeric value representing the number of seconds from
   1970-01-01T0:0:0Z UTC until the specified UTC date/time.╙ joseЪ A JSON string value, with the additional requirement that while
   arbitrary string values MAY be used, any value containing a :
   character MUST be a URI.Note: the IsString. instance will fail if the string
 contains a : but does not parse as a   .  Use  Є
 directly in this situation.╩ joseNon-total.  A string with a : in it MUST parse as a URIа jose)Audience data.  In the general case, the audа  value is an
 array of case-sensitive strings, each containing a  ╙б 
 value.  In the special case when the JWT has one audience, the
 aud; value MAY be a single case-sensitive string containing a
  ╙ value.The  ┘ instance formats an  ао  with one value as a
 string (some non-compliant implementations require this.)╗ joseИ The allowed skew is interpreted in absolute terms;
   a nonzero value always expands the validity period.й jose│The issuer claim identifies the principal that issued the
 JWT.  The processing of this claim is generally application
 specific.к joseЎThe subject claim identifies the principal that is the
 subject of the JWT.  The Claims in a JWT are normally
 statements about the subject.  The subject value MAY be scoped
 to be locally unique in the context of the issuer or MAY be
 globally unique.  The processing of this claim is generally
 application specific.л jose┬The audience claim identifies the recipients that the JWT is
 intended for.  Each principal intended to process the JWT MUST
 identify itself with a value in the audience claim.  If the
 principal processing the claim does not identify itself with a
 value in the audб  claim when this claim is present, then the
 JWT MUST be rejected.м jose▄The expiration time claim identifies the expiration time on
 or after which the JWT MUST NOT be accepted for processing.
 The processing of expъ  claim requires that the current
 date/time MUST be before expiration date/time listed in the
 expЬ  claim.  Implementers MAY provide for some small leeway,
 usually no more than a few minutes, to account for clock skew.н joseЭ The not before claim identifies the time before which the JWT
 MUST NOT be accepted for processing.  The processing of the
 nbfМ  claim requires that the current date/time MUST be after
 or equal to the not-before date/time listed in the nbfЫ 
 claim.  Implementers MAY provide for some small leeway, usually
 no more than a few minutes, to account for clock skew.о joseЪ The issued at claim identifies the time at which the JWT was
 issued.  This claim can be used to determine the age of the
 JWT.п joseВThe JWT ID claim provides a unique identifier for the JWT.
 The identifier value MUST be assigned in a manner that ensures
 that there is a negligible probability that the same value will
 be accidentally assigned to a different data object.  The jtiб 
 claim can be used to prevent the JWT from being replayed.  The
 jti" value is a case-sensitive string.я joseШ The JWT Claims Set represents a JSON object whose members are
 the registered claims defined by RFC 7519.  To construct a
 	ClaimsSet use  с= then use the lenses from this
 class to set relevant claims.С For applications that use additional claims beyond those defined
 by RFC 7519, define a new data type and instance  х;.
 See the module synopsis for more details and an example.р jose┘Claim Names can be defined at will by those using JWTs.
 Use this lens to access a map non-RFC 7519 claims in the
 Claims Set object.с joseReturn an empty claims set.т joseAdd a non-RFC 7519" claim.  Use the lenses from the
  х% class for setting registered claims.ъ joseA digitally signed or MACed JWTЮ joseWhether to check that the iat claim is not in the future.Б josePredicate for checking the iss claim.Д jose%Predicate for checking values in the aud claim.Ф jose)Maximum allowed skew when validating the nbf, exp and iat claims.О jose(Acquire the default validation settings.1https://tools.ietf.org/html/rfc7519#section-4.1.3RFC 7519 ї4.1.3.Э 
 states that applications MUST identify itself with a value in the
 audience claim, therefore a predicate must be supplied.The other defaults are: э for JWS verification*Zero clock skew tolerance when validating nbf, exp and iat claimsiat claim is checkedissuer claim is not checkedП jose(Validate the claims made by a ClaimsSet.4You should never need to use this function directly.'
 These checks are always performed by  Р and  Я8.
 The function is exported mainly for testing purposes.Я jose░Cryptographically verify a JWS JWT, then validate the
 Claims Set, returning it if valid.  The claims are validated
 at the current system time.╔This is the only way to get at the claims of a JWS JWT,
 enforcing that the claims are cryptographically and
 semantically valid before the application can use them.7This function is abstracted over any payload type with  х and
  ├ instances.  The  Р variant uses  я as the
 payload type.	See also  ТВ  which allows you to explicitly specify
 the time of validation (against which time-related claims will be
 validated).Р joseVariant of  Я that uses  я as the payload type.С joseVariant of  Я▐ where the validation time is provided by
 caller.  If you process many tokens per second
 this lets you avoid unnecessary repeat system calls.Т joseVariant of  Я that uses  яф  as the payload type and
 where validation time is provided by caller.У jose6Create a JWS JWT.  The payload can be any type with a  ┘
 instance.  See also  Ж which uses  я as the
 payload type.)Does not set any fields in the Claims Set
, such as "iat"5
 ("Issued At") Claim.  The payload is encoded as-is.Ж jose%Create a JWS JWT.  Specialisation of  У with payload type fixed
 at  я.)Does not set any fields in the Claims Set
, such as "iat"5
 ("Issued At") Claim.  The payload is encoded as-is. Ў≈≤≥ ⌡°²·÷═║╒ёє╔ії╗╞╟╠╡ЁЄ╣ІЇ╦╧╨╩╪ҐЎ©юабцдефгхийклмнопярстужвьызшэщчъЮАБЦДЕФГХИЙКЛМНОПЯРСТУЖВЬЫЗШЭЩЧЪ─│┌┐└┘├┤┬┴┼▀▄█▌▐░▒▓⌠■∙√≈≤	
 !"&'(76543210/.-,+)*89BCDEFGHVWUTSRQPONMLKIJt°²·÷╒═║ё╙╘╗їіє╔╚╞ў╛ґ╟ЄЁ╠╡╣ІЇ╦╧╨╩╪ҐужвшзьыэЮъщчАЕДБЦФЙИГХКЛМНОПЯРСТУЖВЬ▐░▒√·²°⌡ ≥≈≤є╔ії╞╟╠╡ЁЄ╣ІЇ╦╧╨╩╪ҐЎ©юабцкл▄█▌▐░▒▓⌠■∙√≈≤≥ ⌡°²·÷═║╒ёє╔ії╗╘╙ґ╚╛ў╞╟╠╡ЁЄ╣ІЇ╦╧абцдехфгийклмнопярстужвьызшэщчъЪ·÷═║╒ёє╔╗╘╙╚ґ╞Ё╟╡╠ў╛Є╣ІабгхйиклмнопярстэщчъЮАБЦДЕФГХНЙКМЛИОПЯРСТУЖб ъЖУОРЯФГДЕБЦЮАгХНЙКМЛИэщчТСхйиклмнопястрП·÷═║╒ёє╔╚ґ╞Ё╟╡╠ў╛аб╙Є╣І╗╘  ╘                           !   "   #   $   %   &   '  (  )  *  +  ,  -  .  /    0  1  2  3  4  5   6   7   8   9   :  ;  ;  <   =   >   ?   @   A   B   C   D   E   F   G   H   I   J   K   L   M   N   O   P   Q   R   S   T   U  V   W  X   Y   Z   [  \  ]  ^  _  `  a  b  c  d  e  f  g  h  i  j  k   l   m   n   o   p  \  q  r  s  t  u  v  w  x  y  z  {  |  }  ~    ─  │   l   m   n   o   p   ┌  ┐  ┐   └   ┘  ├  ├  ┤  ┤  ┬  ┬  ┴  ┴  ┼  ┼   ▀   ▄   █   ▌   ▐   ░   ▒   ▓   ⌠   ■   ∙   √   ≈   ≤   ≥       ⌡   °   ²   ·   ÷   ═   ║   ╒   ё  є  є  ╔  і  і   ї   ╗  ╘  ╘   ╙   ╚   ╛   ґ   ў   ╞  ╟  ╟   ╠   ╡   Ё  Є  ╣  І  Ї  ╦   ╧   ╨   ╩   ╪   Ґ   Ў   ©   ю   а   б   ц   д   е   ф   г   х   и   й   к   л   м   н   о   п   я   р   с   т   у   ж   в   ь  ы   з  ш  э  щ  ч  ъ  Ю  А  Б  Ц  Д  Е  Ф  Г  Х  И  Й  К  Л  М  Н  О  О   П   Я   Р   С   Т   У   Ж   В   Ь   Ы   З   Ш   Э   Щ   Ч   Ъ   ─   │   ┌   ┐   └   ┘   ├   ┤   ┬   ┴   ┼   ▀   ▄   █   ▌   ▐   ░   ▒  ▓  ⌠  ■   ∙   √   ≈   ≤  ≥     ⌡  °  ²  ·  ÷  ═  ║   ╒   ё   є   ╔   і  ї  ╗  ╘  ╙   ╚   ╛   ґ   ў   ╞   ╟   ╠  ╡  ╡   Ё   Є   ╣   І   Ї   ╦   ╧   ╨   ╩   ╪   Ґ   Ў   ©   ю   а   б   ц   д   е   ф   г   х   и   й   к   л  	м  	 н  	 о  	 п  
я  
я  
 р  
 с  
т  
т  
 у  
 ж  
в  
в  
 ь  
 ы  
 з  
ш  
q  
r  
s  
t  
u  
v  
w  
x  
y  
z  
{  
|  
}  
~  
  
─  
│  
 э  
 щ  
 ч  
 ъ  
 Ю  
 А  
 Б  
 Ц  
 Д  
 Е  
 Ф  
 Г  
 Х  
 И  
 Й  
 К  
 Л  
 М  
╙  
Н  
О  
П  
Я  
Р  
С  
 Т  
 У  
 Ж  
 В  
 Ь  Ы   З  Ш   Э  Щ   Ч  Ъ   ─  │   ┌  ┐   └  ┘   ├  ┤   ┬  ┴   ┼  ▀   ▄  █   ▌  ▐  ▐  ░   ▒   ▓  ⌠  ■  ∙  √   ≈   ≤   ≥       ⌡   °   ²   ·   ÷   ═   ║   ╒   ё   є   ╔   і   ї   ╗   ╘   ╙   ╚   ╛  ґ   ў  ╞   ╟  ╠   ╡   Ё   Є  ╣  І  Ї  ╦  ╧  ╨  ╩  ╪  Ґ  Ў   ©  ю   а   б   ц   д   е   ф   г   х   и   й   к   л   м   н   о   п   я   р   с   т   у   ж   в   ь   ы   з   ш   э   щ   ч   ъ   Ю   А   Б   Ц   Д   Е   Ф   Г   Х   И   Й   К  Л  Л   М   Н   О   П   Я   Р  С  С   Т   У   Ж   В   Ь   Ы   З   Ш   Э   Щ   Ч   Ъ   ─   │   ┌   ┐   └   ┘   ├   ┤    ┬  ┴  ┼  ▀  ▄  █  ▌   ▐   ░  ▒  ▒  ▓  ⌠   ■   ∙   √   ≈   ≤   ≥       ⌡   °   ²   ·   ÷   ═   ║   ╒   ё   є   ╔   і   ї   ╗  ╘  ╘   ╙   ╚   ╛   ґ  ў  ╞   ╟   ╠   ╡   Ё   Є   ╣   І   Ї  ╦   ╧   ╨   ╩   ╪   Ґ   Ў   ©   ю   а   б  ц  ц   д  е  ф   г  х   и  й   к  л   м  н   о   п   я   р   с   т   у   ж   в   ь   ы   з   ш   э   щ   ч   ъ   Ю   А   Б   Ц ДЕФ   Г   Х ИЙК   Л   М   Н ОПЯ ОРС   Т   У   Ж   В ОЬЫ ЗШ Э ЗЩ Ч   Ъ   ─   │   ┌   ┐   └   ┘ ├┤┬   ┴ ┼▀ ▄ ┼▀ █ ┼▀ ▌ ┼▀ ▐ ┼▀ ░ ┼▀ ▒ ┼▀ ▓ ┼▀ ⌠ ┼▀■ ┼∙√ ┼≈ ≤ ┼≈≥ ┼  ⌡ ┼ ° ┼  ² ┼ · ┼  ÷ ┼ ═   ║   ╒   ё   є ЗШ ╔   і ┼ї ╗ ┼ї ╘ ┼ї ╙ ┼ї ╚ ┼ї ╛ ┼ї ґ ┼ї ў ┼ї ╞ ┼ї ╟ ┼ї ╠ ┼ї ╡ ┼ї Ё ┼Є╣ ┼Є╣ ┼ЄІ ┼ЄІ ┼ЄЇ ┼ЄЇ ┼Є╦ ┼Є╦ ┼╧╨ ┼╧╨ ┼╧╩ ┼╧╩ ┼╪Ґ ┼╪Ґ ┼╪Ў ┼╪Ў ┼╪© ┼╪© ┼╪ю ┼╪ю ┼╪а ┼╪а ┼бц ┼бц ┼де ┼де ┼дф ┼дф ┼дг ┼дг ┼хи ┼хи ┼хй ┼хй ┼кл ┼кл ┼км ┼км ┼кн ┼кн ┼ко ┼ко ┼пя ┼пя ┼рс ┼рс ┼ту ┼ту ┼жв ┼жв ┼ьы ┼ьы ┼зш ┼зш ┼эщ ┼эщ ┼чъ ┼чъ ┼чЮ ┼чЮ ┼чА ┼чА ┼чБ ┼чБ ┼ЦД ┼ЦД ┼ЕФ ┼ЕФ ┼ГХ ┼ГХ ┼ГИ ┼ГИ ┼ЙК ┼ЙК ┼ЙЛ ┼ЙЛ ┼МН ┼МН ┼МО ┼МО ┼МП ┼МП ┼МЯ ┼МЯ ┼РС ┼РС ┼ТУ ┼ТУ ┼ЖВ ┼Ж Ь ┼Ж Ы ┼ЖЗ ┼ЖШ ┼ЖЭ ДЕЩ   Ч ОЪ ─ ОЪ │ Д┌┐   └   ┘   ├   ┤   ┬   ┴   ┼   ▀   ▄   █   ▌▐ jose-0.10-85ss4FxYherD9FCswT41elCrypto.JOSE.TypesCrypto.JOSE.AESKWCrypto.JOSE.ErrorCrypto.JOSE.CompactCrypto.JOSE.JWA.JWSCrypto.JOSE.JWA.JWE.AlgCrypto.JOSE.JWA.JWKCrypto.JOSE.JWKCrypto.JOSE.JWK.StoreCrypto.JOSE.JWA.JWECrypto.JOSE.HeaderCrypto.JOSE.JWSCrypto.JOSECrypto.JOSE.JWE
Crypto.JWTJWTErrorCrypto.JOSE.THCrypto.JOSE.Types.InternalCrypto.JOSE.Types.URI*network-uri-2.6.4.1-DXx94Tarxth8HOiU66mdO8Network.URIURI!x509-1.7.7-9jHEdtaSYBi3p0EOYix4UZ	Data.X509SignedCertificate
aesKeyWrapaesKeyUnwrapCompactDecodeErrorCompactInvalidNumberOfPartsCompactInvalidTextCompactTextErrorInvalidNumberOfPartsexpectedPartsactualParts$fShowInvalidNumberOfParts$fShowCompactTextError$fEqCompactDecodeError$fEqCompactTextError$fEqInvalidNumberOfPartsErrorAlgorithmNotImplementedAlgorithmMismatchKeyMismatchKeySizeTooSmallOtherPrimesNotSupportedRSAErrorCryptoErrorJSONDecodeErrorNoUsableKeysJWSCritUnprotectedJWSNoValidSignaturesJWSInvalidSignatureJWSNoSignatures_CompactInvalidNumberOfParts_CompactInvalidText$fShowCompactDecodeError	$fEqError$fShowErrorJOSEAsError_Error_AlgorithmNotImplemented_AlgorithmMismatch_KeyMismatch_KeySizeTooSmall_OtherPrimesNotSupported	_RSAError_CryptoError_CompactDecodeError_JSONDecodeError_NoUsableKeys_JWSCritUnprotected_JWSNoValidSignatures_JWSInvalidSignature_JWSNoSignaturesrunJOSE
unwrapJOSE$fAsErrorError$fMonadRandomJOSE$fMonadIOJOSE$fMonadErroreJOSE$fMonadTransJOSE$fMonadJOSE$fApplicativeJOSE$fFunctorJOSE	ToCompact	toCompactFromCompactfromCompactdecodeCompactencodeCompactAlgHS256HS384HS512RS256RS384RS512ES256ES384ES512ES256KPS256PS384PS512NoneEdDSA$fToJSONAlg$fFromJSONAlg$fEqAlg$fOrdAlg	$fShowAlgRSA1_5RSA_OAEPRSA_OAEP_256A128KWA192KWA256KWDirECDH_ESECDH_ES_A128KWECDH_ES_A192KWECDH_ES_A256KW	A128GCMKW	A192GCMKW	A256GCMKWPBES2_HS256_A128KWPBES2_HS384_A192KWPBES2_HS512_A256KW	base64urlBase64Integer$fEqBase64Integer$fShowBase64Integer
Base64X509Base64SHA256
Base64SHA1Base64OctetsSizedBase64Integer_Base64IntegermakeSizedBase64Integer	checkSize$fToJSONBase64Integer$fFromJSONBase64Integer$fToJSONSizedBase64Integer$fFromJSONSizedBase64Integer$fEqSizedBase64Integer$fToJSONBase64Octets$fFromJSONBase64Octets$fToJSONBase64SHA1$fFromJSONBase64SHA1$fToJSONBase64SHA256$fFromJSONBase64SHA256$fToJSONBase64X509$fFromJSONBase64X509$fEqBase64X509$fShowBase64X509$fEqBase64SHA256$fShowBase64SHA256$fEqBase64SHA1$fShowBase64SHA1$fEqBase64Octets$fShowBase64Octets$fShowSizedBase64IntegerRSAKeyParametersECKeyParametersRSAPrivateKeyParametersrsaDrsaOptionalParametersRSAPrivateKeyOptionalParametersrsaPrsaQrsaDprsaDqrsaQirsaOthRSAPrivateKeyOthElemrOthdOthtOthCrvP_256P_384P_521	Secp256k1ecCrvecXecYecDgenECcurvepointecPrivateKeyecParametersFromX509$fToJSONCrv$fFromJSONCrv$fToJSONRSAPrivateKeyOthElem$fFromJSONRSAPrivateKeyOthElem'$fToJSONRSAPrivateKeyOptionalParameters)$fFromJSONRSAPrivateKeyOptionalParameters$fToJSONRSAPrivateKeyParameters!$fFromJSONRSAPrivateKeyParameters$fToJSONECKeyParameters$fFromJSONECKeyParameters$fEqRSAKeyParameters$fShowRSAKeyParameters$fEqECKeyParameters$fShowECKeyParameters$fEqRSAPrivateKeyParameters$fShowRSAPrivateKeyParameters#$fEqRSAPrivateKeyOptionalParameters%$fShowRSAPrivateKeyOptionalParameters$fEqRSAPrivateKeyOthElem$fShowRSAPrivateKeyOthElem$fEqCrv$fOrdCrv	$fShowCrvAsPublicKeyasPublicKeyKeyMaterialGenParam
ECGenParamRSAGenParamOctGenParamOKPGenParamKeyMaterialECKeyMaterialRSAKeyMaterialOctKeyMaterialOKPKeyMaterialOKPCrvEd25519Ed448X25519X448OKPKeyParameters
Ed25519KeyEd448Key	X25519KeyX448KeyOctKeyParametersrsaErsaNrsaPrivateKeyParametersgenRSAtoRSAKeyParameterstoRSAPublicKeyParametersrsaPublicKeyoctKgenOKPgenKeyMaterialsignverify$fToJSONRSAKeyParameters$fFromJSONRSAKeyParameters$fToJSONOctKeyParameters$fFromJSONOctKeyParameters$fToJSONOKPKeyParameters$fFromJSONOKPKeyParameters$fShowOKPKeyParameters$fToJSONKeyMaterial$fFromJSONKeyMaterial$fAsPublicKeyKeyMaterial$fAsPublicKeyOKPKeyParameters$fAsPublicKeyECKeyParameters$fAsPublicKeyRSAKeyParameters$fEqKeyMaterialGenParam$fShowKeyMaterialGenParam$fEqKeyMaterial$fShowKeyMaterial
$fEqOKPCrv$fShowOKPCrv$fEqOKPKeyParameters$fEqOctKeyParameters$fShowOctKeyParametersJWKAlgJWSAlgJWEAlg$fToJSONJWKAlg$fFromJSONJWKAlg
$fEqJWKAlg$fShowJWKAlgKeyOpSignVerifyEncryptDecryptWrapKey	UnwrapKey	DeriveKey
DeriveBits$fToJSONKeyOp$fFromJSONKeyOp	$fEqKeyOp
$fOrdKeyOp$fShowKeyOpJWKKeyUseSigEnc$fToJSONKeyUse$fFromJSONKeyUse$fEqJWK	$fShowJWK
$fEqKeyUse$fOrdKeyUse$fShowKeyUseJWKSetjwkAlg	jwkKeyOpsjwkKidjwkMaterialjwkUsejwkX5t
jwkX5tS256jwkX5ujwkX5c	setJWKX5cgenJWKfromKeyMaterialfromRSA
fromOctetsfromX509CertificatecheckJWK
bestJWSAlg
thumbprintdigest$fAsPublicKeyJWK$fToJSONJWK$fFromJSONJWK$fToJSONJWKSet$fFromJSONJWKSet
$fEqJWKSet$fShowJWKSetVerificationKeyStoregetVerificationKeys$fVerificationKeyStoremhsJWKSet$fVerificationKeyStoremhsJWKPBES2Parameters_p2s_p2cAESGCMParameters_iv_tagECDHParameters_epk_apu_apvAlgWithParams	algObjectalgWithParamsObject$fToJSONECDHParameters$fFromJSONECDHParameters$fToJSONAESGCMParameters$fFromJSONAESGCMParameters$fToJSONPBES2Parameters$fFromJSONPBES2Parameters$fToJSONAlgWithParams$fFromJSONAlgWithParams$fEqAlgWithParams$fShowAlgWithParams$fEqPBES2Parameters$fShowPBES2Parameters$fEqAESGCMParameters$fShowAESGCMParameters$fEqECDHParameters$fShowECDHParametersA128CBC_HS256A192CBC_HS384A256CBC_HS512A128GCMA192GCMA256GCM$fToJSONEnc$fFromJSONEnc$fEqEnc$fOrdEnc	$fShowEncHasCritcritHasCtyctyHasTyptyp
HasX5tS256x5tS256HasX5tx5tHasX5cx5cHasX5ux5uHasKidkidHasJwkjwkHasJkujkuHasAlgalgHeaderParamProtectionIndicatorgetProtectedgetUnprotected
Protection	ProtectedUnprotected	HasParamsparams
extensionsparseParamsForparseParamsprotectedParamsEncodedunprotectedParams
protectionparamisProtectedheaderOptionalheaderOptional'headerOptionalProtectedheaderRequiredheaderRequiredProtected	parseCrit$fProtectionIndicator()$fProtectionIndicatorProtection$fFunctorHeaderParam$fEqHeaderParam$fShowHeaderParam$fEqProtection$fShowProtectionHasValidationPolicyvalidationPolicyHasAlgorithms
algorithmsHasValidationSettingsvalidationSettingsvalidationSettingsAlgorithms"validationSettingsValidationPolicyValidationSettingsValidationPolicyAnyValidatedAllValidated
CompactJWSFlattenedJWS
GeneralJWSJWS	SignatureHasJWSHeader	jwsHeader	JWSHeadernewJWSHeadermakeJWSHeaderheader	signature
signaturesrawProtectedHeadersignJWSdefaultValidationSettings
verifyJWS'	verifyJWSverifyJWSWithPayload$fHasParamsJWSHeader
$fHasCrita	$fHasCtya	$fHasTypa$fHasX5tS256a	$fHasX5ta	$fHasX5ca	$fHasX5ua	$fHasKida	$fHasJwka	$fHasJkua	$fHasAlga$fHasJWSHeaderJWSHeader$fToJSONSignature$fFromJSONSignature$fEqSignature$fFromCompactJWS$fToCompactJWS$fToJSONJWS$fToJSONJWS0$fFromJSONJWS$fFromJSONJWS0	$fShowJWS$fEqJWS)$fHasValidationSettingsValidationSettings$fHasAlgorithmsa$fHasValidationPolicya$fEqValidationPolicy$fShowSignature$fEqJWSHeader$fShowJWSHeadervulnerableToHashFloodJWE_protectedRaw_jweIv_jweAad_jweCiphertext_jweTag_jweRecipients	JWEHeader_jweAlg_jweEnc_jweZip_jweJku_jweJwk_jweKid_jweX5u_jweX5c_jweX5t_jweX5tS256_jweTyp_jweCty_jweCrit$fHasParamsJWEHeader$fFromJSONJWERecipient$fFromJSONJWE$fEqJWEHeader$fShowJWEHeader$fEqCritParameters$fShowCritParametersJWSErrorJWTClaimsSetDecodeError
JWTExpiredJWTNotYetValidJWTNotInIssuerJWTNotInAudienceJWTIssuedAtFuture$fEqJWTError$fShowJWTErrorNumericDateStringOrURI
AsJWTError	_JWTError	_JWSError_JWTClaimsSetDecodeError_JWTExpired_JWTNotYetValid_JWTNotInIssuer_JWTNotInAudience_JWTIssuedAtFuturestringOrUristringuri$fAsErrorJWTError$fAsJWTErrorJWTError$fToJSONStringOrURI$fFromJSONStringOrURI$fIsStringStringOrURI$fEqNumericDate$fOrdNumericDate$fShowNumericDate$fEqStringOrURI$fShowStringOrURIAudience$fToJSONNumericDate$fFromJSONNumericDate$fEqAudience$fShowAudienceJWTValidationSettingsHasClaimsSet	claimsSetclaimIssclaimSubclaimAudclaimExpclaimNbfclaimIatclaimJti	ClaimsSetunregisteredClaimsemptyClaimsSetaddClaim$fToJSONAudience$fFromJSONAudience$fToJSONClaimsSet$fFromJSONClaimsSet$fHasClaimsSetClaimsSet$fEqClaimsSet$fShowClaimsSetWrappedUTCTime
getUTCTime	SignedJWTHasCheckIssuedAtcheckIssuedAtHasIssuerPredicateissuerPredicateHasAudiencePredicateaudiencePredicateHasAllowedSkewallowedSkewHasJWTValidationSettingsjWTValidationSettings jwtValidationSettingsAllowedSkew&jwtValidationSettingsAudiencePredicate"jwtValidationSettingsCheckIssuedAt$jwtValidationSettingsIssuerPredicate'jwtValidationSettingsValidationSettingsdefaultJWTValidationSettingsvalidateClaimsSet	verifyJWTverifyClaimsverifyJWTAtverifyClaimsAtsignJWT
signClaims$fHasValidationSettingsa/$fHasJWTValidationSettingsJWTValidationSettings$fHasAllowedSkewa$fHasAudiencePredicatea$fHasIssuerPredicatea$fHasCheckIssuedAta$fMonadTimeReaderTbase	GHC.MaybeNothingaesKeyWrapStepaesKeyUnwrapSteptransformers-0.5.6.2Control.Monad.Trans.ExceptExceptTendGuardExpendGuardderiveJOSEType$aeson-2.1.0.0-L7AybCZfHWNGm5ZqVLZDE7Data.Aeson.Types.ToJSONToJSONData.Aeson.Types.FromJSONFromJSONinsertToObjectinsertManyToObjectparseB64	encodeB64Data.Aeson.Types.InternalValuelens-5.2-4USDjI40OnKDCMePzDQpOOControl.Lens.ReviewreviewControl.Lens.FoldpreviewparseB64UrlencodeB64UrlbsToIntegerintegerToBSsizedIntegerToBSintBytesparseOctets
ghc-bignumGHC.Num.IntegerIntegerfromCurveName&cryptonite-0.30-3EXX8DluuULGgk1pU5sPJECrypto.RandomwithRandomBytes
drgNewTest
drgNewSeeddrgNewseedFromBinaryseedFromIntegerseedToIntegerseedNewSeedCrypto.Random.ChaChaDRG	ChaChaDRGCrypto.Random.SystemDRGgetSystemDRG	SystemDRGCrypto.Random.TypeswithDRGMonadRandomgetRandomBytesDRGrandomBytesGenerateMonadPseudoRandomuriFromJSON	uriToJSONfromRSAPublicfromECPublicrethumbprintReprCrypto.HashdigestFromByteStringhashPrefixWithhashWithhashInitWithhashFinalizePrefixhashFinalizehashUpdates
hashUpdatehashInithashlazy
hashPrefixhashCrypto.Hash.Blake2Blake2sBlake2bBlake2spBlake2bpCrypto.Hash.SHAKESHAKE128SHAKE256Crypto.Hash.Blake2bBlake2b_160Blake2b_224Blake2b_256Blake2b_384Blake2b_512Crypto.Hash.Blake2bpBlake2bp_512Crypto.Hash.Blake2sBlake2s_160Blake2s_224Blake2s_256Crypto.Hash.Blake2spBlake2sp_224Blake2sp_256Crypto.Hash.Keccak
Keccak_224
Keccak_256
Keccak_384
Keccak_512Crypto.Hash.MD2MD2Crypto.Hash.MD4MD4Crypto.Hash.MD5MD5Crypto.Hash.RIPEMD160	RIPEMD160Crypto.Hash.SHA1SHA1Crypto.Hash.SHA224SHA224Crypto.Hash.SHA256SHA256Crypto.Hash.SHA3SHA3_224SHA3_256SHA3_384SHA3_512Crypto.Hash.SHA384SHA384Crypto.Hash.SHA512SHA512Crypto.Hash.SHA512tSHA512t_224SHA512t_256Crypto.Hash.Skein256Skein256_224Skein256_256Crypto.Hash.Skein512Skein512_224Skein512_256Skein512_384Skein512_512Crypto.Hash.TigerTigerCrypto.Hash.Whirlpool	WhirlpoolCrypto.Hash.TypesHashAlgorithmhashBlockSizehashDigestSizeHashAlgorithmPrefixContextDigestJustprotectedParams
Data.AesonencodedecodeData.Functor.IdentityIdentity_jwsHeaderJku_jwsHeaderKid_jwsHeaderTyp_jwsHeaderCty_jweEncryptedKeywrap	wrapAESKWencrypt_cbcHmacEnc_gcmEnc#_jwtValidationSettingsCheckIssuedAt