нУЁh$  ▀  ~СЖ                   	  
                                               !  "  #  $  %  &  '  (  )  *  +  ,  -  .  /  0  1  2  3  4  5  6  7  8  9  :  ;  <  =  >  ?  @  A  B  C  D  E  F  G  H  I  J  K  L  M  N  O  P  Q  R  S  T  U  V  W  X  Y  Z  [  \  ]  ^  _  `  a  b  c  d  e  f  g  h  i  j  k  l  m  n  o  p  q  r  s  t  u  v  w  x  y  z  {  |  }  ~    ─  │  ┌  ┐  └  ┘  ├  ┤  ┬  ┴  ┼  ▀  ▄  █  ▌  ▐  ░  ▒  ▓  ⌠  ■  ∙  √  ≈  ≤  ≥     ⌡  °  ²  ·  ÷  ═  ║  ╒  ё  є  ╔  і  ї  ╗  ╘  ╙  ╚  ╛  ґ  ў  ╞  ╟  ╠  ╡  Ё  Є  ╣  І  Ї  ╦  ╧  ╨  ╩  ╪  Ґ  Ў  ©  ю  а  б  ц  	д  	е  	ф  	г  	х  	и  	й  	к  	л  	м  	н  	о  	п  	я  	р  
с  
т  
у  
ж  
в  
ь  
ы  
з  
ш  
э  
щ  
ч  
ъ  
Ю  
А  
Б  
Ц  
Д  
Е  
Ф  
Г  
Х  
И  
Й  К  Л  М  Н  О  П  Я  Р  С  Т  У  Ж  В  Ь  Ы  З  Ш  Э  Щ  Ч  Ъ  ─  │  ┌  ┐  └  ┘  ├  ┤  ┬  ┴  ┼  ▀  ▄  █  ▌  ▐  ░  ▒  ▓  ⌠  ■  ∙  √  ≈  ≤  ≥     ⌡  °  ²  ·  ÷  ═  ║  ╒  ё  є  ╔  і  ї  ╗  ╘  ╙  ╚  ╛  ґ  ў  ╞  ╟  ╠  ╡  Ё  Є  ╣  І  Ї  ╦  ╧  ╨  ╩  ╪  Ґ  Ў  ©  ю  а  б  ц  д  е  ф  г  х  и  й  к  л  м  н  о  п  я  р  с  т  у  ж  в  ь  ы  з  ш  э  щ  ч  ъ  Ю  А  Б  Ц  Д  Е  Ф  Г  Х  И  Й  К  Л  М  Н  О  П  Я  Р  С  Т  У  Ж  В  Ь  Ы  З  Ш  Э  Щ  Ч  Ъ  ─  │  ┌  ┐  └  ┘  ├  ┤  ┬  ┴  ┼  ▀  ▄  █  ▌  ▐  ░  ▒  ▓  ⌠  ■  ∙  √  ≈  ≤  ≥     ⌡  °  ²  ·  ÷  ═  ║  ╒  ё  є  ╔  і  ї  ╗  ╘  ╙  ╚  ╛  ґ  ў  ╞  ╟  ╠  ╡  Ё  Є  ╣  І  Ї  ╦  ╧  ╨  ╩  ╪  Ґ  Ў  ©  ю  а  б  ц  д  е  ф  г  х  и  й  к  л  м  н  о  п  я  р  с  т  у  ж  в  ь  ы  з  ш  э  щ  ч  ъ  Ю  А  Б  Ц  Д  Е  Ф  Г  Х  И  Й  К  Л  М  Н  О  П  Я  Р  С  Т  У           Safe-Inferred<  
%  libjwt-typed░Represents a string consisting of only ASCII characters. 
   JWT encoding and decoding can safely skip conversion to/from UTF-8 for these values              Safe-Inferred<ф ы   П libjwt-typedП Raised when the JWT object uses a different algorithm in the header then the one we are trying to decode it with	 libjwt-typed=Raised when a required claim is not present in the JWT object libjwt-typedд Thrown when the token does not represent a decodable JWT object i.e.invalid UTF-8malformed JSON its signature cannot be verified┘Basically, this token cannot be accepted for further processing because either we cannot determine its authenticity or it is garbage. libjwt-typed┴The root of the decoding exceptions hierarchy.
   You can use it to catch all possible exceptions that may occur while decoding a token.  	
	
          None <н      ЖВЬЫЗШЭЩЧЪ─│┌┐└┘            Safe-Inferred <  i  ├┤┬┴┼▀▄█▌▐░▒▓            None<г н   Т libjwt-typed²Low-level representation of JSON tokenization. Tokens are an exact representation of the underlying JSON, ie no conversions or unescaping has been performed.The only exception is JsStr  which is already unquoted 
   (JsStrБ  value is the string between the first and last quotation marks of the corresponding JSON string).ф JSON objects are not parsed at all, but presented as one byte string (JsBlob). libjwt-typedWrapped pointer to jwt_t with managed lifetime libjwt-typedIO restricted to calling libjwt and jsmn ( !"#$%&'()*+,-./0123456789:;<=( !"/#%)'+,-02648:;$&*(.13759<=          None/9<>?ю ж в ы Л   QC libjwt-typedTypes that can be used as flags⌠ . That is, they support conversion to/from ASCII values,
   for example, simple sum types are good candidates that can even be generically derived▄data Scope = Login | Extended | UserRead | UserWrite | AccountRead | AccountWrite
 deriving stock (Show, Eq, Generic)

instance AFlag Scope
getFlagValue UserWriteASCII {getASCII = "userWrite"}/setFlagValue (ASCII "userWrite") :: Maybe ScopeJust UserWriteF libjwt-typed%Value that is encoded and decoded as  Cх Flags provide a way to automatically encode and decode simple sum types.нdata Scope = Login | Extended | UserRead | UserWrite | AccountRead | AccountWrite
 deriving stock (Show, Eq, Generic)

instance AFlag Scope

mkPayload = jwtPayload
    (withIssuer "myApp" <> withRecipient "https://myApp.com" █ <> setTtl 300)
    ( #user_name ->> "John Doe"
    , #is_root ->> False
    , #user_id ->> (12345 :: Int)
    , #scope ->> Flag Login
    )
 CDEFGHFGHCDE          Safe-Inferred<  	P libjwt-typed5Represents a string which is already in JSON format. /Can be used for cases such as integration with aeson╗data Account = MkAccount { account_name :: Text, account_id :: UUID }
  deriving stock (Show, Eq, Generic)

instance FromJSON Account
instance ToJSON Account

instance    Pа  Account where
  rep   = Json . encode
  unRep = decode . toJson
 PQRSTUPQRSTU           Safe-Inferred<  -чX libjwt-typed*Class of keys that can be used for signingZ libjwt-typed2Class of keys that can be used (only) for decoding\ libjwt-typedElliptic curve public key (PEM-encoded
) used in ECDSA algorithms for decodingҐecPub =
  let public = C8.pack $ unlines
        [ "-----BEGIN PUBLIC KEY-----"
        , "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEKZL0X84AvdnGZdsIdAS60OnvF3FN"
        , "lsrCnaXRoJUVdOYZldzb4po2uDXF5W58DS8C31fV+z+0lTG5RvuAqfkdbA=="
        , "-----END PUBLIC KEY-----"
        ]
  in  FromEcPub { ecPublicKey = public }_ libjwt-typed#Elliptic curves parameters used in ECDSA algorithms6According to RFC, the following curves are to be used:"alg" Param ValueDigital Signature AlgorithmES256ECDSA using P-256 and SHA-256ES384ECDSA using P-384 and SHA-384ES512ECDSA using P-521 and SHA-5123It is up to the user to use the appropriate curves.)The following names are used in OpenSSL: 
prime256v1, 	secp384r1 and 	secp521r1Curve parametrs should be PEM-encoded strings╒ecP256KeyPair =
  let private = C8.pack $ unlines
        [ "-----BEGIN EC PRIVATE KEY-----"
        , "MHcCAQEEINQ0e0KOa3EZSB5RTd2xBuO3O7NNFietDIWl+B+R38LuoAoGCCqGSM49"
        , "AwEHoUQDQgAEKZL0X84AvdnGZdsIdAS60OnvF3FNlsrCnaXRoJUVdOYZldzb4po2"
        , "uDXF5W58DS8C31fV+z+0lTG5RvuAqfkdbA=="
        , "-----END EC PRIVATE KEY-----"
        ]
      public = C8.pack $ unlines
        [ "-----BEGIN PUBLIC KEY-----"
        , "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEKZL0X84AvdnGZdsIdAS60OnvF3FN"
        , "lsrCnaXRoJUVdOYZldzb4po2uDXF5W58DS8C31fV+z+0lTG5RvuAqfkdbA=="
        , "-----END PUBLIC KEY-----"
        ]
  in  FromEcPem { ecPrivKey = private, ecPubKey = public }c libjwt-typedRSA public-key (PEM-encoded
) used in RSA algorithms for decoding▌
rsaPub =
  let public = C8.pack $ unlines
        [ "-----BEGIN PUBLIC KEY-----"
        , "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwCXp2P+qboao0tjUyU+D"
        , "3YI+sgBn8dkGaxOvPFLBFQMNkhbL0HEoRKNnQCubZNc0jXnMK5hCeGRnDS7lYclR"
        , "OXocRWUn5s2W3jP5xn7lM4otIpuE3FStthMCrPSEQiBCXE4cyKiHaZqmbqXlHAHV"
        , "EuGMM7oddiB6s3zjwf2h1v0SEiHf5ZFzTVarStablqh6wVDAiYyM+8aUM0x9p3Jc"
        , "aWW+eDk/UU3jCfCke7R3t2rbD1ZCj1cO08Uir3Lhf65TfU+iIrgLU3umV4B3gRcp"
        , "d8iz0ZTLaG8Qnm0GsPQjR3PTZYECxEnFaRgXcQLHYYMAW9YaX6T3rlTGZAaP5Ybo"
        , "xQIDAQAB"
        , "-----END PUBLIC KEY-----"
        ]
  in  FromRsaPub { rsaPublicKey = public }f libjwt-typedRSA key-pair used in RSA algorithmsAccording to RFC:
   е A key of size 2048 bits or larger MUST be used with these algorithms.0 
   - the user must ensure this property holds.3Both fields are assumed to be strings representing PEM-encoded keys╒
rsa2048KeyPair =
  let private = C8.pack $ unlines
        [ "-----BEGIN RSA PRIVATE KEY-----"
        , "MIIEpgIBAAKCAQEAwCXp2P+qboao0tjUyU+D3YI+sgBn8dkGaxOvPFLBFQMNkhbL"
        , "0HEoRKNnQCubZNc0jXnMK5hCeGRnDS7lYclROXocRWUn5s2W3jP5xn7lM4otIpuE"
        , "3FStthMCrPSEQiBCXE4cyKiHaZqmbqXlHAHVEuGMM7oddiB6s3zjwf2h1v0SEiHf"
        , "5ZFzTVarStablqh6wVDAiYyM+8aUM0x9p3JcaWW+eDk/UU3jCfCke7R3t2rbD1ZC"
        , "j1cO08Uir3Lhf65TfU+iIrgLU3umV4B3gRcpd8iz0ZTLaG8Qnm0GsPQjR3PTZYEC"
        , "xEnFaRgXcQLHYYMAW9YaX6T3rlTGZAaP5YboxQIDAQABAoIBAQCg/OMBsauc8Ovv"
        , "xEX76MglxeM7hgWQ5vFus05lrzwgm686EClxme1QHMv8QszuXzSjuEFs4SQH9K82"
        , "p2z+UgrgqkOXjNoykVvvDgMe4OCuHv4T+dMGO1hTrXfXawKI2Lhg1/1bzX+u5ii9"
        , "mfbsUUixihHKoQvgFfRX/7JfrV50XZ3diwzd8DoEaIgeAIdyhLhVuh2W7wXbOF+l"
        , "aZW7gqCVzTBhC04E/D6eqFqvnkQyHzZPgaaDi4oL7gP8nGpcswlqKSLO5eVkkEHY"
        , "C88nAwU4Q/+qcAf09ijmTLlo07xLrLC0cOf2yQTwLj6ZffzTJ7NSMaPrTdEXThsW"
        , "wAeB/GcBAoGBAOzLST9/zakFGBTkwiLqgNVgEBUoYjB0Z+Fpx4qBLzKZNQP1yNup"
        , "LhC/4pIVQM+ZjOS0Wx7Sh0FTLHFb018quPiAPsKMEC2CW5v7vKwC4zW72/v5UrIw"
        , "pcBzl67nsc53r5Lblol9PU4oCjDzuFMjMbg+EzD3kVp/gxC9bRMwK3zBAoGBAM+7"
        , "nOV80uteB1ZXazccj6g0ANd2AyJY6gHfxD1CopvRReYm36wmG00HQ3jHZPUcsLQp"
        , "dWvWplRFprZlce0jl7HcB/8g5wUkErMop3KK5cA886HxsATNSl6rYghZGALqxm/a"
        , "+v2AKoZThns8QRYL5bsBD4kTQLEIwp7j6sNbBrkFAoGBAL6fL8o0gkUsWqSHO1mM"
        , "WkZrXMcLiW/kZbPqyb3QHUSoXStg818RpInLTwO2pEP7IpcCMdBwPn3yDPb8qv4T"
        , "kHBMHTnUMznPlRvO3aXDdVFOd9sybMYRr31sEJG250aExwx8RYVNEssWJI4fxST4"
        , "UhA1uJFU2uh1efdB5srpnjiBAoGBALTDCPAZAmCVXcUgJMe8LrWrKuBSbL/Cpz4i"
        , "PV0hUuZL4Is5YIEoV7FblLbQq2UvJgRf3zGLgwjp4vvsooo74pB+auby9pReo3cK"
        , "9UqS2wHBCC/vY7+J9CEU+SVSgbZoHWzQHH/iux5QKEGsWOaaS7nCXoZlHnHusYwZ"
        , "v/tmhh8RAoGBAIi3Lbup0AVwougANLXwMLCfT8HxI8Hozdr+Pe0ibTnjfY+BPuy1"
        , "vSgozXao68TwW3u58PcdvfBnfg/7XCK6TXtij48JDu6qw0IiSRxOZ5Ed/GW2P031"
        , "7TfwnjBohjM2O6NRne8qe6Qv5xLagoVKQfa1WhQEFU2bTNLYA/2kv266"
        , "-----END RSA PRIVATE KEY-----"
        ]
      public = C8.pack $ unlines
        [ "-----BEGIN PUBLIC KEY-----"
        , "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwCXp2P+qboao0tjUyU+D"
        , "3YI+sgBn8dkGaxOvPFLBFQMNkhbL0HEoRKNnQCubZNc0jXnMK5hCeGRnDS7lYclR"
        , "OXocRWUn5s2W3jP5xn7lM4otIpuE3FStthMCrPSEQiBCXE4cyKiHaZqmbqXlHAHV"
        , "EuGMM7oddiB6s3zjwf2h1v0SEiHf5ZFzTVarStablqh6wVDAiYyM+8aUM0x9p3Jc"
        , "aWW+eDk/UU3jCfCke7R3t2rbD1ZCj1cO08Uir3Lhf65TfU+iIrgLU3umV4B3gRcp"
        , "d8iz0ZTLaG8Qnm0GsPQjR3PTZYECxEnFaRgXcQLHYYMAW9YaX6T3rlTGZAaP5Ybo"
        , "xQIDAQAB"
        , "-----END PUBLIC KEY-----"
        ]
  in  FromRsaPem { privKey = private, pubKey = public }j libjwt-typedSecret used in HMAC algorithms.According to RFC:
   ф A key of the same size as the hash output (for instance, 256 bits for HS256) or larger MUST be used (...)0 
   - the user must ensure this property holds.'A secret is just an octet sequence e.g.яhs512 =
 HS512
   "MjZkMDY2OWFiZmRjYTk5YjczZWFiZjYzMmRjMzU5NDYyMjMxODBjMTg3ZmY5OTZjM2NhM2NhN2Mx\
   \YzFiNDNlYjc4NTE1MjQxZGI0OWM1ZWI2ZDUyZmMzZDlhMmFiNjc5OWJlZTUxNjE2ZDRlYTNkYjU5\
   \Y2IwMDZhYWY1MjY1OTQgIC0K"
 XYZ[\]^_`abcdefghijkljklfghicde_`ab\]^XYZ[          Safe-Inferred<  /╩┌ libjwt-typed9Represents the number of seconds elapsed since 1970-01-01#Used in accordance with the RFC in  ,   and   claims┬ libjwt-typedConvert  ⌠( to a number of seconds since 1970-01-01┴ libjwt-typedAdd some seconds to the date┼ libjwt-typed#Subtract some seconds from the date▀ libjwt-typed'The number of seconds between two dates 
┌┐└┘├┤┬┴┼▀
┌┐└├┘┤┬┴┼▀           None 9>ю а б д я   4░ libjwt-typed4Types that can be converted from JSON representation0This typeclass will be used to decode a list of a6 values (or a list of tuples whose element is of type a)▒ libjwt-typedDecode from JSON token.▓ libjwt-typed:Types that can be converted to a valid JSON representation0This typeclass will be used to encode a list of t6 values (or a list of tuples whose element is of type t)⌠ libjwt-typedEncode as JSON.у Must generate a valid JSON value: take care of quoting, escaping, UTF-8 encoding etc.■ libjwt-typedConversion between a and b 3If an instance of this typeclass exists for a type bт , then JWT encoder and decoder can be derived for that type.
   This derived encoderdecoder will use the encoderdecoder of a4 and perform the convertions through this typeclass.∙ libjwt-typedConvert b to a√ libjwt-typedTry to convert a to b, returning Nothing
 if unable ░▒▓⌠■∙√■∙√▓⌠░▒   	       None/>ю а б и в ы   6тц libjwt-typedDefinition of claims encoding.Б The only use for the user is probably to write a function that is polymorphic in the payload type.д libjwt-typedPerform the encoding as impure actionе libjwt-typed,Low-level definition of JWT claims encoding.ф libjwt-typedGiven a pointer to jwt_tУ , mutate the structure it points to to encode the value as a named claim
   It relies on the functions exported from Libjwt.FFI.Jwt to perform an impure effect of encodingх libjwt-typedк Do not perform any action. It is used to encode things like empty lists or Nothing цдефгхгцдефх   
       None/<=>ю а б и в ы   9╗р libjwt-typedDefinition of claims decoding.А The only use for the user is probably to write a function that is polymorphic in the payload typeс libjwt-typed3Construct an action that decodes the value of type c, given a pointer to jwt_t. The action may fail.у libjwt-typed(Low-level definition of claims decoding.ж libjwt-typedGiven a pointer to jwt_t", try to decode the value of type tз libjwt-typedLift pure valueш libjwt-typedAction that returns  ■ if decoding has failedэ libjwt-typed ж through proxyщ libjwt-typedAction that throws  	 if decoding has failed рстужвьызшэщвьызужрсшщэт          None <  :┐Й libjwt-typedJWT header representationН libjwt-typed"typ" header parameterЯ libjwt-typed"alg" header parameter ЙКЛМНПОЯСРТУЖВЬЫЗШЯСРТУЖВЬЫЗШНПОЙКЛМ          None'(/2<и ж в   ?5┬ libjwt-typed.Cryptographic algorithm used to secure the JWT┴ libjwt-typed!HMAC SHA-256 (secret key must be at least 256 bits in size)┼ libjwt-typed!HMAC SHA-384 (secret key must be at least 384 bits in size)▀ libjwt-typed!HMAC SHA-512 (secret key must be at least 512 bits in size)▄ libjwt-typed)RSASSA-PKCS1-v1_5 SHA-256 (a key of size 2048 bits or larger" must be used with this algorithm)█ libjwt-typed)RSASSA-PKCS1-v1_5 SHA-384 (a key of size 2048 bits or larger# must be used with this algorithm) ▌ libjwt-typed)RSASSA-PKCS1-v1_5 SHA-512 (a key of size 2048 bits or larger" must be used with this algorithm)▐ libjwt-typed"ECDSA with P-256 curve and SHA-256░ libjwt-typed"ECDSA with P-384 curve and SHA-384▒ libjwt-typed"ECDSA with P-521 curve and SHA-512▓ libjwt-typedNone■ libjwt-typed1Get the header parameter "alg" from the algorithm	Algorithmalg	 ┴ С ┼ Т ▀ У ▄ Ж █ В ▌ Ь ▐ Ы ░ З ▒ Ш ├┤┬┴┼▀▄█▌▐░▒▓⌠■┬┴┼▀▄█▌▐░▒▓┤├■⌠           None&./9>?ю а б ф и ж в ы Х Л   Rн√ libjwt-typed,Class of types that can be constructed from PrivateClaims≈ libjwt-typedConvert from claims≤ libjwt-typed(Class of types that can be converted to  ║⌡ libjwt-typedConvert to claims° libjwt-typed"Looks up the type associated with name in the '[n1  ґ a, n2  ґ b, ...] pairs list. Gets stuck if name is not in ts<:kind! LookupClaimType "n1" '["n1" ->> Int, "n2" ->> String]:LookupClaimType "n1" '["n1" ->> Int, "n2" ->> String] :: *= Int² libjwt-typed)Constraint specifying when a claim named n( can be looked up in the list of claims nsSatisfied iff ns contains a claim named n and n is a type-level literal3:kind! CanGet "n1" '["n1" ->> Int, "n2" ->> String]:CanGet "n1" '["n1" ->> Int, "n2" ->> String] :: Constraint3= (GHC.TypeLits.KnownSymbol "n1", () :: Constraint)2:kind! CanGet "n" '["n1" ->> Int, "n2" ->> String]9CanGet "n" '["n1" ->> Int, "n2" ->> String] :: Constraint1= (GHC.TypeLits.KnownSymbol "n", (TypeError ...))÷ libjwt-typed)Constraint specifying when a claim named n$ can be added to the list of claims nsSatisfied iff:n is a type-level literal,in the names of ns claims there is no n (uniqueness),n) is not one of the restricted names (see  ·)5:kind! CanAdd "name" '["n1" ->> Int, "n2" ->> String]<CanAdd "name" '["n1" ->> Int, "n2" ->> String] :: Constraint5= (GHC.TypeLits.KnownSymbol "name", () :: Constraint,  () :: Constraint)3:kind! CanAdd "n1" '["n1" ->> Int, "n2" ->> String]:CanAdd "n1" '["n1" ->> Int, "n2" ->> String] :: Constraint3= (GHC.TypeLits.KnownSymbol "n1", () :: Constraint,  (TypeError ...))║ libjwt-typedContainer of named claims ts(, possibly prefixed with some namespace nsFor example PrivateClaims '["string"  ґ String, "int"  ґ Int] ' ╚к denotes a structure containing
   a String under the "string" key plus an int under the "int" key.
   There is no namespace, so the keys will not be prefixed by any prefix when serializing the structure╒ libjwt-typedKeeps the value of type a6 and the name (type-level) with which it is associatedє libjwt-typed+Type-level literal representing a namespaceCan be used with -XOverloadedLabelsЮ  
  (the limited label syntax makes this rarely possibble though, a more common use is to write Ns @"https:example.com")і libjwt-typed,Type-level literal representing a claim nameCan be used with -XOverloadedLabels╗ libjwt-typed	Class of  ╙ with known compile-time value╘ libjwt-typed&Convert namespace to a string (if any)╙ libjwt-typedKind of namespaces-These types represent a URL-like claim prefixґ libjwt-typed'A convenient alias.
   Let's you write 0'["claimName" ->> Int, "anotherName" ->> String]% to indicate a list of types of kind  ў,
   instead of 4'[Grant "claimName" Int, Grant "anotherName" String],ў libjwt-typedKind of claimsл A claim is made up of a type-level literal and a type (this is essentialy a type-level tuple (Symbol, *))╟ libjwt-typedу Extract values from the container in the order in which they appear in the claim list╠ libjwt-typed$Retrieve the string associated with  і╡ libjwt-typed
Associate name with a valueWith -XOverloadedLabels:t #someName ->> True2#someName ->> True :: ClaimWitness "someName" BoolЁ libjwt-typedEmpty claimsЄ libjwt-typedInsert the claim."The claim can be safely added iff:there is no claim of the same name in the container,3its name is not the name of any public claim (like iss or sub)*Otherwise it is a compile-time error (see  ÷ constraint)With -XOverloadedLabels,addClaim #string "Value of claim" nullClaims(#string ->> "Value of claim")With -XTypeApplications and -XDataKinds:addClaim (ClaimName @"string") "Value of claim" nullClaims(#string ->> "Value of claim")╣ libjwt-typed
Alias for  Є (binds to the right)With -XOverloadedLabels*#string ->> "Value of claim" .: nullClaims(#string ->> "Value of claim")І libjwt-typed(Look up the claim value associated with name.Й Value can be retrieved if proven to exists in the container.
   Otherwise it is a compile-time error (see  ² constraint)With -XOverloadedLabelsн getClaim #bool $ #string ->> "Value of claim" .: #bool ->> False .: nullClaimsFalseЇ libjwt-typed
Alias for  І (container goes first)With -XOverloadedLabelsх (#string ->> "Value of claim" .: #bool ->> False .: nullClaims) .! #boolFalse╦ libjwt-typed-Convert to private claims with some namespace╧ libjwt-typedSet namespace╨ libjwt-typedUnset namespace %√≈≤≥ ⌡°²·÷═║╒ёє╔ії╗╘╙╚╛ґў╞╟╠╡ЁЄ╣ІЇ╦╧╨%ў╞ґ╙╚╛╗╘ії╠є╔╒ё╡║═ЁЄ╣÷·ІЇ²°╟╦╧╨≤≥ ⌡√≈ґ6╟5╡6╣5         None<н   TьФ libjwt-typedjti (JWT ID) claimХ libjwt-typediat (Issued At) claimЙ libjwt-typednbf (Not Before) claimЛ libjwt-typedexp (Expiration Time) claimН libjwt-typedaud (Audience) claimП libjwt-typedsub (Subject) claimР libjwt-typediss (Issuer) claim ФГХИЙКЛМНОПЯРСРСПЯНОЛМЙКХИФГ          None%/2<>?ю и н в   _Ч° libjwt-typedJWT payload representation· libjwt-typediss (Issuer) claim÷ libjwt-typedsub (Subject) claim═ libjwt-typedaud (Audience) claim║ libjwt-typedexp (Expiration Time) claim╒ libjwt-typednbf (Not Before) claimё libjwt-typediat (Issued At) claimє libjwt-typedjti (JWT ID) claim╔ libjwt-typedprivate claimsі libjwt-typedк Create a payload from the builder and the value representing private claimsFor example:jwtPayload
  ( ї "myApp" <>  ╚ "https://myApp.com"  <>  Ё 300)
  ( #userName  ╡ "John Doe"
  , #isRoot  ╡ False
  , #userId  ╡ (12345 :: Int)
  )
0The resulting payload will be the equivalent of:╔{
  "aud": [
    "https://myApp.com"
  ],
  "exp": 1599499073,
  "iat": 1599498773,
  "isRoot": false,
  "iss": "myApp",
  "userId": 12345,
  "userName": "JohnDoe"
}г An identical payload can be constructed from the following record type:кdata MyClaims = MyClaims { userName :: String
                         , isRoot :: Bool
                         , userId :: Int
                         }
  deriving stock (Eq, Show, Generic)

instance  ≤ UserClaims

jwtPayload
  ( ї "myApp" <>  ╚ "https://myApp.com"  <>  ЁР  300)
  MyClaims { userName = "John Doe"
           , isRoot   = False
           , userId   = 12345
           }
If you want to assign a 	namespace$ to your private claims, you can do:5jwtPayload
    (withIssuer "myApp" <> withRecipient "https://myApp.com"  <> setTtl 300)
  $  ╦
      ( є @"https://myApp.com") б 
      MyClaims
        { userId    = 12345
        , userName  = JohnDoe'
        , isRoot    = False
        }
0The resulting payload will be the equivalent of:ш{
  "aud": [
    "https://myApp.com"
  ],
  "exp": 1599499073,
  "iat": 1599498773,
  "https://myApp.com/isRoot": false,
  "iss": "myApp",
  "https://myApp.com/userId": 12345,
  "https://myApp.com/userName": "JohnDoe"
}ї libjwt-typedSet iss claim╗ libjwt-typedSet iss claim╘ libjwt-typedSet sub claim╙ libjwt-typedSet sub claim╚ libjwt-typedAppend one item to aud claim╛ libjwt-typedAppend one item to aud claimґ libjwt-typedSet aud claimў libjwt-typedSet exp claim╞ libjwt-typedSet nbf claim╟ libjwt-typedSet nbf
 claim to  ⌠╠ libjwt-typedSet nbf
 claim to  ⌠ plus the argument╡ libjwt-typedSet iat
 claim to  ⌠Ё libjwt-typedSet iat
 claim to  ⌠ and exp
 claim to  ⌠ plus the argumentЄ libjwt-typedSet jti claim ⌡°²║·÷═╒ёє╔ії╗╘╙╚╛ґў╞╟╠╡ЁЄ°²║·÷═╒ёє╔ї╗╘╙╚╛ґЁў╞╟╠╡Є⌡і          None%<и н в Ю   l9© libjwt-typed!Reasons for rejecting a JWT tokenю libjwt-typedUser check failed а libjwt-typedexpы  check failed: the current time was after or equal to the expiration time (plus possible  г)б libjwt-typednbfо  check failed: the current time was before the not-before time (minus possible  г)ц libjwt-typedaudн  check failed: the application processing this claim did not identify itself ( х) with a value in the aud claimд libjwt-typediatя  check failed: the current time minus the time the JWT was issued (plus possible  г) was greater than expectedе libjwt-typed(User-defined parameters of an validationг libjwt-typed%extends the token validity period to [ ╒ - leeway,  ║
 + leeway) (also works for  ё checks such as  р)х libjwt-typed	used for  ═ checks: if  ═: claim is present, it must contain the value of this paramй libjwt-typed е with  г set to 0 and  х set to Nothingк libjwt-typed"Construct validation from functionл libjwt-typedValidation that is always validм libjwt-typed)Validation that always fails and signals reasonн libjwt-typedRun checks against the payload.The exact set of checks is:  defaultValidationRules <> v , where v  is passed to this function and defaultValidationRules is:check exp0 claim against the current time (minus possible  г),check nbf/ claim against the current time (plus possible  г),check aud claim against  хSee the docs of  © for a list of possible errors.о libjwt-typedCheck the property prop! of a payload with the predicate pIf p is False, then signal  ю claimп libjwt-typedCheck that iss is present and equal to issuer. If not, then signal  ю "iss"я libjwt-typedCheck that sub is present and equal to subject. If not, then signal  ю "sub"р libjwt-typedCheck that iat" (if present) is not further than maxAge from  ⌠ (minus possible  г). Otherwise signal  д.с libjwt-typedCheck that iat (if present) is after time. If false, signal  ю "iat".т libjwt-typedCheck that jti is present and equal to jwtId. If not, then signal  ю "jti"у libjwt-typedCheck that p a == True, where a is a value of private claim n. If not, signal  ю nExample: у not #is_root
	м  libjwt-typedreasonн  libjwt-typedleeway and appName libjwt-typedv libjwt-typedpayloadо  libjwt-typedclaim libjwt-typedp libjwt-typedpropп  libjwt-typedissuerя  libjwt-typedsubject р  libjwt-typedmaxAge с  libjwt-typedtimeт  libjwt-typedjwtIdу  libjwt-typedp libjwt-typedn╪ҐЎ©юабцдефгхийклмнопярстуефгхйниЎҐ╪кмлпярстуо©юабцд          None 2<?ы   |9щ libjwt-typed%Successfully validated value of type tъ libjwt-typedDecoded value of type tА libjwt-typed base64url-encoded value of type tБ libjwt-typed"octets of the UTF-8 representationЦ libjwt-typedJSON Web Token representationГ libjwt-typedс Compute the encoded JWT value with the JWS Signature in the manner defined for the 	algorithm.
    М of the JWT  Й is set to JWT
    Л of the JWT  Й- is set according to the algorithm used (see  ■)+Creates the serialized ouput, that is: 
   Ц 
   BASE64URL(UTF8(JWT Header)) || . || BASE64URL(JWT Payload) || . || BASE64URL(JWT Signature)
   Х libjwt-typedс Compute the encoded JWT value with the JWS Signature in the manner defined for the 	algorithm .
    М of the JWT  Й is set to typ
    Л of the JWT  Й- is set according to the algorithm used (see  ■)+Creates the serialized ouput, that is: 
   Ц 
   BASE64URL(UTF8(JWT Header)) || . || BASE64URL(JWT Payload) || . || BASE64URL(JWT Signature)
   И libjwt-typedSee  ЙЙ libjwt-typedЗ Parse the base64url-encoded representation to extract the serialized values for the components of the JWT.
   Verify that:	tokenк  is a valid UTF-8 encoded representation of a completely valid JSON object, input JWT signature matches the 	algorithm,the correct algorithm was used, all required fields are present.If steps 1-2 are unuccessful,  % will be thrown.
   If step 3 fails,  , will be thrown.
   If the last step fails,   will be thrown.К libjwt-typed░Accept or reject successfully decoded JWT value.
   In addition to the default rules mandated by the RFC, the application can add its own rules.The default rules are:check  ║ю  claim to see if the current time is before the expiration time,check  ╒х  claim to see if the current time is after or equal the not-before time,check  ═ю  claim if the application identifies itself with a value in the  ═ list (if present)You may allow a little  г! when checking time-based claims. ═ claim is checked against  х.Л libjwt-typedSee  ММ libjwt-typedjwtFromByteString =  К settings v <=<  Й algIn other words, it:Щ Parses the base64url-encoded representation to extract the serialized values for the components of the JWT.
   Verifies that:	tokenк  is a valid UTF-8 encoded representation of a completely valid JSON object,input JWT signature matches,the correct 	algorithm
 was used, all required fields are present.If steps 1-2 are unuccessful,  % will be thrown.
   If step 3 fails,  , will be thrown.
   If the last step fails,   will be thrown.>Once the token has been successfully decoded, it is validated.э In addition to the default rules mandated by the RFC, the application can add its own rules.The default rules are:check  ║ю  claim to see if the current time is before the expiration time,check  ╒х  claim to see if the current time is after or equal the not-before time,check  ═ю  claim if the application identifies itself with a value in the  ═ list (if present)You may allow a little  г! when checking time-based claims. ═ claim is checked against  х.Г  libjwt-typed	algorithm libjwt-typedJWT payloadХ  libjwt-typedtyp libjwt-typed	algorithm libjwt-typedJWT payloadЙ  libjwt-typed&algorithm used to verify the signature libjwt-typedtokenК  libjwt-typed г and  х libjwt-typedadditional validation rules libjwt-typeddecoded tokenМ  libjwt-typed г and  х libjwt-typedadditional validation rules  libjwt-typed&algorithm used to verify the signature libjwt-typed*base64url-encoded representation (a token)щчъЮАБЦДФЕГХИЙКЛМЦДФЕАБГХъЮИЙщчКЛМ     (c) 2020 Marcin RzeЗnickiMPL-2.0-Marcin RzeЗnicki <marcin.rzeznicki@gmail.com>  None   |М  Ў 	
CDEFGHXYZ[\]^_`abcdefghijkl┌┐└┘├┴црЙКЛМНПОЯШЗЫЬВЖУТСР┬▓▒░▐▌█▄▀┴┼√≈≤⌡≥ ≥ °²·÷═║╒ёє╔ії╗╘╙╚╛ґў╞╟╠╡ЁЄ╣ІЇ╦╧╨ФГХИЙКЛМНОПЯРС⌡°²╔єё╒═÷║·ії╗╘╙╚╛ґў╞╟╠╡ЁЄ╪©дцбюаефгхийопярстущчъЮАБЦДФЕГХИЙКЛМа щчъЮАБЦДФЕГХИЙКЛМ┬▓▒░▐▌█▄▀┴┼╪©дцбюаефгхийопярсту┌┐└┘├┴ CDEFGHцр          None #$/8<ж в ы Ф Л   ~Н      ∙                      !  !    "  #  #  $   %   &   '   (   )   *   +   ,  -  .  /  0  1  2  3  4  5  6   7   8   9   :   ;   <   =   >   ?   @   A   B   C   D   E   F   G   H   I   J   K   L   M   N   O   P   Q   R   S   T   U   V   W   X   Y  Z   [   \  ]  ]   ^   _   `   a   b   c   d   e  f  g   h   i   j   k   l   m  n   o  p   q  r  s   t  u  v   w   x  y  z   {  |  }   ~     ─  │   ┌   ┐   └   ┘   ├   ┤   ┬   ┴   ┼   ▀   ▄   █   ▌   ▐   ░   ▒   ▓   ⌠   ■   ∙   √   ≈  ≤  ≤   ≥       ⌡   °   ²   ·   ÷   ═   ║   ╒   ё   є  ╔   і  ї   ╗     ╘   ╙   ╚   ╛   ґ   ў   ╞   ╟   ╠   ╡   Ё   Є   ╣   І   Ї   ╦   ╧   ╨   ╩   ╪   Ґ   Ў   ©   ю   а   б   ц   д   е   ф   г   х   и   й   к   л   м   н   о   п   я   р   с   т   у   ж  	в  	 ь  	ы  	 з  	ш  	 э  	 щ  	 ч  	 ъ  	 Ю  	 А  	 Б  	 Ц  	 Д  	 Е  
Ф  
 Г  
Х  
И  
 Й  
К  
Л  
 М  
 Н  
 О  
 П  
 Я  
 Р  
 С  
 Т  
 У  
 Ж  
 В  
 Ь  
 Ы  
 З  
 Ш  
 Э  
 Щ  Ч  Ч   Ъ   ─  │  ┌  │  ┐  └  ┘  ├  ┤  ┬  ┴  ┼  ▀  ▄  █   ▌   ▐   ░   ▒   ▓   ⌠   ■   ∙   √   ≈  ≤  ≥     ⌡  °  ²  ·  ÷  ═  ║  ╒  ё  є   ╔   і   ї  ╗   ╘  ╙  ╚  ╛   ґ  ў  ╞  ╟  ╠  ╡  Ё  Є   ╣  І  І  Ї  Ї  ╦   ╧  ╨  ╩  ╪  Ґ  Ў  ©  ю   а   Ґ   б   ц   д   е   ф   г   х   и   й   к   л   м   н   о   п   я   р   с   т   у   ж   в   ь   ы   з   ш   э   щ   ч   ъ   Ю   А   Б   Ц   Д   Е   Ф   Г   Х   И   Й   К   Л   М   Н   О   П   Я   Р   С   Т  У  У              Ж  Ж  В  В  Ь  Ь   Ы   З   Ш   Э   Щ   Ч   Ъ   ─   │   ┌   ┐   └   ┘   ├   ┤   ┬   ┴   ┼   ▀   ▄   █   ▌   ▐   ░   ▒   ▓   ⌠   ■   ∙   √   ≈   ≤   ≥       ⌡   °   ²   ·   ÷  ═  ║  ╒   ё   є   ╔   і   ї   ╗   ╘   ╙   ╚   ╛   ґ   ў   ╞   ╟   ╠   ╡   Ё   Є   ╣   І   Ї   ╦   ╧   ╨   ╩   ╪   Ґ   Ў   ©   ю  а  б  ц  д  е  ф  г  х  и  й  к   л   м  н   о   п   я   р   с   т   у   ж   в   ь   ы   з   ш   э   щ   ч   ъ   Ю   А  Б   Ц  Д   Е  Ф   Г  Х  Х   И   Й   К   Л   М   Н   О   П   Я   Р   С   Т   У   Ж   В   Ь   Ы  З  Ш  Э  Щ   Ч   Ъ   ─   │   ┌   ┐   └   ┘   ├   ┤   ┬   ┴  ┼  ▀   ▄   █   ▌   ▐   ░   ▒   ▓   ⌠   ■   ∙   √ ≈≤ ≥  ⌡ °²libjwt-typed-0.2-inplaceLibjwt.ASCIILibjwt.ExceptionsLibjwt.FFI.JwtLibjwt.FlagLibjwt.JsonByteStringLibjwt.KeysLibjwt.NumericDateLibjwt.ClassesLibjwt.EncodingLibjwt.DecodingLibjwt.HeaderLibjwt.AlgorithmsLibjwt.PrivateClaimsLibjwt.RegisteredClaimsLibjwt.PayloadLibjwt.JwtValidation
Libjwt.JwtLibjwt.FFI.JsmnLibjwt.FFI.LibjwtJwtRepExpNbfIatMissingClaim
Web.LibjwtWeb.Libjwt.TutorialASCIIgetASCII	$fEqASCII
$fOrdASCII$fReadASCII$fShowASCIIAlgorithmMismatchMissingDecodeExceptionSomeDecodeException$fExceptionSomeDecodeException$fShowSomeDecodeException$fExceptionDecodeException$fExceptionMissingClaim$fExceptionAlgorithmMismatch$fShowAlgorithmMismatch$fShowMissingClaim$fShowDecodeException	JsonTokenJsStrJsNumJsTrueJsFalseJsNullJsArrayJsBlobJwtTJwtIOunsafePerformJwtIOmkJwtT	jwtDecodeaddGrantunsafeAddGrantaddGrantBoolunsafeAddGrantBooladdGrantInt64unsafeAddGrantInt64addGrantIntunsafeAddGrantIntaddGrantsFromJson	jwtSetAlg	addHeaderunsafeAddHeader	jwtEncodegetGrantunsafeGetGrantgetGrantBoolunsafeGetGrantBoolgetGrantInt64unsafeGetGrantInt64getGrantIntunsafeGetGrantIntgetGrantAsJsonunsafeGetGrantAsJson	jwtGetAlg	getHeaderunsafeGetHeaderunsafeMapTokenizedJsonArray$fFunctorJwtIO$fApplicativeJwtIO$fMonadJwtIO$fMonadThrowJwtIO$fMonadCatchJwtIOAFlaggetFlagValuesetFlagValueFlaggetFlag	$fGFlagM1
$fGFlagM10
$fGFlag:+:
$fGFlagM11$fAFlagFlag
$fShowFlag$fEqFlagJsonByteStringJsontoJsonjsonFromStricttoJsonStricttoJsonBuilder$fShowJsonByteString$fEqJsonByteString
SigningKeygetSigningKeyDecodingKeygetDecodingKeyEcPubKey	FromEcPubecPublicKey	EcKeyPair	FromEcPem	ecPrivKeyecPubKey	RsaPubKey
FromRsaPubrsaPublicKey
RsaKeyPair
FromRsaPemprivKeypubKeySecretMkSecretreveal$fIsStringSecret$fDecodingKey()$fDecodingKeyEcPubKey$fDecodingKeyEcKeyPair$fDecodingKeyRsaPubKey$fDecodingKeyRsaKeyPair$fDecodingKeySecret$fSigningKey()$fSigningKeyEcKeyPair$fSigningKeyRsaKeyPair$fSigningKeySecret$fShowEcPubKey$fEqEcPubKey$fShowEcKeyPair$fEqEcKeyPair$fShowRsaPubKey$fEqRsaPubKey$fShowRsaKeyPair$fEqRsaKeyPair$fShowSecret
$fEqSecretNumericDatesecondsSinceEpoch	fromPOSIXfromUTCtoPOSIXnowplusSecondsminusSecondsdiffSeconds$fShowNumericDate$fEqNumericDate$fOrdNumericDate$fBoundedNumericDate
JsonParser
jsonParserJsonBuilderjsonBuilderrepunRep$fJwtRepASCIIFlag$fJwtRep[]NonEmpty$fJwtRepByteStringText$fJwtRepASCIIDay$fJwtRepASCIILocalTime$fJwtRepASCIIZonedTime$fJwtRepASCIIUTCTime$fJwtRepByteStringUUID$fJwtRepByteStringASCII$fJwtRepByteString[]$fJsonBuilder(,)$fJsonBuilderMaybe$fJsonBuilder[]$fJsonBuilderJsonByteString$fJsonBuilderFlag$fJsonBuilderDay$fJsonBuilderZonedTime$fJsonBuilderLocalTime$fJsonBuilderUTCTime$fJsonBuilderUUID$fJsonBuilderText$fJsonBuilderASCII$fJsonBuilder[]0$fJsonBuilderNumericDate$fJsonBuilderInt$fJsonBuilderBool$fJsonBuilderByteString$fJsonParser(,)$fJsonParserMaybe$fJsonParser[]$fJsonParserJsonByteString$fJsonParserFlag$fJsonParserDay$fJsonParserZonedTime$fJsonParserLocalTime$fJsonParserUTCTime$fJsonParserUUID$fJsonParserNumericDate$fJsonParserText$fJsonParserASCII$fJsonParser[]0$fJsonParserInt$fJsonParserBool$fJsonParserByteStringEncodeencodeClaimEncoderencodeClaimEncodeResult
nullEncode$fClaimEncoder'Deriveda#$fClaimEncoder'NativeJsonByteString $fClaimEncoder'NativeNumericDate$fClaimEncoder'NativeInt$fClaimEncoder'NativeBool$fClaimEncoder'NativeByteString$fClaimEncoder'Spec[]$fClaimEncoder'SpecMaybe$fClaimEncoderaDecodedecode	DecodableClaimDecoderdecodeClaimDecodeResultResultgetOptionalhoistResult
getOrEmptydecodeClaimProxieddecodeClaimOrThrow$fClaimDecoder'Deriveda$fClaimDecoder'Native[]#$fClaimDecoder'NativeJsonByteString $fClaimDecoder'NativeNumericDate$fClaimDecoder'NativeInt$fClaimDecoder'NativeBool$fClaimDecoder'NativeByteString$fClaimDecodera$fFunctorDecodeResult$fApplicativeDecodeResult$fMonadDecodeResult$fAlternativeDecodeResultHeaderalgtypTypJWTAlgNoneHS256HS384HS512RS256RS384RS512ES256ES384ES512$fDecodeAlg$fDecodeTyp$fEncodeTyp$fDecodeHeader$fShowHeader
$fEqHeader	$fShowTyp$fEqTyp	$fShowAlg$fEqAlgEcKeyRsaKey	AlgorithmHMAC256HMAC384HMAC512RSA256RSA384RSA512ECDSA256ECDSA384ECDSA512AlgNonejwtAlgWithKeytoHeaderAlg$fShowAlgorithmFromPrivateClaimsfromPrivateClaimsToPrivateClaimsClaimsOutNstoPrivateClaimsLookupClaimTypeCanGetRestrictedNameCanAddEmptyPrivateClaimsClaimWitnesstestifyNs	ClaimNameKnownNamespacenamespaceValue	NamespaceNoNsSomeNs->>ClaimGrant:<claimNameVal
nullClaimsaddClaim.:getClaim.!withNssomeNsnoNs$fKnownNamespaceSomeNs$fKnownNamespaceNoNs$fIsLabelnameClaimName$fIsLabelnameNs$fEqPrivateClaims$fEncodePrivateClaims$fEqPrivateClaims0$fShowPrivateClaims$fDecodePrivateClaims$fEncodePrivateClaims0$fDefaultPrivateClaims$fDecodeAuxMononsnameb$fDecodeAuxReqnsnamea$fDecodeAuxOptnsnameb$fDecodePrivateClaims0$fShowLPrivateClaims$fShowLPrivateClaims0$fShowPrivateClaims0$fRecordToPrivateClaimsk:+:$fRecordToPrivateClaimskM1$fRecordToPrivateClaimskM10$fToPrivateClaimsPrivateClaims$fToPrivateClaims(,,,,,,)$fToPrivateClaims(,,,,,)$fToPrivateClaims(,,,,)$fToPrivateClaims(,,,)$fToPrivateClaims(,,)$fToPrivateClaims(,)$fToPrivateClaimsClaimWitness$fToPrivateClaims()$fRecordFromPrivateClaimsk:+:$fRecordFromPrivateClaimsk:*:$fRecordFromPrivateClaimskM1$fRecordFromPrivateClaimskM10$fFromPrivateClaims(,,,,,,)$fFromPrivateClaims(,,,,,)$fFromPrivateClaims(,,,,)$fFromPrivateClaims(,,,)$fFromPrivateClaims(,,)$fFromPrivateClaims(,)$fRecordToPrivateClaimsk:*:$fRecordFromPrivateClaimskM11$fRecordToPrivateClaimskM11JtiAudSubIss$fDefaultIss$fDecodeIss$fEncodeIss$fDefaultSub$fDecodeSub$fEncodeSub$fDecodeAud$fEncodeAud$fDefaultExp$fDecodeExp$fEncodeExp$fOrdExp$fDefaultNbf$fDecodeNbf$fEncodeNbf$fDefaultIat$fDecodeIat$fEncodeIat$fDefaultJti$fDecodeJti$fEncodeJti	$fShowJti$fEqJti	$fShowIat$fEqIat$fOrdIat	$fShowNbf$fEqNbf$fOrdNbf	$fShowExp$fEqExp	$fShowAud$fEqAud$fSemigroupAud$fMonoidAud	$fShowSub$fEqSub	$fShowIss$fEqIss
JwtBuilderPayload	ClaimsSetisssubaudexpnbfiatjtiprivateClaims
jwtPayload
withIssuerissuedBywithSubjectissuedTowithRecipientintendedForwithAudience	expiresAt	notBeforenotBeforeNownotUntil	issuedNowsetTtl	withJwtId$fDecodePayload$fEncodePayload$fDefaultPayload$fSemigroupJwtBuilder$fMonoidJwtBuilder$fEqPayload$fShowPayloadJwtValidationCheckValidValidationFailureInvalidClaimTokenExpiredTokenNotReadyWrongRecipientTokenTooOldValidationSettingsSettingsleewayappNameValidationNELdefaultValidationSettings
validationvalidinvalidrunValidationcheckcheckIssuercheckSubjectcheckAgecheckIssuedAfter
checkJwtId
checkClaim$fSemigroupValid$fMonoidJwtValidation$fSemigroupJwtValidation$fShowValid$fShowValidationFailure$fEqValidationFailure$fShowValidationSettings	ValidatedgetValidDecoded
getDecodedEncodedgetTokenJwtheaderpayloadsignsign'decodeStringdecodeByteStringvalidateJwtjwtFromStringjwtFromByteString$fShowValidated$fEqValidated$fShowDecoded$fEqDecoded$fShowEncoded$fEqEncoded$fEqJwt	$fShowJwt	JsmnTypeTJsmnTypeJsmnTokTTokenparentstartjsmnTypeendsizepeekType
peekParentjsmnUndefined
jsmnObject	jsmnArray
jsmnStringjsmnPrimitiveJwtAlgTJwtAlg
jwtAlgNonejwtAlgHs256jwtAlgHs384jwtAlgHs512jwtAlgRs256jwtAlgRs384jwtAlgRs512jwtAlgEs256jwtAlgEs384jwtAlgEs512
jwtAlgTermс monad-time-0.3.1.0-447158323cb4ffe24f076108fb68bc9a7faaa02c7929323ebacb3d5b9c7189b2Control.Monad.TimecurrentTimebaseGHC.Basemempty