pub fn extract_jwt_claims(token: &str) -> Option<JwtClaims>
Parse a JWT token and extract claims from the payload. Returns None if the token is not a valid JWT (e.g., it’s a static token).