Struct Token 

pub struct Token { /* private fields */ }

A fully validated JWT token

This is the final result of the validation pipeline. By the time you receive a Token, all validation steps have completed successfully:

• Parsing: Header and payload have been parsed from Base64URL-encoded segments
• Issuer validation: The iss claim has been validated (or explicitly skipped for same-service tokens)
• Signature verification: The cryptographic signature has been verified against the provided key
• Claims validation: Time-based claims (exp, nbf, iat) have been validated, audience (aud) has been checked (if required), and any custom validation logic has been executed

The token is now fully trusted and safe to use. All claims can be accessed without additional validation checks.

Example

use jwtiny::*;

let header = "eyJ...";
let token = ParsedToken::from_string(header)?;

let validated = TokenValidator::new(token)
    .ensure_issuer(|iss| Ok(iss == "https://trusted.com"))
    .verify_signature(SignatureVerification::with_secret_hs256(b"secret"))
    .validate_token(ValidationConfig::default())
    .run()?;

println!("Subject: {:?}", validated.subject());
println!("Issuer: {:?}", validated.issuer());

Implementations

impl Token

pub fn header(&self) -> &TokenHeader

Get the token header

pub fn algorithm(&self) -> &AlgorithmId

Get the algorithm

pub fn claims(&self) -> &Claims

Get all claims

pub fn issuer(&self) -> Option<&str>

Get the issuer (iss claim)

pub fn subject(&self) -> Option<&str>

Get the subject (sub claim)

pub fn audience(&self) -> Option<&str>

Get the audience (aud claim)

pub fn expiration(&self) -> Option<i64>

Get the expiration time (exp claim) as Unix timestamp

pub fn not_before(&self) -> Option<i64>

Get the not-before time (nbf claim) as Unix timestamp

pub fn issued_at(&self) -> Option<i64>

Get the issued-at time (iat claim) as Unix timestamp

pub fn jwt_id(&self) -> Option<&str>

Get the JWT ID (jti claim)