Module jwt_ops 

JWT claim extractors used by the audit and authorization paths.

Decodes a bearer token (with or without the Bearer prefix), tolerates both URL-safe and standard Base64 encodings, and returns named claims as String. All failures map to MantaError::JwtMalformed with a structured message; the HTTP layer maps that to a 401.

Functions

get_name

Extract the name claim from a JWT token.

get_preferred_username

Extract the preferred_username claim from a JWT token.