A TTL cache for a JWKS document, refetched on demand. Selects keys by kid; when a token's kid is unknown, every JWKS key is offered as a candidate.
Extract the audiences from a claims object: aud may be a string or an array of strings (RFC 7519 §4.1.3). Shared with introspection (RFC 7662 §2.2).
base64url-decode a JWS segment (no padding), returning the raw bytes.
Convert a JWK to a PEM SubjectPublicKeyInfo public key. Supports RSA (n/e) and EC P-256 (crv=P-256, x/y). Returns null for unsupported keys.
Whether a JWK may be used to verify signatures (RFC 7517 4.2/4.3): a key declaring use must declare use=="sig", and a key declaring key_ops must include "verify". Keys that declare neither are usable (the members are optional). Keys declaring an incompatible use/op are excluded as candidates.
Build a TokenValidator from cfg. The returned delegate verifies a bearer JWT and yields a TokenInfo (valid == false on any failure). Plug it into ResourceServerConfig.validator.
Parse a JWKS document ({"keys":[...]}) into JWKs. Tolerant of unknown fields and missing optional members.
Split a space-delimited scope string into individual scopes, dropping empty elements so an empty or all-whitespace claim yields no scopes (an empty string would otherwise split into a spurious single "" scope). Shared with introspection's scope parsing (RFC 7662 §2.2).
Extract granted scopes: OAuth uses a space-delimited scope string; some issuers use scp (string or array).
Whether a token's typ header is one of the accepted types. The match is case-insensitive and ignores an optional application/ media-type prefix on either side (RFC 7515 §4.1.9). An empty accepted disables the check; an absent (empty) typ matches nothing and is therefore rejected.
Validate the registered claims of an already-signature-verified payload.
Verify a JWS signature over signingInput for the given alg using the PEM public key. For ES256 the signature is the raw 64-byte R||S form (RFC 7518 §3.4), converted to DER before handing to OpenSSL.
Verify token against cfg at wall-clock time now (unix seconds), drawing JWKS keys from keys. Separated from clock/HTTP so tests can drive it deterministically.
A source of candidate verification keys. keysFor(kid) returns the PEM public keys to try for a token bearing the given kid (empty kid means the header had none).
A parsed JWK relevant to verification.
Configuration for jwtVerifier. Provide either a jwksUri (the verifier fetches and caches the issuer's JWKS, selecting the key by kid) or one or more staticPublicKeysPem (PEM SubjectPublicKeyInfo blobs pinned directly).
A ready-made JWT (RFC 7519) access-token verifier that plugs into ResourceServerConfig.validator, so MCP server authors don't have to hand-roll JWS signature verification, JWKS fetching, and claim checks. It is the D analogue of FastMCP's JWTVerifier.
The verifier checks the JWS signature (RS256 and ES256, RFC 7518), then the registered claims — exp/nbf with clock skew, iss, aud (the RFC 8707 resource) — and finally any required scopes, mapping a valid token to a TokenInfo with subject, scopes, and audience populated.