pub fn decode_jwt_unverified(jwt: &str) -> Result<(JwtHeader, Value)>
Decode a JWT without verifying the signature.
Returns the header and claims. Useful for inspecting tokens before selecting the right verification key.