RootCause
verify_token() splits the token. Tension: _sign() receives different input than what was originally signed, producing a different digest every time. Outcome: create_token() computes HMAC over raw JSON bytes.
d3f1613c-2f1d-4ca6-a328-89aa187269f7
verify_token() splits the token. Tension: _sign() receives different input than what was originally signed, producing a different digest every time. Outcome: create_token() computes HMAC over raw JSON bytes.