From e2dc2a6b49d3387d6a9a418d23c28c1e9d516c31 Mon Sep 17 00:00:00 2001
From: Jitendra Adhikari <jiten.adhikary@gmail.com>
Date: Wed, 30 Sep 2020 07:46:09 +0700
Subject: [PATCH] feat: decode option without verify exp or sign

---
 src/JWT.php | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/JWT.php b/src/JWT.php
index efa533c..6a252a1 100644
--- a/src/JWT.php
+++ b/src/JWT.php
@@ -143,18 +143,23 @@ public function encode(array $payload, array $header = []): string
      * Decode JWT token and return original payload.
      *
      * @param string $token
+     * @param bool   $verify
      *
      * @throws JWTException
      *
      * @return array
      */
-    public function decode(string $token): array
+    public function decode(string $token, bool $verify = true): array
     {
         if (\substr_count($token, '.') < 2) {
             throw new JWTException('Invalid token: Incomplete segments', static::ERROR_TOKEN_INVALID);
         }
 
         $token = \explode('.', $token, 3);
+        if (!$verify) {
+            return (array) $this->urlSafeDecode($token[1]);
+        }
+
         $this->validateHeader((array) $this->urlSafeDecode($token[0]));
 
         // Validate signature.