From e2dc2a6b49d3387d6a9a418d23c28c1e9d516c31 Mon Sep 17 00:00:00 2001
From: Jitendra Adhikari <jiten.adhikary@gmail.com>
Date: Wed, 30 Sep 2020 07:46:09 +0700
Subject: [PATCH 1/2] feat: decode option without verify exp or sign

---
 src/JWT.php | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/JWT.php b/src/JWT.php
index efa533c..6a252a1 100644
--- a/src/JWT.php
+++ b/src/JWT.php
@@ -143,18 +143,23 @@ public function encode(array $payload, array $header = []): string
      * Decode JWT token and return original payload.
      *
      * @param string $token
+     * @param bool   $verify
      *
      * @throws JWTException
      *
      * @return array
      */
-    public function decode(string $token): array
+    public function decode(string $token, bool $verify = true): array
     {
         if (\substr_count($token, '.') < 2) {
             throw new JWTException('Invalid token: Incomplete segments', static::ERROR_TOKEN_INVALID);
         }
 
         $token = \explode('.', $token, 3);
+        if (!$verify) {
+            return (array) $this->urlSafeDecode($token[1]);
+        }
+
         $this->validateHeader((array) $this->urlSafeDecode($token[0]));
 
         // Validate signature.

From 3d8b0464fd0ef072918f9dd9411131e28004630b Mon Sep 17 00:00:00 2001
From: Jitendra Adhikari <jiten.adhikary@gmail.com>
Date: Wed, 30 Sep 2020 07:50:58 +0700
Subject: [PATCH 2/2] test: decode without verify

---
 tests/JWTTest.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/tests/JWTTest.php b/tests/JWTTest.php
index 9c15f28..e4a6b7f 100644
--- a/tests/JWTTest.php
+++ b/tests/JWTTest.php
@@ -116,6 +116,7 @@ public function test_kid()
         $token = $jwt->encode($payload = ['a' => 1, 'exp' => time() + 1000], ['kid' => 'key2']);
 
         $this->assertSame($payload, $jwt->decode($token));
+        $this->assertSame($payload, $jwt->decode($token, false));
 
         return $jwt;
     }