const ALLOWED_JWT_ALGORITHMS: &[Algorithm];Expand description
Algorithms we accept for JWT signature verification.
Restricted to RSA-family algorithms because the only DecodingKey we build
is from RSA components (n, e). Pinning the algorithm to a server-side
allow-list also prevents the classic alg-confusion attack: a token with
alg: "none" (no signature) or alg: "HS256" forged using the RSA public
key as the HMAC secret cannot select a verification algorithm outside this
set.