package jwt

import (
	"fmt"

	"github.com/golang-jwt/jwt/v5"
)

func Parse(
	tokenStr string,
	method jwt.SigningMethod,
	key any,
) (jwt.Claims, error) {
	t, err := jwt.Parse(tokenStr, func(tok *jwt.Token) (any, error) {
		if tok.Method.Alg() != method.Alg() {
			return nil, fmt.Errorf("unexpected signing method")
		}
		return key, nil
	})
	if err != nil {
		return nil, err
	}
	// check validity twice: invalid token may return nil error
	if !t.Valid {
		return nil, fmt.Errorf("invalid token")
	}
	return t.Claims, nil
}