//takes the jwt from the client's session storage:
func sessionTokenParse(r *http.Request) (token *jwt.Token, err error) {
	token, err = request.ParseFromRequestWithClaims(r, request.OAuth2Extractor, &AppClaims{}, func(token *jwt.Token) (interface{}, error) {
		// since we only use the one private key to sign the tokens,
		// we also only use its public counter part to verify
		return verifyKey, nil
	})

	return
}
func spotifySessionTokenParse(r *http.Request) (token *jwt.Token, err error) {
	token, err = request.ParseFromRequestWithClaims(r, request.OAuth2Extractor, &SpotifyAppClaims{}, func(token *jwt.Token) (interface{}, error) {
		// since we only use the one private key to sign the tokens,
		// we also only use its public counter part to verify
		return []byte(os.Getenv("SPOTIFY_STORAGE_CLIENT")), nil
	})

	return
}
// Get gets the signed JWT from the Authorization header. If the token is
// missing, expired, or the signature does not validate, returns an error.
func (m *JwtManager) Get(req *http.Request) (*jwt.Token, error) {
	extractor := MultiDecryptExtractor{
		m.key,
		[]request.Extractor{
			CookieExtractor{"DrAuthToken"},
			request.HeaderExtractor{"DR-AUTH-TOKEN"},
			request.ArgumentExtractor{"token"},
			request.AuthorizationHeaderExtractor,
		},
	}
	return request.ParseFromRequestWithClaims(req, extractor, &jwt.StandardClaims{}, m.getKey)
}
// only accessible with a valid token
func restrictedHandler(w http.ResponseWriter, r *http.Request) {
	// Get token from request
	token, err := request.ParseFromRequestWithClaims(r, request.OAuth2Extractor, &CustomClaimsExample{}, func(token *jwt.Token) (interface{}, error) {
		// since we only use the one private key to sign the tokens,
		// we also only use its public counter part to verify
		return verifyKey, nil
	})

	// If the token is missing or invalid, return error
	if err != nil {
		w.WriteHeader(http.StatusUnauthorized)
		fmt.Fprintln(w, "Invalid token:", err)
		return
	}

	// Token is valid
	fmt.Fprintln(w, "Welcome,", token.Claims.(*CustomClaimsExample).Name)
	return
}