Verifies the signature of the jwt and extracts its payload
the payload of the JWT if signature is valid, otherwise raises InvalidJwt
the JWT to validate