You're seeing just the callback verify, go back to Oasis.Token module for more information.
Link to this callback

verify(conn, token, opts)

View Source (optional)


verify(conn :: Plug.Conn.t(), token :: String.t(), opts()) ::
  {:ok, term()} | verify_error()

An optional callback function to decode the original data from the token, and verify its integrity.

If we use sign/2 to create a token, sign it, then provide it to a client application, the client will then use this token to authenticate requests for resources from the server, in this scenario, as a common use case, the Oasis.Plug.BearerAuth module uses verify/2 to finish the verification of the bearer token, so we do not need to implement this callback function in general.

But if we use encrypt/2 or other encryption methods to encode, encrypt, and sign data into a token and send to clients, we need to implement this callback function to custom the way to decrypt the token and verify its integrity.