Decode takes the string returned by `Encode` and decodes the token.

EncodeTokenRequest creates a string used to make a token request.

NewToken returns a signed jwt.

SignedStringToHeaderValue produces the value for the Authorization header.

VerifyTokenRequest confirms that `tokenRequest` matches the user ID and api secret.

AuthorizationType is a prefix for the signed JWT.

Expiration is offset from current time.