Hello:
The three things you are asking for require no nginx modules. The first one is just a URL rewrite, the second one is an implementation of openssl, and the last one is not how you use JWT. It's supposed to be passed to the application or else it defeats the purpose.
This sounds like a homebrew of software licenses? If so, it's better to go the DRM route and find counsel for takedowns. That's the entire purpose of software licenses, not to protect the source, instead to fill up lawsuits. If you are in startup and only have a $250 budget for this, you are better off just opening it up and get your product out there to a user base. You have your server, so you have a gatekeeper there for your community.