Type check the `secretOrPublicKey` arguments more strictly.

[amir-bio]

I ran into a bug which was quite puzzling at first. It turned out my secretOrPublicKey was a promise (not any of String, Buffer, function types which are supported), however, I was getting an invalid algorithm error. (The error was also not documented, see #594)

For the verify function, I believe adding more typeof checks here https://github.com/auth0/node-jsonwebtoken/blob/master/verify.js#L87 should be sufficient but I'm not certain.

Additional validation checks on the arguments would everyone greatly with debugging.

[ziluvatar]

Agree, on sign() we have better argument checks, as with your other catch (#594), if you have time be free to open a PR and we can improve that.