Better logging for "invalid token" error
We currently just throw back "invalid token". While we shouldn't leak any more information to the user we should log more in that case.
Edited by Reiter, Christoph
We currently just throw back "invalid token". While we shouldn't leak any more information to the user we should log more in that case.