fn token_error_response(e: Error) -> Response<Body>Expand description
RFC 6749 §5.2: map error to correct HTTP status and OAuth2 error code. Client-side errors (invalid grant, bad params) → 400 invalid_grant. Server-side errors → 500 server_error with sanitized message.