jwt - malicious input crashes service

[stephengaudet]

steps to reproduce:
1.send a request with an Authorization header that does not have whitespace between the string "Bearer" and the token

expected:
return a 401 and continue listening for new requests

actual:
return a 401 and shutdown

a malicious user could send this type of request repeatedly, thereby making the service unavailable

[stephengaudet]

I made a mistake in my analysis, the Signatory was restarted, but not because of this malicious input. System behaves as expected, closing issue.