[KEYCLOAK-9786] Secure token and logout endpoint

* now token validity is checked to reach those endpoints, even though a valid cookie is presented
* previous BadRequest responses on malformed tokens now yield Unauthorized

Signed-off-by: Frederic BIDON <frederic@oneconcern.com>