UNAUTHORIZED_CLIENT assumed on any failing assertion

When an assertion fails (for instance if a Facebook token were incorrect or the user had post-authorization deleted the application) the following code will automatically mark the request as an UNAUTHORIZED_CLIENT when INVALID_GRANT would be more accurate.

https://github.com/rocketmade/rockoauth/blob/master/lib/rockoauth/provider/exchange.rb#L191-L194
