Related to https://github.com/spring-projects/spring-security/issues/7793#issuecomment-573863533
It'd be nice to have an exception dedicated to invalid bearer tokens, allowing DefaultAuthenticationEventPublisher to map that exception to an appropriate event.