Log invalid Slack bearer token #21
Description
We currently warn! on a missing or invalid Heroku secret. We don't do the same thing for Slack bearer tokens, probably because it's implemented in a more shorthand way via ValidateRequestHeaderLayer. We should be logging this because in this type of application any such occurrences are likely to be due to a bug or bad configuration somewhere.
There may be a wider question here about our lack of logging on invalid requests aside from the resultant status code. The client tends to get more information in the body at least.