ErrSignatureInvalid from jwt-go lib should be handled by jwt parser

[icamys]

I'm playing around with jwt errors handling and I found out that there is a HS256-specific error in jwt-go library that is returned as inner error by the go-kit parser. I believe that this error should be handled by the parser and ErrTokenInvalid should be returned.

Any thoughts?

[peterbourgon]

I don't know enough about JWT to make an authoritative judgment. I'd be happy to review a PR.