When issuing or checking an Auth Token, the corresponding Token Secret is calculated as:
* token-secret: b64encode(HKDF(master-secret, salt=token-salt, info=auth-token, size=digest-length)) Note that the token-secret is base64-encoded for ease of transmission back to the client.