[keyserver] Handle invalid CSAT in Tunnelbroker socket

Summary:
Similiar to D13956 but for keyserver

Depends on D13956

Test Plan: Mocked connection inintialization message to have invalid token. Upon receiving response, the metadata table was cleared. Closing connection caused a retry, on which login was performed and new metadata was created.

Reviewers: varun, kamil

Reviewed By: kamil

Subscribers: ashoat, tomek

Differential Revision: https://phab.comm.dev/D14030