v2.7.0 - Security and Compatibility

• Security Fix: Ensure received token is a bearer token.
• Compatibility flag to allow unsigned logout responses