in libs/@guardian/identity-auth/src/token.ts [834:846]
await verifyAccessTokenWithAtHash(
idToken.claims.at_hash,
accessToken.accessToken,
);
const accessTokenJWT = decodeToken(accessToken.accessToken);
// verify access token timestamps
verifyAccessTokenTimestamps(accessToken, accessTokenJWT.payload);
// if successful, memoize the token
memoizedVerifyTokens.set(idToken.claims.jti, true);
} catch (error) {