feat: correct password app reset token call and handle missing users

Fixes for https://gitlab.developers.cam.ac.uk/uis/devops/iam/activate-account/api/-/issues/25

Now returns a 400 - validation error

{
    "crsid": "Password App was unable to find the user"
}

Or 503 - service unavailable - on any other failure

And doesn't retry if the password app couldn't find the user (aka raven db said it didn't exist to set the token on)

api/v1alpha/tests/test_reset_token.py

@@ -40,6 +40,23 @@ def failed_reset_token_response(requests_mock):
 def test_failed_reset_token(authenticated_api_client, url, failed_reset_token_response):
     response = authenticated_api_client.get(url)
 
-    assert response.status_code == status.HTTP_500_INTERNAL_SERVER_ERROR
+    assert response.status_code == status.HTTP_503_SERVICE_UNAVAILABLE
     # Initial call then PASSWORD_APP_RETRIES retries
     assert failed_reset_token_response.call_count == PASSWORD_APP_RETRIES + 1
+
+
+@pytest.fixture
+def missing_user_reset_token_response(requests_mock):
+    return requests_mock.get(
+        settings.PASSWORD_APP_RESET_TOKEN_URL, status_code=404, reason="User not found"
+    )
+
+
+def test_missing_user_reset_token(
+    authenticated_api_client, url, missing_user_reset_token_response
+):
+    response = authenticated_api_client.get(url)
+
+    assert response.status_code == status.HTTP_400_BAD_REQUEST
+    # Call once and not retried
+    assert missing_user_reset_token_response.call_count == 1