Transmit the `token` only encrypted to the provider when making a booking

[adewes]

Currently we store the token value associated with a booking in the backend. Since this is meta-data that can be traced back to a given user we should not store it unencrypted in the backend. Currently we use this information to enable token re-activation for provider-canceled appointments, but in that case the provider could also decrypt the token and transmit it to the backend in the cancellation process.