Update to support Gandi Personal Access Tokens

[0xdade]

Gandi is now advocating strongly for Personal Access Tokens and it can be a little difficult to find the correct place to get an API Key. These new Personal Access Tokens allow considerably more granularity in control, meaning we can scope them down to individual resources and specific permissions.

The primary differences between the API Key and the Personal Access Token appear to be:

• Uses Authorization: Bearer <key> rather than Authorization: ApiKey <key>
• Personal Access Token looks like a 40-character hex-string, whereas ApiKey is a 24 character [a-zA-Z0-9] string

This means that it could be possible to support both of these dynamically based on the shape of the supplied key and alter the Authorization: header accordingly.

Alternatively, you could store the "type" of key in the same Secret as the key itself.

[bwolf]

Sounds good. A PR would be welcome either here or (better) at the future maintainer of the package.