Update TDS to work with OpenID and Tokens.

Acceptance Criteria:

Add API Token authorization support to the TDS (for forming SAML Auth-z requests to Gateway).
Allow request to include query parameter api token or request header.
Support error handling similar to OpenID requests.
Keep existing OpenID support for Auth-z requests to Gateway.