Enable TNU to use Azure auth for DRS operations

[mbaumann-broad]

Objective

Support TNU DRS operations when TNU is running in a Terra Azure IA Cloud Environment.
When running in a Terra Azure IA Cloud Environment, TNU must get/use an Azure access token (via the DefaultAzureCredential) when communicating with Terra backend services (i.e., martha/terra-drs-hub, rawls).
Support for all TNU operations when running on GCS must continue to work as it has.

Scope

• This specific change is limited to the TNU DRS functionality, which is needed very soon for a Terra Azure milestone.
• This change does not address other TNU functionality, such as table, workflows, etc. The implementation of these for Terra Azure may be substantially different than the current implementation for Terra GCS and is therefore out of scope.

Background

Terra backend services now accept three types of bearer tokens:

• Google access token (as before).
• Azure access token.
• Microsoft B2C access token.

The proposed algorithm to successfully obtain an appropriate access token for use with Terra backend services is:

1. Identify the context in which TNU is running. Proposed values include:
   • Terra Azure
   • Terra GCS
   • Unknown (some other context, such as on a local system)
     2. Get an access token based on the execution context 2.1. if the execution context is Terra Azure, get an Azure access token. 2.2. if the execution context is Terra GCS, get a Google access token (as before). 2.3. if the execution context is unknown, try getting a GCS access token, if that fails try getting an Azure token, if that fails, then exit with an error.

Acceptance Criteria

• All TNU DRS operations work successfully in Terra Azure IA Cloud Environments (especially Jupyter CEs)
• The TNU CI/CD test environment is enhanced to represent Terra Azure Cloud Environments.
• All TNU operations on Terra GCS Cloud Environments continue to work as before this change.
• A TNU version with these changes is released and available in PyPi.