Make auth headers available in the QDL runtime

[jjg-123]

There are very good arguments for giving the QDL runtime access to the authorization headers in the pre_ and post_auth phases. What should happen is a new variable called auth_headers. is now available. There is also an improvement to the header claim handler for QDL that allows for filtering headers by caput (head) or regex.

[bbockelm]

Does this solve the original issue though? There's no authorization phase for device flow in the current releases.

[jjg-123]

Available in 5.5, along with running the auth phase for the device flow.