CRED-2146: Add PAT auth support to Python API client

[tausman]

Why

Add Personal Access Token (PAT) authentication support to the Python API client. PATs authenticate via an Authorization: Bearer <PAT> header. This is in addition to (not replacing) the existing API key + app key auth — both can be sent simultaneously.

Behavior

• Set DD_BEARER_TOKEN env var or pass access_token= to Configuration() to configure PAT auth
• When configured, the Authorization: Bearer <token> header is sent alongside any configured DD-API-KEY and DD-APPLICATION-KEY headers
• Auth methods are not mutually exclusive — all configured headers are sent, and the server uses whichever is valid
• Aligns with the bearerAuth security scheme now defined in the OpenAPI spec (x-env-name: DD_BEARER_TOKEN)

Summary of changes

• configuration.j2 / configuration.py: Uncommented the existing bearer auth handler in the template so the generator picks up bearerAuth from the OpenAPI spec automatically. Uses the standard access_token field. Added DD_BEARER_TOKEN env var loading.
• api_client.j2 / api_client.py: No special branching for bearer auth — all configured auth headers flow through the regular auth loop.
• tests/test_pat_auth.py: Unit tests covering configuration, auth settings, env var loading, and header behavior (all headers sent together, bearer-only, api-keys-only, endpoint without bearerAuth).

Test plan

• 10 unit tests pass (python -m pytest tests/test_pat_auth.py -v)
• Verified all three auth headers sent simultaneously when all credentials configured
• Verified bearer-only and api-key-only paths work independently
• Verified endpoints without bearerAuth in auth list don't send Authorization header
• No secrets in committed files

---

PR Stack

API Client Libraries

• Go: CRED-2147: Add PAT auth support to Go API client datadog-api-client-go#3764 — CRED-2147: Add PAT auth support to Go API client
• Python: CRED-2146: Add PAT auth support to Python API client #3243 — CRED-2146: Add PAT auth support to Python API client
• TypeScript: CRED-2148: Add PAT auth support to TypeScript API client datadog-api-client-typescript#3588 — CRED-2148: Add PAT auth support to TypeScript API client
• Java: CRED-2149: Add PAT auth support to Java API client datadog-api-client-java#3555 — CRED-2149: Add PAT auth support to Java API client
• Rust: CRED-2150: Add PAT auth support to Rust API client datadog-api-client-rust#1310 — CRED-2150: Add PAT auth support to Rust API client
• Ruby: CRED-2151: Add PAT auth support to Ruby API client datadog-api-client-ruby#3058 — CRED-2151: Add PAT auth support to Ruby API client

OpenAPI Spec Changes

• https://github.com/DataDog/datadog-api-spec/pull/5166 — Add bearerAuth to global default security for PAT support
• https://github.com/DataDog/datadog-api-spec/pull/5164 — Add PAT/SAT management API endpoints (CRED-2275)