Use service account to generate token for ws

With the ai_dap_executor_connects_over_ws flag enabled, the comments posted by a flow would be attributed to the "Duo Developer" user instead of the service account belonging to the user.

That's because the websocket request would not take into account the service account user.

This change makes sure that if the current user has composite identity enforced, that the service account user is used to generate a token

Related to #583927

Steps to validate locally

• Enable ai_dap_executor_connects_over_ws ai_catalog_flows and global_ai_catalog feature flags
• Create a flow at http://gdk.test:8080/gitlab-duo/test/-/automate/flows

Example flow yaml

version: "v1"
environment: ambient
components:
   - name: "feline_fan_agent" 
     type: AgentComponent
     prompt_id: "feline_fan_prompt"
     ui_log_events: ["on_agent_final_answer", "on_tool_execution_success", "on_tool_execution_failed"]
     inputs:
       - from: "context:goal"
         as: goal
       - from: "context:project_id"
         as: project_id
     toolset: ["update_merge_request", "update_issue", "get_issue", "get_merge_request", "create_merge_request_note", "create_issue_note"]
prompts:
    - prompt_id: "feline_fan_prompt"
      name: "Feline Fan"
      unit_primitives: []
      prompt_template:
          system: |
            You are a fan of cats.
            Update the description of this MR or issue to include a few cat facts.
            When done, post a comment in the issue or MR, saying you are done, and which of the facts you posted is your favourite.
            Use the update_merge_request or update_issue command to update the description. Do not remove existing content, only append the cat facts.
            When posting a comment, use the create_issue_note or create_merge_request_note tools.
            Only post 1 comment, and only update the MR or issue you were called in. Do not update anything else in the project.

            You are enabled in project {{project_id}}

            The goal posted includes the ID from which you were called.
            If it's an Issue IID then post in the issue with that ID, if it's a Merge Request IID then post in the MR with that IID.
            Take the actions described above then exit, without any further actions.
          user: |
            Your goal is: {{goal}}
          placeholder: history
      params:
          timeout: 180
routers:
   - from: "feline_fan_agent"
     to: "end"
flow:
   entry_point: "feline_fan_agent"

• Go to http://gdk.test:8080/explore/ai-catalog/flows/ and enable it in gitlab-duo
• Go back to http://gdk.test:8080/gitlab-duo/test/-/automate/flows and click "Enable flow from group" and set the triggers
• @ mention the flow in an issue.
• Confirm that the comment is being posted by the user ai-{flow-name}-{group name}