Add support for private token authentication

Currently we cannot fetch assets using GitLab's Private-Token authentication, this patch aims to enable that.

One of the use-cases - using pre-compiled "packages" from UBT generic package registry for GitLab Omnibus builds. Another - security/dev mirrors where most (if not all) assets are auth protected.

Adds private_token argument to softare.source to be able to set up corresponding HTTP header upon file fetch.