The entire ZKAPAuthorizer client resource hierarchy is now protected by this
token, ensuring any callers at least have local filesystem access to the
Tahoe-LAFS node.