CLOUDFLARE: Integration tests should use API Token, not user/key (#557)

* providers/cloudflare: Support API tokens

Cloudflare API tokens are a new way to authenticate to Cloudflare API.
Unlike the Global API key, tokens can be given specific permissions to
only access parts of the API. See [1] for details.

[1] https://blog.cloudflare.com/api-tokens-general-availability/

This commit introduces a new credential for cloudflare called
`apitoken`, which is mutually exclusive with `apiuser` and `apikey`.

In order for DNSControl to work with this token, it should have the
right to read DNS zones and edit DNS records.

Closes #534

* CLOUDFLARE: Update integration tests for api token

integrationTest/providers.json

@@ -15,11 +15,15 @@
   "BIND": {
     "domain": "example.com"
   },
-  "CLOUDFLAREAPI": {
+  "CLOUDFLAREAPI_OLD": {
     "apikey": "$CF_KEY",
     "apiuser": "$CF_USER",
     "domain": "$CF_DOMAIN"
   },
+  "CLOUDFLAREAPI": {
+    "apitoken": "$CF_TOKEN",
+    "domain": "$CF_DOMAIN"
+  },
   "DIGITALOCEAN": {
     "token": "$DO_TOKEN",
     "domain": "$DO_DOMAIN"