Affine Refinement Types for Authentication and Authorization