handle auth request for unsigned updates on KDE
    
    When a package is unsigned, KDE will prompt for authentication.
    Let's handle this. But count it as a soft fail, because
    puiterwijk claims that Rawhide packages will be autosigned
    from next week, so this *should* not happen and would indicate
    an unsigned package in the repos. We make the KDE 'update
    complete' needle area smaller because the wider area includes
    some transparency and so will only match if the update applet
    is open; this area will match whether it's open (no auth case)
    or not open (auth case - the applet seems to disappear after
    you provide the password in the auth prompt).
    
    Pushing without review as the test is in production so I want
    to make sure it works correctly.
    
    (Also, hey, check out that array match for assert_screen and
    that match_has_tag! This is gonna make some things so much
    easier...thanks upstream)