Refactor our auth handling code to be cleaner

Breaks out the validation code from the auth context modification calls, makes decorators easier to define and adds testing for each individual piece. Will be the basis of better error messaging in the following change.

endpoints/v1/index.py

@@ -9,10 +9,11 @@ from flask import request, make_response, jsonify, session
 from data.interfaces.v1 import pre_oci_model as model
 from app import authentication, userevents, metric_queue
 from auth.auth_context import get_authenticated_user, get_validated_token, get_validated_oauth_token
-from auth.decorators import process_auth, generate_signed_token
+from auth.decorators import process_auth
 from auth.permissions import (ModifyRepositoryPermission, UserAdminPermission,
                               ReadRepositoryPermission, CreateRepositoryPermission,
                               repository_read_grant, repository_write_grant)
+from auth.signedgrant import generate_signed_token
 from util.http import abort
 from util.names import REPOSITORY_NAME_REGEX
 from endpoints.common import parse_repository_name

endpoints/web.py

@@ -14,8 +14,8 @@ from app import (app, billing as stripe, build_logs, avatar, signer, log_archive
                  get_app_url, instance_keys, user_analytics)
 from auth import scopes
 from auth.auth_context import get_authenticated_user
-from auth.decorators import (has_basic_auth, require_session_login, process_oauth,
-                             process_auth_or_cookie)
+from auth.basic import has_basic_auth
+from auth.decorators import require_session_login, process_oauth, process_auth_or_cookie
 from auth.permissions import (AdministerOrganizationPermission, ReadRepositoryPermission,
                               SuperUserPermission, AdministerRepositoryPermission,
                               ModifyRepositoryPermission, OrganizationMemberPermission)