Evolve API authentication to omit it on endpoints intended to be open

[GPortas]

Overview of the Feature Request

After #9293 refactor, it has become more visible that there are endpoints that, despite being intended to be open, triggers user authentication, when it is not required.

This behavior already existed before the Auth Filter refactor, but it is now more visible by having the @AuthRequired annotation. Before the refactor, credential filtering was executed via the AbstractApiBean.response(DataverseRequestHandler hdl) method, which was called from several endpoints, a method which in turn called the findUserOrDie method.

These methods no longer exist, since the logic is now moved to the Auth Filter, and the same endpoints which used those methods now they are wrapped by the Auth Filter.

The goal of this issue is to simplify authentication by omitting the auth filter on endpoints that do not require user authentication. This makes the API code more understandable for developers and improves performance by bypassing the auth filter when it's not needed.

Example endpoint: /api/info/version.

What kind of user is the feature intended for?
API User, developers

What inspired the request?
Slack discussion about confusion when seeing endpoint /api/info/version marked with AuthRequired

What existing behavior do you want changed?
API authentication

Any brand new behavior do you want to add to Dataverse?
No

Any open or closed issues related to this feature request?

• New filter-based design for the API authentication mechanisms #9293

[pdurbin]

If we implement this we should probably follow up on this thread where we explained that @AuthRequired is required: https://groups.google.com/g/dataverse-dev/c/JC_ZakBG_d8/m/uQHADVtBAQAJ

[cmbz]

2023/09/25: Added to 6.1 milestone as per conversation during prioritization meeting.

[pdurbin]

The conversation in Slack that lead to this issue: https://iqss.slack.com/archives/C010LA04BCG/p1678391881465749