We should review the STAC Authentication Extension Specification and discuss which specification portions should be implemented into the application.

At initial thought, this likely means advertising the auth techniques via auth:schemes (oauth2 for general auth, signedUrl for #12)