Add "authenticated" property to LFS objects in Batch API response

Problem to solve

By default, Git LFS clients will attempt to authenticate requests for LFS objects, even when it's unnecessary or unwanted.

Further details

By default, Git LFS clients will attempt to authenticate requests for LFS objects and will include basic auth on the requests for the objects. When the LFS objects are stored in something like Amazon s3, then the request should already be authenticated by the query parameters in the URL that we provide to the client.

Proposal

We could add the "authenticated" property to objects returned by the Batch API. This will instruct the client to omit credential fetching and basic authentication for the objects.

{"objects": [{
  "oid": "SOMEOID",
  "size": 123,
  "authenticated": false,
  "actions": {
    "download": {
      "href": "https://download-this-object",
      "header": {
        "Custom-Token": "Basic ..."
      }
    }
  }
}

I'm not 100% certain whether this should be true or false. The merge request and documentation seem to conflict(at least in my mind). See Links section for more info.

What does success look like, and how can we measure that?

When this property is set, the Git LFS client should not prompt for credentials or attempt to include basic authentication in the request for the object.

Links / references

https://github.com/git-lfs/git-lfs/pull/1452

https://github.com/git-lfs/git-lfs/blob/master/docs/api/batch.md