This allows clients to register an authentication middleware which will be
provided values in the context that it can use to make an authn/authz decision.
We support several methods of serving assets:
* Redirect to blobstore
- This requires the backend to support signed URLs.
We rely on the backend to support HTTP semantics, like supporting
Range headers.
* Serve-using-http.ServeContent
- This requires the backend to actually be providing a io.ReadSeeker.
net/http provides Range/If- conditional support.
* Serve-proxy
- This is the safest and most compatible method.
We don't support conditionals nor Range headers. This mode is unlikely
to be suitable for multimedia, like MP3s or video.