Extends users/token GET endpoint to support any auth mechanism for retrieving the token

[GPortas]

What this PR does / why we need it:

Changes users/token GET endpoint to support any auth mechanism for retrieving the token.

Previously, this endpoint only accepted an API token to retrieve its information. Now, it accepts any authentication mechanism and returns the associated API token information.

Which issue(s) this PR closes:

• Closes #10914

Special notes for your reviewer:

For private URL tokens, the endpoint returns Unauthorized. Before this change, it returned Not Found. I believe this behavior is correct since a private URL user is not considered an authenticated user and therefore cannot obtain an API token, but I think it's necessary to double-check this.

Suggestions on how to test this:

Visual inspection and call the API token endpoint with any available auth mechanism. We can test the endpoint using the session cookie authentication (we should enable the feature flag) by sending the associated cookie, and verify we obtain the API token if created.

curl --cookie "JSESSIONID=<cookie_value>" -X GET http://localhost:8080/api/users/token Does this PR introduce a user interface change? If mockups are available, please link/include them here:

No

Is there a release notes update needed for this change?:

I am not sure, but I have added them

Additional documentation:

None