🐛 [#4199] Delete authinfo from session after it's stored on submission

[stevenbal]

Closes #4199 partly Related PR: https://github.com/open-formulieren/open-forms-sdk/pull/688

Changes

• Delete authinfo from session after it's stored on submission
• Add explicit anonymous option to submission endpoint

TODO:

• [x] add test for anonymous attribute
• [ ] check where FORM_AUTH_SESSION_KEY is used
  • [ ] VerifyChangeAppointmentLinkView.custom_submission_modifications
  • [x] set_auth_attribute_on_session
  • [x] set_cosign_data_on_submission
  • [ ] is_authenticated_with_plugin / is_authenticated_with_an_allowed_plugin / meets_plugin_requirements
  • [ ] EHerkenningAuthentication.check_requirements
  • [ ] ResumeFormMixin: is_auth_data_correct / get_redirect_url
• [ ] expose function to remove auth info from session in service.py
• [ ] call this function at end of add_submission_to_session and other functions that rely on this attr (?)
• [ ] update branch in CI of token-exchange lib to see if it passes

Checklist

Check off the items that are completed or not relevant.

• Impact on features

  • [ ] Checked copying a form
  • [ ] Checked import/export of a form
  • [ ] Config checks in the configuration overview admin page
  • [ ] Problem detection in the admin email digest is handled

• Release management

  • [ ] I have labelled the PR as "needs-backport" accordingly

• I have updated the translations assets (you do NOT need to provide translations)

  • [ ] Ran ./bin/makemessages.sh
  • [ ] Ran ./bin/compilemessages_js.sh

• Commit hygiene

  • [ ] Commit messages refer to the relevant Github issue
  • [ ] Commit messages explain the "why" of change, not the how