[Cosmos] Refactoring how the resource type and link are passed down to the auth policy

[analogrelay]

In working on some stuff related to "offers" and throughput, I noticed that the way we were inferring the resource "link" when generating the payload to be signed for key-based auth wasn't going to work for offers since they use a specific format of link. So, I decided to do some refactoring here to make it so the values for generating signatures are passed in to the policy (through the context) rather than inferred. The resource type was already being passed in, so I added a new type to represent the resource link (it'll need some special case stuff for offers, but this way that can be centralized there) and updated the authorization policy to use that value when generating the signature.

The value we put in the context is ResourceLink, which wraps up:

• The parent resource link
• The resource type
• The child item id, if any (a missing ID implies that the resource in question is a "feed")

The ResourceLink type also handles URL encoding to ensure that URL-unsafe characters are encoded before the URL and signature are generated. I've included APIs to allow you to build child feed/item links out of parent links.

[heaths]

Based on context it doesn't look like your builder-like struct is being publicly exported, but I'd still recommend following conventions for uniformity throughout the code base. If that is correct, I see nothing blocking.