Option to opt for requiresAccessToken to true while bulk export

[aditi25]

Problem I need to solve

While using bulk export, it is optional whether downloading the generated files requires a bearer access token, which is denoted by
requiresAccessToken key in the response as mentioned here: https://hl7.org/fhir/uv/bulkdata/export/index.html#response---complete-status

Aidbox currently directly returns pre-signed URLs (downloadable files) with no access token required on top of them. The ask is to return a URL that requires auth check and generate pre-signed URLs only when asked for a specific file

Solution I see

In the bulk export API response, instead of a downloadable link with (24hr validity in the case of AWS), where the link can be accessed by anyone with or without access, rather return a URL that is behind auth checks and download the file on a request with the token.

Alternatives I've considered, but they don't work

Additional context

[niquola]

We export only to S3 like buckets!

Value MAY be false for file servers that use access-control schemes other than OAuth 2.0, such as downloads from Amazon S3 bucket URLs or verifiable file servers within an organization's firewall.

We can have an option to not return signed urls and sepatate operation to sign it, i.e. you will be able to implement access control using this operation. As well we can store export info as custom resource and provide access/sign operation to it.