Techdocs needs to send Identity information to the backend when requesting documentation and static files

Techdocs plugin currently does not provide authentication information to the backend or has an API to which this information can be passed, when requesting Documentation and static files, such as images and CSS further requested by the Reader

Feature Suggestion

1. Modify the TechDocs API methods to optionally take in Authentication information
2. Techdocs fetches this info implicitly (from Identity or from OAuth2 API) before making this request.
3. Reader rewrites links to static resources (CSS, images) to include authentication information.

Possible Implementation

Modify TechDocs Implementation to request identity info during runtime and pass it along in all the methods in the request https://github.com/backstage/backstage/blob/master/plugins/techdocs/src/api.ts or in https://github.com/backstage/backstage/blob/master/plugins/techdocs/src/reader/components/TechDocsPage.tsx also in the docs links transformer possibly https://github.com/backstage/backstage/blob/master/plugins/techdocs/src/reader/transformers/rewriteDocLinks.ts

Context

Our Backstage application instance is hosted on a publicly accessible endpoint and any request the app makes , to the backend instance, needs to be secure. When the frontend makes CORS requests to the backend, it is not clear who is request these routes/information thus causing a security vulnerability.

In order to mitigate this, the TechDocs plugin should ideally provide the authentication/identity information so that the backend can authenticate the request and provide the requested resource.