Remove auth option and all authorisation headers

[Francesco-Lanciana]

Even Stripe hosted images/files are public, as such we never really need the auth header and therefore the auth option is redundant.

This removes any differences between stripe hosted images and external hosted images for now (external images may still require authorisation but at the moment we don't support this).

See #29 for related issue.

[Francesco-Lanciana]

@brxck @njosefbeck For some reason I am seeing that the images will all be pulled down successfully when there is no cache (both Stripe hosted and non Stripe hosted). However the second time around when the cache is primed the SKU image will fail. This isn't worse than what we currently have (it will fail every time at the moment) however it's obviously not great... Any chance either of you have an inkling as to why it fails when the cache exists?

[Francesco-Lanciana]

I now realise this is not actually correct. I've been doing a it more testing and it turns out the top level url field in the File object can be used to get back an image corresponding to the ID of the File object. You just have to provide your secret Stripe key as a Bearer Token in the Authorisation header - i.e. this image actually does require authentication with your Stripe credentials. However oddly enough the Urls contained in the links.data point to the same image yet don't require authentication to retrieve.

Why this is the case I have no clue (have asked Stripe support) however I need to add back in the authorisation header for this request. I still don't think we need the auth option though, we know in advance which files are hosted where.