API route clash with existing buckets named public or sign

[inian]

User report

So there are three different ways to access objects now

/object/avatars/grumpy.jpg -> getObject -> needs auth header
/object/sign/avatars/grumpy.jpg -> getSignedObject -> needs token query param
/object/public/avatars/grumpy.jpg -> getPublicObject -> needs bucket to be public

We need a better way to disambiguate downloading from existing buckets named public or sign and getPublicObject and getSignedObject operations respectively.

[inian]

Options

Change getObject to start with /object/auth

• /object/authenticated/avatars/grumpy.jpg -> getObject -> needs auth header
• /object/sign/avatars/grumpy.jpg -> getSignedObject -> needs token query param
• /object/public/avatars/grumpy.jpg -> getPublicObject -> needs bucket to be public

Advantage is that is aligns more closely with /sign and /public in terms of URL structure. Bucket names can be anything.
Problem is everyone will need to upgrade their supabase-js library since this is a breaking change for someone using the getObject API.

Change /object/public/avatars/grumpy.jpg to a new route called /public-object/avatars/grumpy.jpg

Advantage is that there is no breaking change. Bucket can't be named as sign but I guess no one is doing that. Other disadvantage is that API looks messy compared to option 1 but I guess that's fine too.

I think option 2 will be the least messy and during the next breaking change, we move to option 1