[reports] Always create AuthorizationCredential directly
Summary:
Noticed this while testing D10931.
For authenticated endpoints this doesnt matter because they're always behind auth middleware.
But for optionally-authenticated endpoints, the request extensions isn't set by the middleware so it's always None.
Using AuthorizationCredential::from_request() also does the extensions check if possible so it's better to call it instead.
Test Plan: Test plan for D10931
Reviewers: michal
Reviewed By: michal
Subscribers: ashoat, tomek
Differential Revision: https://phab.comm.dev/D10932