Currently, the AuthorizationSession relies on a stored pointer of the AuthorizationManager for whenever it needs the AuthorizationManager. However, this is bad since a/ the pointer can go stale, and b/ the AuthorizationSession should only be accessed within an Operation, which means that we should have an operation context through which to get the AuthorizationManager.