Consider refactoring DataSourceAPI constructor

Do we need to provide the pseudonym service authentication config to DataSourceAPI, and construct the pseudonym service ourselves? Or should we just expect a pseudonym service ourselves, and leave the construction and authentication of it to the caller? See https://gitlab.science.ru.nl/nolai/upload-service/-/merge_requests/1#note_209063