I'm developing a library that wraps an external API. I'm unsure how to design the authentication portion. I'm not sure if there should be two independent classes, one unauthenticated, one authenticated. Or maybe some method on the unauthenticated API to authenticate. Are there maybe any examples of similar API wrappers I can look at?

I typically see Interceptors being used for this. I.e. one or more interceptors that can modify the outgoing request before it is sent (adding headers, authentication, etc), and optionally the same for processing the response, if needed. Each interceptor can decide whether it wants to modify a specific outgoing request (e.g. based on the url, etc). If I remember my design patterns correctly, this is called the Chain of Responsibility pattern.