Refactor getTrustedModesForOrigin

You now need to call this library twice, once to get the trusted modes (passing it a fetcher callback, which is  also a bit of a muddled boundary), and then to determine access.
The two functions even have a chunk of identical  code at  the beginning, so this can definitely be improved with a refactor.