Remove basic auth information for openstreetmap.org

[taylor.smock]

As of June 1st, OpenStreetMap has disabled OAuth 1.0a and Basic Auth.

We need to do the following:

1. If the user is using basic auth AND the current API server is OSM.org, then we need to reset the osm-server.auth-method preference AND clear osm-server.username and osm-server.password.
   1. We were allowing users to continue using basic auth while it worked; it no longer does.
2. Show the user a message that they need to reauth (maybe just MOTD?)

[stoecker]

1) Can probably simply done in the old preferences cleanup section.
2) MOTD should be enough. They anyway will notice and reauth, if we tell them or not. Point 1 is more important.

[taylor.smock]

1. I've got a POC for that in the preferences cleanup section. I'm also ensuring that users won't accidentally re-enable basic auth on OSM.org in preferences.
2. I was mostly inclined towards just the MOTD since that means we don't have to wait for translators. I'm thinking it would be a good idea to put off this months release until I apply a patch for this ticket (hopefully today). I should have done this earlier; it isn't like this was a surprise.

[taylor.smock]

Disable basic auth for osm.org, remove username/password from preferences on startup, don't allow users to use basic auth with osm.org api

[stoecker]

Looks good to me.

[taylor.smock]

In 19095/josm:

Fix #23707: Remove basic auth for openstreetmap.org

This does the following:

• On startup, if the current API is set to the default OSM API url, osm-server.{auth-method|username|password} are set to null, clearing them

from the saved preferences.xml file.

• In preferences, if the OSM API is set to the default OSM API url, the basic auth radio button is disabled (if it is not currently selected or the current auth method). This is done since some users contribute to both OSM and some other project, which may still support basic authentication.