Check SASL mechanism credential requirements

[lukediamond]

Connecting to a server which provided X-OAUTH2 and PLAIN as SASL mechanisms, X-OAUTH2 was selected despite no token being provided. Now multiple candidate sets of required credentials are tested per mechanism (such as username/password, username/saltedPassword, userKey/clientKey all matching for SCRAM-SHA-1).

All tests pass, including a two more for a separate X-OAUTH2 mechanism. X-OAUTH2 will now only be selected if a token credential is provided; password will no longer be used in its place.