Disallow basic and bearer token auth

[JoshMock]

Since serverless will only support API keys, this drops support for http_auth, basic_auth and bearer_auth parameters, and ensures users do not try to pass username/password in the ES host URL parameter.

[JoshMock]

As I opened this PR, I'm pausing to wonder if this is too restrictive. If a service is accessing Elasticsearch Serverless via some proxy between us and them, and that proxy expects basic auth or a Bearer token, this could prevent users from using this client to access Serverless. I believe @swallez mentioned this a while back in a meeting or on Slack, so would love his input here.

If this approach is too strict, a better way may be to just log a warning when users attempt basic auth.

[ezimuel]

I think we can even be more relaxed here and do not do anything. We don't know the usage scenarios of serverless and we can offer more alternative for the future.

[swallez]

@JoshMock indeed, we should keep things open. I expanded on this here https://github.com/elastic/clients-team/pull/633#pullrequestreview-1593968886