I think the auth hierarchy can be simplified as well as there is only one auth client...

Maybe even unite the clients and in case no token is passed it will fail for the APIs that require authentication?
It's a bit radical but world probably reduce a lot of code complexity that currently exists...

I've simplified the hierarchy, not sure I want to unite the clients though.

I hope that's not a breaking change? Will people need to refactor their calling code when they update?

It's a breaking change since we removed oauth1 and basic auth clients.
But I haven't changed any of the interfaces, so if someone is using this library as intended by using the factory and not doing any casting it should continue work as it did before.

Good. I'm fixing the tests to use oauth2.

I ended up unifying the clients code to a single class as the non auth class had some authentication in it which was odd anyway, so now everything sits in a single class now and the exposed methods are defined by the relevant interfaces.
I've also moved most of the doc comments to the non-auth interface and used inheridoc in the implementation.
It's good to go from my side, although there's probably a need to manually test some of the auth client stuff as I haven't tested it...

I'm not setup to run the auth tests. You're free to merge when you're ready.

Ok, I've used my OSM token to test a trace upload and then delete.
It worked as expected, I'm expecting other stuff to work as well, if they won't we can always fix what's needed.

Seems like the Nuget token has expired and I don't think I have the relevant credentials.
@xivk any chance you can take care of this?

I noticed that the nuget secret had been recently updated (thanks @xivk) so I triggered the build/publish job. Nuget.org shows 1.0.5 now.