Require explicitly setting access_token value.

Silently substituting the password field was nice, but for mechs
that can use either the password or an access token, it makes
things very difficult. This really only affects MSN clients since
Facebook clients should already be setting the api key.

sleekxmpp/features/feature_mechanisms/mechanisms.py

@@ -36,18 +36,17 @@ class feature_mechanisms(base_plugin):
             return 'starttls' in self.xmpp.features
 
         def basic_callback(mech, values):
+            creds = self.xmpp.credentials
             for value in values:
                 if value == 'username':
                     values['username'] = self.xmpp.boundjid.user
                 elif value == 'password':
-                    values['password'] = self.xmpp.credentials['password']
-                elif value == 'access_token':
-                    if 'access_token' in self.xmpp.credentials:
-                        values['access_token'] = self.xmpp.credentials['access_token']
-                    else:
-                        values['access_token'] = self.xmpp.credentials['password']
-                elif value in self.xmpp.credentials:
-                    values[value] = self.xmpp.credentials[value]
+                    values['password'] = creds['password']
+                elif value == 'email':
+                    jid = self.xmpp.boundjid.bare
+                    values['email'] = creds.get('email', jid)
+                elif value in creds:
+                    values[value] = creds[value]
             mech.fulfill(values)
 
         sasl_callback = self.config.get('sasl_callback', None)