[Distutils] Deprecating/Removing OpenID/Google login support for PyPI

[Barry Warsaw]

Donald Stufft wrote:
> 
> * Very few people actually are using OpenID or Google logins as it is. In one month we had ~15k logins using the web form, ~5k using basic auth, and 62 using Google and 7 using OpenID. This is a several orders of magnitude difference.
> * Regardless of how you log into PyPI (Password or Google/OpenID) you’re required to have a password added to your account to actually upload anything to PyPI. This negates much of the benefit of a federated authentication for PyPI as it stands.
> * Keeping these requires ongoing maintenance to deal with any changes in the specification or to update as Google deprecates/changes things.
> * Adding support for them to Warehouse requires additional work that could better be used elsewhere, where it would have a higher impact.

I'm one of those 7, but I really can't argue for you to keep supporting
it just for *me* :).  Have you considered allowing developers to use
their GitHub, GitLab, Bitbucket logins?  Those three probably cover a
large majority of package authors on PyPI.  I don't know how hard that
would be to support though.

-Barry