feat(http): improve HTTPClient rate limiting behavior

[alentoghostflame]

Summary

A port of Nextcord's HTTP-Recore PR

DUE TO THIS BEING A PORT, I PROBABLY SCREWED SOMETHING UP!
The code in this PR was modeled after NC's HTTPClient, but I can see that there are some obvious differences between DS's and NC's HTTPClient code. While I have tried to keep the changes intact or otherwise adapt them, I'm sure there are more subtle (and major) differences that I missed. If you think that I may have clobbered something, I probably didn't notice the change and did clobber it. Please say something!

Massively reworks the core of HTTPClient, adding support for:

• Multiple authorization tokens/types, opening the way for OAuth2 (extensions?),
• Global rate limit per auth to keep within the (default 50) maximum requests per second,
• Proper rate limit bucket handling, allowing multiple requests in a single bucket to be ran simultaneously. Works nicely alongside asyncio.gather()!

Due to the major changes there are breaking changes, notably:

• Documentation and comments will likely need to be updated across the board,
• MaybeUnlock has been removed and replaced with a completely different implementation of RateLimit,
• HTTPClient.request() will no longer clobber some given headers, such as auth and user-agent ones,
• HTTPClient.token has been removed due to auth changes and Client._token has been added,
  • If necessary, HTTPClient._default_auth exists.
• Many of HTTPClient's attributes are gone with new and old ones being _'d,
• HTTPClient.static_login() no longer takes a token ("<token>") and instead takes an auth string. ("Bot <token>")

I'll finish fleshing out this PR summary well before I undraft it.

Checklist

• If code changes were made, then they have been tested
  • I have updated the documentation to reflect the changes
  • I have formatted the code properly by running pdm lint
  • I have type-checked the code by running pdm pyright
• This PR fixes an issue
• This PR adds something new (e.g. new method or parameters)
• This PR is a breaking change (e.g. methods or parameters removed/renamed)
• This PR is not a code change (e.g. documentation, README, ...)

[EmmmaTech]

This new method and all the other OAuth2 related changes should be dropped if this PR just focuses on rate limiting.

[EmmmaTech]

What are the differences between this and using loop.call_later?

[Enegg]

That pass is a smell, couldn't this be written as

if self.bucket is None:
    self.bucket = x_bucket
elif self.bucket != x_bucket:
    raise ...

?

[Enegg]

This class seems to reimplement what asyncio provides via primitives other than Event (Semaphore/Condition). See if you can utilize those in the implementation?

[alentoghostflame]

Didn't realize that you commented this, whoops. This is a rather old PR at this point, I would like NC to merge the PR on their end before updating it here.

While I need to look into Condition to see how useful it is here, Semaphores AFAIK are not meant/able to have their limit be dynamically changed. Ideally the limit wouldn't need to be changed after the rate limit info is discovered, but there seem to be some cases where Discord will change the rate limit on you. IIRC for example, the rate limit for deleting new messages is typically 5/5s, but deleting older ones can swap it to a 3/5s.

[Dysta]

Since we still support python <= 3.10, we can't use this hint or it will raise an error
self._token: Optional[str] would be more appropriate

[elenakrittik]

We actually can as long as there is a from __future__ import annotations at the top, but i agree, albeit for a different reason: it would look inconsistent with the rest of the codebase