switch to new tado authentication server

[elmi82]

tado is discontinuing the old OAuth2 endpoints at my.tado.com. Starting March 2019, authentication will require retrieving access and refresh tokens from auth.tado.com. The client public-api-preview can be used as is (with the same client secret) on the new endpoint.

The new authentication will also be a standard OAuth2 system, but will use JWT as a format for refresh tokens. So be aware that this will increase the size of the refresh tokens.

Additionally, the new endpoints implement refresh token rotation. A new refresh token is issued with every access token refresh response. The previous refresh token is invalidated.