Send authenticated /versions request (#3968)
* Send authenticated /versions request
Implements [MSC4026](https://github.com/matrix-org/matrix-spec-proposals/pull/4026).
I believe this probably is as simple as this: it will mean that the versions
response can obviously change after logging in, but since the client is
constructed again with an access token, this should just work (?)
A remaining question is whether this needs to be optional. Opening the PR
to prompt the discussion. Apps might not expect it, but it's just the same
auth that we're sending to other endpoints on the same server.
* Fix tests
* Clear /versions cache on access token set
