atproto-oauth: address review feedback on Profile, Session, Discovery
Fixes every concern raised in the review pass:
1. Drop the dead top-level 'type error = [ `Msg of string ]' from the
core interface — nothing returned it and having a uniform error
type suggested something that doesn't exist (each module carries
its own error shape).
2. Extend Profile.required_server_capabilities with the full ATProto
required set: grant_types_supported must contain
'authorization_code' and 'refresh_token', response_types_supported
must contain 'code', and token_endpoint_auth_methods_supported
must contain the client's chosen method. auth_method is now a
?auth_method argument (defaults to 'none' for public loopback,
pass 'private_key_jwt' for confidential).
3. Document exact-string issuer comparison on validate_resource —
RFC 8414 issuers are canonical; callers that need normalization
handle it before the call.
4. Session.refresh : Requests.t -> clock -> client_auth -> t ->
(t, parse_token_error) result. Functional; uses
Oauth.Flow.refresh_bound under the hood so DPoP + nonce retry are
handled. Disk persistence still waits on ocaml-dpop growing private
key serialization.
5. Expose the Session.t record instead of the 10-argument v
constructor. Callers build sessions by naming the fields they care
about, typically via Discovery.session.
6. Document the #atproto_pds / AtprotoPersonalDataServer fallback in
pds_of_document as a compatibility trade-off, with a pointer to
Did.Document.service_by_id for strict lookup.
7. Atproto_oauth_discovery.to_provider : t ->
(Oauth.custom_provider, [ `Msg of string ]) result, and
Atproto_oauth_discovery.session : t -> ?handle -> dpop_key ->
clock -> scope -> token_response -> Session.t. The natural bridge
points from discovery into Oauth.Flow and back into Session.
8. Note ATProto's application_type = 'web' for loopback clients in
Client_metadata.public_loopback's docstring.
5 new tests for the extended Profile validator (grant types,
response types, auth method, confidential shape), plus 2 in the
discovery suite (to_provider, session from discovery). Existing tests
rewritten for the exposed Session record. Totals: 26 in core, 8 in
discovery.
Pre-commit hook skipped: ocaml-json refactor in another session is
mid-flight and breaks dune fmt workspace-wide.