refactor(oauth): modernize oauth flow and fix localhost dev environment
- **Proxy (Via Client)**:
- Switched to same-tab OAuth flow using `window.location.assign` instead of popups.
- Updated `WebOAuthLauncher` to handle iframe contexts by redirecting the top-level window.
- Styled the OAuth callback page to match the landing page design.
- Configured Caddy to rewrite `/oauth/callback` to the HTML file.
- **Extension**:
- Updated local development configuration to allow direct authentication against the local PDS.
- Modified `landing/extension-callback.html` to act as a smart relay, handling both web-to-extension redirects and internal extension states safely.
- **Dev Environment**:
- Updated `scripts/start-via.sh` and `scripts/inject-oauth-plugin.ts` to use RFC-compliant `127.0.0.1` for OAuth redirects instead of `localhost`.
- Fixed port configurations for local OAuth callbacks.
- Added `server/tmp/` to .gitignore to exclude temporary binaries.
Closes Phase 4 of REFACTOR_PLAN.md
Amp-Thread-ID: https://ampcode.com/threads/T-bbd3f418-f13f-4732-b36d-e031ee405526
Co-authored-by: Amp <amp@ampcode.com>
This is a binary file and will not be displayed.