Support localhost/loopback URLs for local development
When baseUrl is a loopback address (localhost, 127.0.0.1, [::1]),
generate AT Protocol OAuth loopback client metadata:
- client_id: http://localhost?redirect_uri=...&scope=...
- redirect_uris: http://127.0.0.1:<port>/oauth/callback
This follows the AT Protocol OAuth spec for loopback clients, removing
the need for ngrok during local development.
Closes tijs/atproto-oauth#1