fix: complete OAuth config extraction in API responses (fixes #155)

[Dumbris]

Problem

PR #156 attempted to fix OAuth detection in auth status but had an incomplete implementation. While it added the OAuth field to contracts.Server and implemented extraction in ConvertServerConfig(), it missed adding OAuth extraction to ConvertGenericServersToTyped() - the function actually used by the HTTP API.

This caused auth status to still report "No servers with OAuth configuration found" even when servers had "oauth": {} in their config.

Root Cause

The HTTP API endpoint /api/v1/servers uses ConvertGenericServersToTyped() to serialize server data. This function extracted all server fields (name, url, env, headers, timestamps, isolation config) except OAuth configuration, causing it to be silently dropped from API responses.

Changes

Core Fix

• Added OAuth config extraction in ConvertGenericServersToTyped() (converters.go:238-269)
• Extracts all OAuth fields: auth_url, token_url, client_id, scopes, extra_params, redirect_port
• Handles nested maps for scopes ([]interface{}) and extra_params (map[string]interface{})

Testing

• Added converters_test.go with 3 comprehensive test cases:
  • Full OAuth config with all fields including extra_params
  • Empty OAuth config creates non-nil OAuth struct
  • No OAuth field leaves OAuth as nil

Verification

Before Fix

$ mcpproxy auth status
ℹ️  No servers with OAuth configuration found.
   Configure OAuth in mcp_config.json to enable authentication.

After Fix

$ mcpproxy auth status

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
🔐 OAuth Authentication Status
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

Server: sentry
  Status: ❌ Authentication Failed
  Error: failed to connect: all authentication strategies failed, last error: 
         OAuth authorization required - deferred for background processing

API Response

$ mcpproxy upstream list --output json | jq '.[] | select(.name == "sentry") | {name, oauth}'
{
  "name": "sentry",
  "oauth": {
    "auth_url": "",
    "token_url": "",
    "client_id": ""
  }
}

Testing

# All tests pass
$ go test ./internal/contracts -v
=== RUN   TestConvertGenericServersToTyped_OAuth
--- PASS: TestConvertGenericServersToTyped_OAuth (0.00s)
=== RUN   TestConvertGenericServersToTyped_EmptyOAuth
--- PASS: TestConvertGenericServersToTyped_EmptyOAuth (0.00s)
=== RUN   TestConvertGenericServersToTyped_NoOAuth
--- PASS: TestConvertGenericServersToTyped_NoOAuth (0.00s)
PASS
ok      mcpproxy-go/internal/contracts  0.146s

Impact

This completes the OAuth visibility work started in PR #156, enabling:

• ✅ auth status correctly detects OAuth-configured servers
• ✅ API responses include OAuth configuration details
• ✅ Users can diagnose OAuth authentication failures
• ✅ Foundation for implementing extra_params support (Phase 1+ of Autodetect OAuth without explicit oauth settings #155)

Related

• Closes Autodetect OAuth without explicit oauth settings #155 (OAuth auto-detection)
• Fixes regression from Improve OAuth diagnostics and error visibility #156 (incomplete OAuth extraction)
• Prepares for OAuth extra_params implementation (docs/plans/2025-11-27-oauth-extra-params.md)

---

Note: This PR focuses solely on fixing the OAuth config extraction bug. The full extra_params implementation (allowing custom OAuth parameters like RFC 8707 resource) is tracked separately and will follow the plan in docs/plans/2025-11-27-oauth-extra-params.md.