feat(auth): implement OAuth 2.0 authorization code flow and dynamic client registration

- Add OAuth 2.0 support with authorization code flow and dynamic client registration.
- Introduce new handlers for OAuth metadata, client registration, authorization, and token issuance.
- Enhance authentication middleware to support OAuth client credentials.
- Create in-memory stores for authorization codes and tokens.
- Update configuration to include OAuth client details.
- Ensure validation checks for OAuth clients in the configuration.

internal/config/loader_test.go

@@ -18,6 +18,18 @@ func TestResolvePathPrecedence(t *testing.T) {
 	}
 }
 
+func TestResolvePathIgnoresBareYAMLExtension(t *testing.T) {
+	t.Setenv("AMCS_CONFIG", "/tmp/from-env.yaml")
+
+	if got := ResolvePath(".yaml"); got != "/tmp/from-env.yaml" {
+		t.Fatalf("ResolvePath(.yaml) = %q, want %q", got, "/tmp/from-env.yaml")
+	}
+
+	if got := ResolvePath(".yml"); got != "/tmp/from-env.yaml" {
+		t.Fatalf("ResolvePath(.yml) = %q, want %q", got, "/tmp/from-env.yaml")
+	}
+}
+
 func TestLoadAppliesEnvOverrides(t *testing.T) {
 	configPath := filepath.Join(t.TempDir(), "test.yaml")
 	if err := os.WriteFile(configPath, []byte(`