Add bearer token support for remote auth proxy

[jhrozek]

Previously, specifying --remote-auth-bearer-token without also setting --remote-auth or --remote-auth-client-id would silently ignore the bearer token. The authentication flow was never triggered.

Add shouldHandleOutgoingAuth() that also checks for bearer token configuration via flag, file, or environment variable. When a bearer token is configured, it is now used as Priority 1 in the authentication flow, before OAuth discovery.

This enables using a pre-obtained bearer token for token exchange without requiring a full OAuth configuration.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 65.61%. Comparing base (f16d0cc) to head (8123286).

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #3386   +/-   ##
=======================================
  Coverage   65.61%   65.61%           
=======================================
  Files         407      407           
  Lines       40246    40246           
=======================================
  Hits        26407    26407           
  Misses      11779    11779           
  Partials     2060     2060           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[yrobla]

fix looks good, but could you add some testing to avoid regressions and ensure this doesn't fail again?

[Derek2Tu]

@jhrozek what's the status of this issue?

[jhrozek]

@jhrozek what's the status of this issue?

this somehow fell off my radar @Derek2Tu but it's a really small issue that I just happened to run into in my testing. Are you aware of anyone needing the fix (because I assume if yes then they actually want something different fixed...)