Add client secret expiry notification mechanism for OAuth and MSAAD

[Copilot]

This PR implements a comprehensive client secret expiry notification system for authaus's OAuth and MSAAD integrations to help prevent authentication outages due to expired client secrets.

Features Added

Configuration Support:

• Added ClientSecretExpiryDate field to both ConfigOAuthProvider and ConfigMSAAD structs
• Added configurable notification thresholds (SecretExpiryNotificationDays, default: 14 days)
• Added configurable check intervals (SecretExpiryCheckIntervalHours, default: 1 hour)
• Added callback function type ClientSecretExpiryNotificationFunc for custom notification handling

Automatic Monitoring:

• Background goroutines check secret expiry dates at configurable intervals
• Notifications trigger when secrets expire within the configured threshold
• Date-based calculations ensure accurate day counting
• Graceful handling when no callback or expiry date is configured

Configuration Example

{
  "OAuth": {
    "Providers": {
      "myProvider": {
        "Type": "msaad",
        "ClientID": "your-client-id",
        "ClientSecret": "your-secret",
        "ClientSecretExpiryDate": "2024-12-31T23:59:59Z",
        "LoginURL": "https://login.microsoftonline.com/tenant/oauth2/v2.0/authorize",
        "TokenURL": "https://login.microsoftonline.com/tenant/oauth2/v2.0/token"
      }
    },
    "SecretExpiryNotificationDays": 14,
    "SecretExpiryCheckIntervalHours": 1
  },
  "MSAAD": {
    "ClientID": "your-msaad-client-id", 
    "ClientSecret": "your-msaad-secret",
    "ClientSecretExpiryDate": "2024-12-31T23:59:59Z",
    "SecretExpiryNotificationDays": 14,
    "SecretExpiryCheckIntervalHours": 1
  }
}

Usage Example

// Define notification callback
notificationCallback := func(providerName string, daysUntilExpiry int, expiryDate time.Time) {
    fmt.Printf("WARNING: Provider '%s' client secret expires in %d days\n", 
        providerName, daysUntilExpiry)
    // Send email, log to monitoring system, create ticket, etc.
}

// Configure OAuth with callback
oauthConfig.SecretExpiryNotificationCallback = notificationCallback

Implementation Details

• Backward Compatible: Existing configurations continue to work without changes
• Minimal Changes: Uses existing patterns from the codebase (similar to token validation goroutines)
• Thread Safe: Proper goroutine management with graceful shutdown
• Comprehensive Testing: 8 test cases covering all scenarios including edge cases
• RFC3339 Date Format: Standard timestamp format for expiry dates

Testing

Added comprehensive test suite covering:

• OAuth provider expiry notifications
• MSAAD expiry notifications
• Multiple providers with different expiry dates
• Default threshold behavior (14 days)
• No notifications for non-expiring or already expired secrets
• Proper handling when callbacks aren't configured

All existing tests continue to pass, ensuring no breaking changes.

Fixes #78.

---

✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.

[Copilot]

@bosvos 👋 This repository doesn't have Copilot instructions. With Copilot instructions, I can understand the repository better, work faster and produce higher quality PRs.

I can generate a .github/copilot-instructions.md file for you automatically. Click here to open a pre-filled issue and assign it to me. I'll write the instructions, and then tag you for review.