fix: log actual shop value in 'Authenticating admin request' (fixes #2916)

[github-actions]

Summary

• The info log at the start of authenticateAdmin was calling getShopFromRequest(request), which reads the shop query parameter from the URL.
• For token-exchange / session-token auth flows (the common embedded app path), shop is not a query parameter — it's embedded in the JWT. So the log always emitted null.
• Fix: move the logger.info('Authenticating admin request', ...) call to after getSessionTokenContext resolves, where shop has been extracted from the JWT payload.

Fixes #2916.

Root Cause

// Before — called BEFORE shop is extracted from the JWT:
logger.info('Authenticating admin request', {
  shop: getShopFromRequest(request),  // always null for token-exchange
});

const {payload, shop, ...} = await getSessionTokenContext(params, request);

// After — called AFTER shop is available:
const {payload, shop, ...} = await getSessionTokenContext(params, request);

logger.info('Authenticating admin request', {shop});  // actual shop value

Test plan

• Verify the info log now contains the shop domain rather than null in an embedded app using token-exchange auth.
• No changes to test infrastructure; existing auth tests continue to pass.

🤖 Generated with Claude Code