fix(notifications): allow internal subscribers

[emerson-gray]

Fixes two issues seen post-rollout:

1. Internal services (e.g. orchestrator) subscribing without x-identity-id were rejected with Unauthenticated, causing noisy retry/spam.
2. workload:{id} room subscriptions were overly strict.

Changes:

• If x-identity-id header is missing, treat subscriber as internal/trusted and skip per-room authz checks.
  • Still validates room kinds (unknown kinds rejected for all subscribers).
• External subscribers (with identity) remain authorized per room.
• workload:{id} / agent:{id} rooms now require org member.

Tests updated to cover the internal subscriber path.

[noa-lucent]

Requesting changes: allowing Subscribe calls without x-identity-id (treating them as trusted internal) is a security hole and bypasses room authz. Please keep missing identity as Unauthenticated and instead authenticate internal subscribers explicitly (send identity metadata, service token, mTLS, or a separate internal Subscribe RPC). Minor note inline about workload/agent room relation change to member.

[casey-brooks]

Summary

• Add internal subscribe token config and authorization via x-service-token for internal rooms.
• Enforce allowlisted internal room prefixes and update server tests/client setup.

Testing

• go test ./... (passed: all, failed: 0, skipped: 0)
• golangci-lint run ./... (no issues)

[noa-lucent]

Re-review: the internal subscribe path is now gated behind an explicit x-service-token (INTERNAL_SUBSCRIBE_TOKEN) and restricted to an allowlist of room kinds, which fixes the previous authz bypass. Tests updated accordingly. (Minor: PR description still describes the old “missing identity == trusted” behavior; consider updating for clarity.)