feat: add multi-account round-robin rotation for ChatGPT OAuth

[chindris-mihai-alexandru]

Summary

• add a persisted multi-account pool at ~/.opencode/openai-codex-accounts.json and auto-merge newly logged-in OAuth accounts
• implement account selection strategies (round-robin default, sticky optional) with automatic rotation on 429/usage-limit responses
• refresh tokens per selected account, persist rotation state, and document new config/installer cleanup behavior

Validation

• npm test (232 passed)
• npm run typecheck
• npm run build
• smoke-tested local OpenCode config: opencode run "ping" --model=openai/gpt-5.2 --variant=medium -> pong

[chindris-mihai-alexandru]

Follow-up hardening pushed in b919faa:

• fixed refresh sync edge-case that could skip updating current auth after rotated refresh tokens
• prevented stale auth upserts from overwriting newer pooled credentials
• guarded request body JSON parsing to avoid pre-rotation crashes
• made account-pool persistence atomic (temp+rename) with restrictive file mode
• added fallback 429 response (with retry-after) when all pooled accounts are limited
• expanded account-pool tests for stale overwrite prevention and min retry-after behavior

Validation rerun after fixes:

• npm test (234 passed)
• npm run typecheck
• npm run build

[chindris-mihai-alexandru]

Additional hardening after exhaustive re-check + web best-practice review (commit 2ee8c78):

• parse both Retry-After: <delay-seconds> and Retry-After: <http-date> and cap extreme values
• use collision-safe temp filenames for atomic pool writes (pid + timestamp + randomUUID)
• make refresh flow resilient when provider omits refresh_token in refresh responses (fallback to existing refresh token)
• guard client.auth.set persistence path with warning-level error handling
• add tests for HTTP-date retry-after and refresh-token fallback behavior

Validation rerun:

• npm test (236 passed)
• npm run typecheck
• npm run build

Note: one explore-agent report returned hallucinated file paths outside this repo; ignored those and only acted on validated in-repo findings + authoritative references (MDN Retry-After semantics, OAuth refresh-token rotation guidance).