feat(api): add OAuth token fields and new provider types support

Add support for OAuth-based authentication with access/refresh tokens
and expiration tracking for API keys. Extend provider groups with
static headers configuration and headers profile options.

Changes include:
- Add AccessToken, RefreshToken, ExpiresAt, AccountID, ProjectID to APIKey model
- Add StaticHeaders and HeadersProfile to ProviderGroup model
- Add TokenRefresh configuration for background token management
- Support new provider types: ClaudeCode, Codex, GeminiCLI, Antigravity
- Update sync service to include new fields in provider snapshots

internal/api/provider_group_handler.go

@@ -42,6 +42,8 @@ func (h *Handler) CreateProviderGroup(c *gin.Context) {
 		BaseURL:        strings.TrimSpace(req.BaseURL),
 		GoogleProject:  strings.TrimSpace(req.GoogleProject),
 		GoogleLocation: strings.TrimSpace(req.GoogleLocation),
+		StaticHeaders:  strings.TrimSpace(req.StaticHeaders),
+		HeadersProfile: strings.TrimSpace(req.HeadersProfile),
 		Models:         strings.Join(req.Models, ","),
 		Status:         strings.TrimSpace(req.Status),
 	}
@@ -167,6 +169,12 @@ func (h *Handler) UpdateProviderGroup(c *gin.Context) {
 	if strings.TrimSpace(req.GoogleLocation) != "" {
 		next.GoogleLocation = strings.TrimSpace(req.GoogleLocation)
 	}
+	if strings.TrimSpace(req.StaticHeaders) != "" {
+		next.StaticHeaders = strings.TrimSpace(req.StaticHeaders)
+	}
+	if strings.TrimSpace(req.HeadersProfile) != "" {
+		next.HeadersProfile = strings.TrimSpace(req.HeadersProfile)
+	}
 	if req.Models != nil {
 		next.Models = strings.Join(req.Models, ",")
 	}
@@ -184,6 +192,8 @@ func (h *Handler) UpdateProviderGroup(c *gin.Context) {
 	group.BaseURL = normalized.BaseURL
 	group.GoogleProject = normalized.GoogleProject
 	group.GoogleLocation = normalized.GoogleLocation
+	group.StaticHeaders = normalized.StaticHeaders
+	group.HeadersProfile = normalized.HeadersProfile
 	group.Models = normalized.Models
 	group.Status = normalized.Status