fix(mcp): send custom headers regardless of OAuth settings

[edevil]

Previously, custom headers (e.g., Bearer tokens) were only sent when oauth was explicitly set to false. This caused a regression where configs like:

{ "type": "remote", "url": "...", "headers": { "Authorization": "Bearer ..." } }

would fail because headers weren't being sent on the initial request.

Now headers are always sent when provided, regardless of OAuth settings.