[auth] Support new auth metadata endpoint from draft spec

[pcarleton]

The main change in this PR support for the protected resource metadata endpoint. Screenshots are below for a server with the endpoint and a server without it.

Some smaller changes related:

• Upgrade typescript sdk to v0.12.0
• Auth debugger tweaks
  • Got rid of the loading parameter in the auth debugger that wasn't useful
  • Started saving debugger state to SessionStorage so that the Quick Flow can persist state through redirecting to the Authorization server
    • this also allowed having the Quick Flow continue to completion post-redirect rather than waiting for user interaction
  • Added a new empty version of AuthDebuggerState to avoid having to update many places any time there's a new field
  • Added several fields to AuthDebuggerState to support the new metadata endpoint
  • got rid of defunct "nextStep" field in the Oauth state machine

Motivation and Context

This is to support the new auth step in the draft version of the spec.

How Has This Been Tested?

I added tests, and here are screenshots:

Breaking Changes

Non-breaking, if the endpoint isn't present, we'll fallback to the existing flow.

Types of changes

• [ ] Bug fix (non-breaking change which fixes an issue)
• [x] New feature (non-breaking change which adds functionality)
• [ ] Breaking change (fix or feature that would cause existing functionality to change)
• [ ] Documentation update

Checklist

• [x] I have read the MCP Documentation
• [x] My code follows the repository's style guidelines
• [x] New and existing tests pass locally
• [x] I have added appropriate error handling
• [x] I have added or updated documentation as needed

Additional context