Fix Auth for External Auth

[Xytronix]

Summary

Fixes authentication checks across update commands and the background update checker to support external auth stores. Adds OAuth token seeding from environment variables and CLI flags so the credential store works with externally-provided tokens.

This has been personally annoying me, they changed the priority of internal auth store with Update 3 to my knowledge.

Type of change

• Bug fix (non-breaking)
• New feature (non-breaking)
• Breaking change (requires documentation/migration)
• Chore / refactor
• Documentation only

Implementation details

• MixinUpdateCheckCommand, MixinUpdateDownloadCommand, MixinUpdateModule — redirects hasSessionToken checks to evaluate hasSessionToken || hasIdentityToken.
• MixinServerAuthManager — injects at TAIL of initializeCredentialStore to seed OAuth tokens from CLI flags (--oauth-access-token, --oauth-refresh-token, --oauth-access-expires) or environment variables (HYTALE_SERVER_OAUTH_ACCESS_TOKEN, HYTALE_SERVER_OAUTH_REFRESH_TOKEN, HYTALE_SERVER_OAUTH_ACCESS_EXPIRES). Also provides a session/identity token fallback for getOAuthAccessToken when no OAuth token is available.
• MixinOptions + RefixesOptions — registers OAuth CLI flags on Options.PARSER before parse via HEAD injection.

Checklist

• Code compiles successfully
• Pull request does not contain unrelated changes
• Changes follow this project's code style (Use spotlessApply when necessary)
• Changes are tested or will be tested after submission