feat: implement inbound auth

[aidandaly24]

Description

Add CUSTOM_JWT inbound authentication support for gateways. When creating a gateway with CUSTOM_JWT authorizer, the CLI now collects the full JWT configuration including allowed scopes and
agent OAuth credentials, auto-creates a managed OAuth credential for the agent, and wires Bearer token authentication into all agent framework templates.

Gateway wizard extension: The CUSTOM_JWT configuration flow now collects:

• OIDC discovery URL
• Allowed audience (optional)
• Allowed clients
• Allowed scopes (optional)
• Agent client ID (masked input)
• Agent client secret (masked input)

Managed credential auto-creation: When a CUSTOM_JWT gateway is created, the CLI automatically creates a managed OAuth credential ({gateway-name}-agent-oauth) so the agent can authenticate to
the gateway. Managed credentials are protected from accidental deletion (requires --force).

Agent template Bearer token auth: All four agent framework templates (Strands, LangChain, OpenAI, Google ADK) now support Bearer token authentication via OAuth client credentials flow with
token caching and automatic refresh.

CLI flags: Added non-interactive support with --allowed-scopes, --agent-client-id, and --agent-client-secret flags for agentcore add gateway.

UX fix: Gateway discovery URL input now uses placeholder text instead of pre-populated https:// that interfered with pasting.

Depends on #417 (outbound auth / identity OAuth support).

Related Issue

N/A

Documentation PR

N/A

Type of Change

• Bug fix
• New feature
• Breaking change
• Documentation update
• Other (please describe):

Testing

• I ran npm run test:unit and npm run test:integ
• I ran npm run typecheck
• I ran npm run lint
• If I modified src/assets/, I ran npm run test:update-snapshots and committed the updated snapshots

Checklist

• I have read the CONTRIBUTING document
• I have added any necessary tests that prove my fix is effective or my feature works
• I have updated the documentation accordingly
• I have added an appropriate example to the documentation to outline the feature, or no new docs are needed
• My changes generate no new warnings
• Any dependent changes have been merged and published

---

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.