Implement OAuth 2.0 Token Exchange (RFC 8693) support (#2082)

* Implement OAuth 2.0 Token Exchange (RFC 8693) support

Add a token exchange client library that enables ToolHive to exchange
incoming access tokens for backend-specific tokens when proxying MCP
server requests. The implementation follows RFC 8693 and is compatible
with standard oauth2.TokenSource interfaces.

Fixes #2064

* Use HTTP Basic Auth for OAuth 2.0 Token Exchange client credentials

Change token exchange client authentication from body parameters
(client_id/client_secret in POST body) to HTTP Basic Authentication
via Authorization header, following RFC 6749 Section 2.3.1 recommendations.

This reduces credential exposure risk in HTTP logs and monitoring systems,
as the Authorization header receives special handling throughout the HTTP
stack while body parameters are commonly logged.

* Add validation of the exchanged token

* Fix tests for the recently added tests

Author: jhrozek