feat(sandbox): add microsoft s2s token resolver

[afourniernv]

DO NOT MERGE

Draft PR for design review and discussion only. Do not merge until the NAT/A365 integration path is validated and reviewers sign off on the Microsoft provider lifecycle shape.

Summary

Adds the first Microsoft Agent ID S2S provider foundation and sandbox-local token resolver path. OpenShell keeps Microsoft broker inputs in the sandbox supervisor, mints runtime-agent tokens on demand, and exposes only a local resolver URL to the workload.

Related Issue

N/A

Changes

• Added microsoft-agent-s2s provider discovery and CLI support.
• Added Rust Microsoft S2S broker support for the two-step runtime-agent token exchange.
• Added sandbox-local token resolver that removes broker inputs from child env and injects resolver metadata only.
• Updated proxy-mode network namespace bypass rules so workloads can reach the local resolver.
• Updated provider docs and architecture notes.

Testing

• cargo fmt --check
• cargo clippy -p openshell-provider-auth --all-targets
• cargo clippy -p openshell-sandbox --all-targets
• cargo test --workspace --exclude openshell-vm
• mise run pre-commit completed: installed and trusted mise, but the run was interrupted before completion.
• E2E NAT/A365 sandbox demo validation

Checklist

• Follows Conventional Commits
• Commits are signed off (DCO)
• Architecture docs updated

[copy-pr-bot]

This pull request requires additional validation before any workflows can run on NVIDIA's runners.

Pull request vetters can view their responsibilities here.

Contributors can view more details about this message here.

[github-actions]

Thank you for your submission! We ask that you sign our Developer Certificate of Origin before we can accept your contribution. You can sign the DCO by adding a comment below using this text:

---

I have read the DCO document and I hereby sign the DCO.

---

_{You can retrigger this bot by commenting recheck in this Pull Request. Posted by the DCO Assistant Lite bot.}