feat(opencode): auto-reload provider auth state on 401 and add /reauth command

[aberglund-cf]

Issue for this PR

Closes #15433

Type of change

• Bug fix
• New feature
• Refactor / code improvement
• Documentation

What does this PR do?

Provider auth changes (API keys, wellknown tokens) are now picked up without restarting. On 401, the session processor automatically refreshes auth state and retries once.

Users can also trigger this manually via /reload (or /refresh). Wellknown auth token refresh is shared between the CLI login flow and the automatic reload path.

Outstanding questions

• /reload - nice to have but it could be better to not take up space or possibly introduce buggy behavior. I'd like to hear some opinions about that.
• Should this behavior live behind a config flag?

How did you verify your code works?

• Added unit tests where feasible
• Manually exercised login flow by removing token from auth and triggering refresh

Checklist

• I have tested my changes locally
• I have not included unrelated changes in this PR

[Delqhi]

I hit a closely related real-world case while debugging : fresh processes could recover after auth/account state changed on disk, but already-open sessions could stay stuck on stale provider state until restart.\n\nI ended up fixing the plugin side with an OpenAI-style pattern very similar to this PR:\n- reload latest provider/account state from disk at request time\n- flush stale in-memory rate-limit/account-failure state\n- retry once before hard-failing on stale / states\n\nUpstream plugin PR for the concrete package-side fix: https://github.com/NoeFabris/opencode-antigravity-auth/pull/539\n\nSo from local repro: this core direction is absolutely the right model for already-open sessions.

[Delqhi]

I hit a closely related real-world case while debugging opencode-antigravity-auth: fresh opencode run processes could recover after auth/account state changed on disk, but already-open sessions could stay stuck on stale provider state until restart.

I ended up fixing the plugin side with an OpenAI-style pattern very similar to this PR:

• reload latest provider/account state from disk at request time
• flush stale in-memory rate-limit/account-failure state
• retry once before hard-failing on stale No Antigravity accounts... / All accounts rate-limited... states

Upstream plugin PR for the concrete package-side fix: NoeFabris/opencode-antigravity-auth#539

So from local repro: this core reload + retry once direction is absolutely the right model for already-open sessions.