feat(servers): move oauthClientSecret and stdio env values to OS keychain (#1356)

mcp.json is designed to be tool-shareable (symlinked from Claude Desktop's
config, pasted into bug reports, synced via dotfiles), so storing OAuth
client secrets and stdio env values in plaintext there meant any of those
flows could leak them. Lift both into the OS keychain via @napi-rs/keyring
(active replacement for the archived keytar). The wire shape is unchanged:
the GET /api/servers handler rehydrates from the keychain so browser code
sees the same JSON; the on-disk file no longer contains the secret
material. Includes an idempotent migration that lifts plaintext from older
mcp.json files (or hand-edited ones) into the keychain on first read.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

Author: cliffhall

clients/web/package-lock.json

@@ -31,6 +31,7 @@
     "@mantine/notifications": "^8.3.17",
     "@modelcontextprotocol/ext-apps": "^1.7.1",
     "@modelcontextprotocol/sdk": "^1.29.0",
+    "@napi-rs/keyring": "^1.3.0",
     "ajv": "^8.17.1",
     "atomically": "^2.1.1",
     "chokidar": "^4.0.3",

clients/web/package.json

@@ -30,6 +30,12 @@ export function getViteBaseConfig() {
         "chokidar",
         "cross-spawn",
         "which",
+        // `@napi-rs/keyring` is loaded only inside
+        // `core/auth/node/secret-store.ts` from the Hono `/api/servers`
+        // handlers. It's a native-binding package (no browser code path) so
+        // excluding it keeps Vite's dep scanner from chasing into the
+        // platform-specific binaries during dev startup.
+        "@napi-rs/keyring",
       ],
     },
   };