refactor: shared AuthMethodFields component

[matthiastjong]

Summary

• Extract auth method form fields into a shared AuthMethodFields component (src/lib/components/auth-method-fields.svelte)
• Fix missing JWT ES256 and OAuth2 Refresh Token options in the target create flow
• Fix custom_header auth using old single-header format in create flow — now uses multi-header support from PR feat: support multi-header custom auth #53
• Update targets list page server action to handle all auth types consistently with the target detail page

What changed

• New: src/lib/components/auth-method-fields.svelte — shared component with all auth type options and credential fields
• Modified: src/routes/(app)/targets/+page.svelte — replaced ~130 lines of inline auth fields with shared component
• Modified: src/routes/(app)/targets/[slug]/+page.svelte — replaced ~440 lines of duplicated auth fields (add + edit) with shared component
• Modified: src/routes/(app)/targets/+page.server.ts — added handling for custom_header (multi-header JSON), jwt_es256, and oauth2_refresh_token types

Test plan

• Create a new API target and verify all 6 auth types are available (Bearer, Basic, Custom Header, Query Param, JWT ES256, OAuth2 Refresh Token)
• Add a custom_header auth method with multiple headers during target creation
• Edit an existing target and verify auth method add/edit still works with all types
• Verify SSH targets still show only SSH Key option

🤖 Generated with Claude Code