DPoP proof JWT on API calls (with nonce retry per RFC 9449 §8/§9)

[sfdctaka]

This PR extends DPoP coverage from the token endpoint to the SDK's authenticated REST and identity calls, plus adds the nonce-retry machinery the resource server requires per RFC 9449 §8/§9.

What's included

DPoP on outbound API calls

• SFRestRequest / SFRestAPI: when tokenType == "DPoP", requests are stamped with Authorization: DPoP <access_token> and a DPoP proof header bound to the request's method (htm) and URL (htu), with the access-token hash (ath) per RFC 9449 §4.3.
• SFIdentityCoordinator: same stamping for the identity endpoint.
• Bearer requests are untouched — Authorization: Bearer … is byte-identical to pre-DPoP output for non-DPoP token responses.

Nonce challenge + retry (RFC 9449 §8 / §9)

• DPoPNonceCache: per-account, per-htu cache of the most recent server-issued nonce. Harvested from any 200, 400, or 401 response carrying a DPoP-Nonce header.
• Outbound proofs include nonce when the cache has one for the target htu.
• On a 401 with DPoP-Nonce (or a 400 body containing error=use_dpop_nonce), the originating request is retried once with the freshly harvested nonce. Retry is one-shot to avoid loops.

Key material

• DPoPKeyStore: per-account ES256 / P-256 keypair, generated on first DPoP use and persisted in the keychain. The private key never leaves secure storage. cnf.jkt thumbprint computed via JWK SHA-256.

Token-type wiring

• SFOAuthCredentials.tokenType (added in earlier PR) drives scheme selection. "DPoP" ⇒ DPoP path; anything else (including nil) ⇒ Bearer path.

Backward compatibility

Purely additive. Non-DPoP orgs see no behavior change. The new headers are only emitted when the token endpoint returns token_type=DPoP.

Test coverage

• SFSDKDPoPTests (988 lines): proof builder, nonce cache (per-account isolation, per-htu keying, eviction), request decorator (Bearer vs DPoP branch, nonce attachment, ath computation), end-to-end request stamping, retry on nonce challenge.
• Existing SFOAuthCredentialsTests and token-endpoint response tests updated.

Notes for reviewers

• Concurrency for REST callers: today's caller patterns are largely serial after refresh; concurrent in-flight callers may each hit a `use_dpop_nonce` challenge and only one will rotate cleanly. A TODO marks the spot to revisit if/when concurrent DPoP REST calls become common (per-`htu` lock vs. pre-fetched nonce vs. accept-extra-round-trip).
• This PR targets the `dpop` integration branch; final merge to `dev` will follow once the backend resource-server rollout is complete.

[wmathurin]

Looks good to me.

[wmathurin]

LGTM - but if nonce are sent by the token end point, we might be able to simplify the code a bit? Harvest the nonce whenever a refresh call happens. And also treat a nonce failure like 401s (to force a refresh and therefore to get a new nonce).

[sfdctaka]

LGTM - but if nonce are sent by the token end point, we might be able to simplify the code a bit? Harvest the nonce whenever a refresh call happens. And also treat a nonce failure like 401s (to force a refresh and therefore to get a new nonce).

Let me look into this now.

[sfdctaka]

@wmathurin Dropped the resource-server reactive-retry layer and folded nonce failures into the existing 401→refresh→replay path, per your suggestion.

[wmathurin]

@wmathurin Dropped the resource-server reactive-retry layer and folded nonce failures into the existing 401→refresh→replay path, per your suggestion.

I love the simplification.

I see that the nonce cache is still in memory only so an application restart will force a refresh (because of missing the nonce for creating the JWT proof). Should we persist the nonce to disk (alongside the access token and other user credentials) to avoid that situation? Or maybe we could store the JWT proof that we generate from the nonce (as long as there is a 1-1 mapping from nonce to JWT proof)?