fix(auth): Improve OAuth credential detection and startup warning

- Enhanced getClaudeAuthIndicators() to return detailed check information
  including file paths checked and specific error details for debugging
- Added debug logging to server startup credential detection for easier
  troubleshooting in Docker environments
- Show paths that were checked in the warning message to help users debug
  mount issues
- Added support for CLAUDE_CODE_OAUTH_TOKEN environment variable
- Return authType in verify-claude-auth response to distinguish between
  OAuth and CLI authentication methods
- Updated UI to show specific success messages for Claude Code subscription
  vs generic CLI auth
- Added Docker troubleshooting tips to sandbox risk dialog
- Added comprehensive unit tests for OAuth credential detection scenarios

Closes #721

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

apps/server/src/routes/setup/routes/verify-claude-auth.ts

@@ -320,9 +320,28 @@ export function createVerifyClaudeAuthHandler() {
         authMethod,
       });
 
+      // Determine specific auth type for success messages
+      let authType: 'oauth' | 'api_key' | 'cli' | undefined;
+      if (authenticated) {
+        if (authMethod === 'api_key') {
+          authType = 'api_key';
+        } else if (authMethod === 'cli') {
+          // Check if CLI auth is via OAuth (Claude Code subscription) or generic CLI
+          // OAuth tokens are stored in the credentials file by the Claude CLI
+          const { getClaudeAuthIndicators } = await import('@automaker/platform');
+          const indicators = await getClaudeAuthIndicators();
+          if (indicators.credentials?.hasOAuthToken) {
+            authType = 'oauth';
+          } else {
+            authType = 'cli';
+          }
+        }
+      }
+
       res.json({
         success: true,
         authenticated,
+        authType,
         error: errorMessage || undefined,
       });
     } catch (error) {