Features/generic authentication authorization

[robinskil]

This pull request introduces a significant refactor of the authentication system across both HTTP (Axum) and Flight SQL transports, centralizing authentication logic in the core runtime and enabling role-based access control. The key changes include removing hardcoded admin credential checks, delegating authentication and identity resolution to the runtime's AuthProvider, and updating middleware and service layers to work with rich AuthIdentity objects rather than simple booleans.

Authentication Refactor and Role-Based Access:

• Removed hardcoded admin credential checks and replaced them with runtime-based authentication using the AuthProvider, allowing for more flexible and secure role-based access control. This affects both HTTP (Axum) and Flight SQL authentication flows.
• Updated Axum middleware to resolve and store the full AuthIdentity in request extensions, and to enforce super-user checks for admin routes using the runtime's authentication provider.

API and Interface Changes:

• Changed the signatures of setup_client_router and setup_admin_router to accept the runtime as an argument, ensuring middleware has access to authentication state. Updated router setup accordingly.
• Modified query endpoints to extract the authenticated identity from request extensions and pass it to the runtime for query execution, enabling per-user and per-role query enforcement.

Flight SQL Service Updates:

• Refactored the Flight SQL Authenticator to use the runtime for authentication, returning rich AuthIdentity objects in the authorization context. All SQL execution now receives the full identity rather than a boolean flag.