feat: Add settings UI for provider, model, and API key configuration

[vedworks]

Summary

Add a web-based settings interface that allows users to configure their Ironclaw API keys,
providers, and models directly in the workspace UI, eliminating the need to use the CLI ironclaw
configure command.

What's Changed

• Backend API Endpoints (/api/settings/)
  • GET /api/settings/providers - Returns available providers and auth methods
  • GET /api/settings/config - Reads current configuration (redacted)
  • POST /api/settings/auth - Saves API key credentials
  • POST /api/settings/token - Saves setup tokens
  • POST /api/settings/model - Updates default model selection
  • POST /api/settings/oauth/url - Initiates OAuth flows
  • POST /api/settings/copilot/start - Starts GitHub Copilot device flow
  • POST /api/settings/copilot/poll - Polls device flow status
• Frontend Settings Component (settings-view.tsx)
  • Multi-step wizard: Provider → Auth Method → Credentials → Model
  • Support for API key input with show/hide toggle
  • Support for token-based authentication (e.g., Anthropic setup tokens)
  • Status indicators for configured providers
  • Error and success messaging
• Shared Utilities (lib/settings.ts)
  • Config file I/O (read/write ~/.openclaw/openclaw.json)
  • Credentials storage (read/write ~/.openclaw/credentials.json)
  • Auth profile management

Features (MVP)

✅ API key authentication for 14+ providers (OpenAI, Anthropic, Google, xAI, OpenRouter, etc.)
✅ Token-based auth for Anthropic setup tokens
✅ Default model selection
✅ OAuth/device flow support (placeholders for future implementation)
✅ Secure credential handling (no API keys exposed in responses)
✅ Seamless integration with existing CLI configuration

Testing

• ✅ All 425 existing tests pass
• ✅ Web app builds successfully
• ✅ API endpoints validated
• ✅ No TypeScript errors

Files Added

• apps/web/app/api/settings/providers/route.ts
• apps/web/app/api/settings/config/route.ts
• apps/web/app/api/settings/auth/route.ts
• apps/web/app/api/settings/token/route.ts
• apps/web/app/api/settings/model/route.ts
• apps/web/app/api/settings/oauth/url/route.ts
• apps/web/app/api/settings/oauth/callback/route.ts
• apps/web/app/api/settings/copilot/start/route.ts
• apps/web/app/api/settings/copilot/poll/route.ts
• apps/web/lib/settings.ts

Files Modified

• apps/web/app/components/workspace/settings-view.tsx - Full implementation of settings UI

Notes

• Uses the same config file format and storage mechanism as CLI for compatibility
• OAuth and device flow endpoints are implemented but full flows are scaffolded for future work
• Credentials are stored securely in credentials.json and never exposed in API responses