Assistant: Improves AWS SSO refresh flow

[samclark2015]

Assistant now intercepts errors related to expired AWS Bedrock credentials, and prompts the user to refresh them. It provides an affordance on the error notification to automatically run aws sso refresh, which opens the browser and starts the flow. It also returns Positron to the foreground once the refresh is complete.

Addresses #9652

Release Notes

New Features

• The AWS Bedrock provider for Assistant now gracefully handles credential expiration, and automatically refreshes them with the aws CLI tool.

Bug Fixes

• N/A

QA Notes

To "expire" your token:

1. Locate the AWS credential cache being used in your home directory. Mine was ~/.aws/sso/cache/[key].json. I identified it as the most recently updated file in that directory.
2. Modify expiresAt and registrationExpiresAt to dates prior to present, and change accessToken and refreshToken randomly (I removed the first character).

Cases to test
Adding Bedrock model
Expire your token, then signin to Bedrock in the Configure Model Providers dialog. This should trigger the refresh flow automatically.

Starting Positron with a Bedrock provider added
Expire your token, then refresh Positron. You should receive a notification to refresh credential. Clicking the button will launch the refresh flow in browser.

Token expires while Positron is open
Expire your token, then try to send a message. You will receive an error in chat, and the notification to prompt refresh. Note: Token credentials are cached in memory, so simply changing on disk is not sufficient. We may need to expire the token within AWS itself to test this properly. In dev, I created a command (removed from PR) to refresh the AWS token from disk.

e2e: @:assistant

[github-actions]

E2E Tests 🚀
This PR will run tests tagged with: @:critical @:assistant

^{readme  valid tags}

[timtmok]

LGTM