Add workspace-scoped OAuth credentials

[rossbrg]

Summary

Depends on #90.

This adds workspace-scoped OAuth credentials on top of the existing OAuth flow. OAuth remains the interactive login path; the new behavior stores each authorized workspace separately and lets commands pick the right workspace by flag, environment variable, or default.

This PR is a draft until #90 lands, because GitHub will show the cleanup commit in this diff while the branch is stacked.

Changes

• Store non-secret workspace metadata in ~/.config/notion-cli/credentials.json.
• Store OAuth access and refresh tokens through the OS keychain-backed secret store.
• Add workspace selection through --auth-workspace, NOTION_WORKSPACE, and a named default workspace.
• Keep NOTION_TOKEN as the highest-precedence override.
• Add auth list, auth default, workspace-aware logout/status/config behavior, and an interactive default workspace selector.
• Scope cache paths for named workspaces under ~/.notion-cli/workspaces/<slug>/.
• Start the existing OAuth login flow on first interactive API use when no credentials are configured.

Testing

• make test
• make build
• make lint
• local selector smoke test using a pseudo-terminal with Down, Space, Enter
• manual OAuth smoke test against a Notion development connection