feat(scol): validate oauth2 token_url scheme at vector validate time

[JuanMantica45]

Summary

Wires token_url scheme validation into SourceConfig::build() for the SCOL source so that vector validate rejects invalid OAuth2 URLs before the source is started.

Changes:

• src/sources/scol/mod.rs — calls self.validate_auth()? synchronously before boxing the source future; this is the only codepath that executes during vector validate
• lib/observo/private — submodule bumped to ef53ab5 (dataplane-private jm-token-url-validation) which adds:
  • SAuth::validate() — lightweight scheme-only check
  • Config::validate_auth() — iterates http_cfgs.default and all http_cfgs.overrides

Dependency

dataplane-private PR #42: https://ghe.eng.sentinelone.tech/sentinel-one/dataplane-private/pull/42

Why validate() and not build()

SourceConfig::build() returns Ok(Box::pin(future)) without polling the future — vector validate calls build(), receives the box, and moves on. Anything inside build_source() is invisible to validate. validate_auth() runs synchronously before the box is created, so errors surface at the Component errors step.

Smoke test

=== INVALID (token_url = "WRONG") ===
√ Loaded
Component errors
x Source "test_scol": oauth2 token_url must start with http:// or https://, got: WRONG
exit: 78

=== VALID (token_url = "https://auth.example.com/token") ===
√ Loaded
√ Component configuration
√ Health check "stdout"
Validated
exit: 0