feat: Add ATproto OAuth client metadata for production

- Create client-metadata.json for production OAuth configuration
- Configure redirect URIs for www.ponderants.com
- Enable DPoP-bound access tokens for enhanced security

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

public/client-metadata.json

@@ -0,0 +1,20 @@
+{
+  "client_id": "https://www.ponderants.com/client-metadata.json",
+  "client_name": "Ponderants",
+  "client_uri": "https://www.ponderants.com",
+  "logo_uri": "https://www.ponderants.com/logo.svg",
+  "redirect_uris": [
+    "https://www.ponderants.com/api/auth/callback"
+  ],
+  "scope": "atproto transition:generic",
+  "grant_types": [
+    "authorization_code",
+    "refresh_token"
+  ],
+  "response_types": [
+    "code"
+  ],
+  "token_endpoint_auth_method": "none",
+  "application_type": "web",
+  "dpop_bound_access_tokens": true
+}