fix: class cast exception when handling Failed verification result & …

…signature download on Windows (#158)

Verification result was improperly cast to download result when
signature verification failed to run.
I discovered this issue while porting the signature verifications to
Coder Gateway plugin.

Additionally the signature for windows CLI follows the format:
coder-windows-amd64.exe.asc
Currently it is coded to coder-windows-amd64.asc which means the plugin
always fail to find any signature for windows CLI

impl: support for certificate based authentication (#155)

We now skip token input screen if the user provided a public and a
private key for mTLS authentication on both the usual welcome screen and
in the URI handling.

Attention: the official coder deployment supports only authentication
via token, which is why I could not fully test an end to end scenario.

impl: verify cli signature (#148)

This PR introduces support for verifying the CLI binary using a detached
PGP signature. Starting with version 2.24, Coder signs all CLI binaries.
For clients using older versions or running TBX in air-gapped
environments, unsigned CLIs can still be executed — but users will have
to confirm it each time.

In terms of code changes - the PR includes a big refactor around CLI
downloading with most of the code refactored and extracted in various
components that provide clean steps and result state in the main
download method. Then the pgp verification logic was added on top, with
some particularities:
- the pgp public key is embedded in the plugin as a jar resource
- we support multiple key rings in the public key
- the user has the option of running the CLI if no signature was found
- the signature search has a fallback approach: first we look in the
Coder deployment, and then fall back to releases.coder.com to search for
the signature if the user allows it.
- we expect the signature to be under the same relative path as the CLI
(we have an option which allows user to pick the CLI from a different
source other than the Coder deployment)

impl: add support for matching agent by name (#146)

This PR adds support for matching workspace agent in the URI via the
`agent_name` query param. The existing support for `agent_id` is dropped
and replaced by the new param.

 impl: update icons to match the new branding (#136)

Some samples with the new icons:

<img width="446" alt="Screenshot 2025-06-25 at 23 04 48"
src="https://github.com/user-attachments/assets/6cef8193-e839-4722-8b75-3f73ef13ed04"
/>
<img width="441" alt="Screenshot 2025-06-25 at 23 04 35"
src="https://github.com/user-attachments/assets/e4cf9c17-d4c3-4947-aeed-c89bc7270573"
/>
<img width="450" alt="Screenshot 2025-06-25 at 23 04 21"
src="https://github.com/user-attachments/assets/80247d37-abcc-4622-9a09-985befd139db"
/>
<img width="441" alt="Screenshot 2025-06-25 at 23 04 11"
src="https://github.com/user-attachments/assets/6b096f30-e21d-460c-bf4d-519f917915ef"
/>
<img width="438" alt="Screenshot 2025-06-25 at 23 03 53"
src="https://github.com/user-attachments/assets/b3ee9cd1-2b94-44b1-8953-d5f734b134a0"
/>
<img width="442" alt="Screenshot 2025-06-25 at 23 03 40"
src="https://github.com/user-attachments/assets/43b9d15b-f75d-45c3-afab-443cbe4b436d"
/>
<img width="437" alt="Screenshot 2025-06-25 at 23 03 27"
src="https://github.com/user-attachments/assets/522e4e4d-6ffe-41b3-aa9e-d82c6313a985"
/>
<img width="434" alt="Screenshot 2025-06-25 at 23 03 17"
src="https://github.com/user-attachments/assets/de352131-eb33-4923-91a1-c32ff1455253"
/>

 impl: visual text progress during Coder CLI downloading (#130)

This PR implements a mechanism to provide recurrent stats about the
number of the KB and MB of Coder CLI downloaded.

impl: support for Toolbox 2.6.3 (#124)

Toolbox 2.6.3 comes with a couple of new additions in the API which need
the following changes:

- finish support for URI handling. The available API up to TBX 2.6.3 was
buggy in terms of URI handling. It didn't allow plugins to
programmatically install remote ides and launch them. The launch
operation only worked when the IDE was already installed and a project
was already opened with the IDE.

TBX 2.6.3 adds a new API, _RemoteToolboxHelp_ which provides routines
for listing the available
IDEs on the remote, what is already installed and a command to install
specific versions of the IDE.
Additionally, there were fixes provided to the existing _ClientHelper_
which now launches the JBClient
if a project was not specified. An additional quirk I've discovered is
that if we provide a project, and
that project was not already opened (present in the Projects tab) the
IDE still won't open. And there
  is no API available to query the available projects.
  
  This PR uses the new API to:
  - query the installed ides
  - check if the provided ide is in the list of already installed IDEs.
- if that's not the case we query the available list of IDEs and the
available versions
- if the provided ide and build no., is in the available list we will
schedule it for install
- if not, we select the latest available build number for the provided
product code.
  - wait for the remote IDE to be installed
- and then download and launch the JBClient with a project path if it
was provided.
- update the minimum API requirement. Toolbox API is upgraded to
1.1.41749 which comes with new API additions and some deprecations.
Kotlin stdlib was also increased to a newer patch version

- use new environment state API. The _CustomRemoteEnvironmentState_ is
deprecated, and replaced by a new class _CustomRemoteEnvironmentStateV2_
which now supports i18n state labels

- use the new ssh disconnect callback. Toolbox provides two callbacks,
one before an SSH connection is established and another one which
executes when the ssh connection is stopped. The latter was deprecated
in the favor of a new callback that also provides hints on whether the
user requested the disconnect.

- use the new delete callback API. Toolbox provides a callback for
scenarios that involve the env. deletion. This allows plugins to react
and clean the internal state. With the new TBX API, the delete callback
API is deprecated in the favor of a mutable state flow, a reactive
approach that allows consumers to observe and react to state changes
over time.

chore: next version is 0.2.3 (#122)

fix: open URLs on Windows (#116)

The URLs on Windows failed to be opened because the cmd executed via
ProcessExecutor was not correctly constructed. We were calling
`exec("cmd", "start \"$url\"")` but in Windows `/c` is also needed to
the `cmd`.

We originally used native commands to open URLs because Toolbox didn’t
support it. Now that LocalDesktopManager provides an API for launching
the browser, we no longer need to fix the command-line logic — we can
just use the Toolbox API instead.

fix: access the settings page for the auth. wizard (#105)

The Settings menu is only available after we successfully authenticate.
This can be somewhat problematic if we want to configure something like
coder cli path, or certificate path before doing the authentication.

A new "Settings" button at the bottom of the page can now access the
Settings page. Toolbox is a bit inflexible with the API because:
- I could not find a way to delimit or separate the Settings button from
the Back and Sign In/Connect button
- we can't put a button or anything else in the top right corner, the
traditional place for a settings icon.

- resolves #90