fix(agent): Handle null refreshToken/expiresAt in credential manager

Updated DefaultAccountCredentialManager to handle setup tokens:
- Removed refreshToken requirement in validation check
- Use nullish coalescing for refreshToken and expiresAt
- Treat tokens without expiresAt as non-expired (setup tokens)

Completes the setup token support changes.

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

src/agent/credentials/default-credential-manager.ts

@@ -54,12 +54,12 @@ export class DefaultAccountCredentialManager implements AccountCredentialManager
       const parsed = JSON.parse(raw);
       const oauth = parsed.claudeAiOauth;
 
-      if (!oauth || !oauth.accessToken || !oauth.refreshToken) return null;
+      if (!oauth || !oauth.accessToken) return null;
 
       return {
         accessToken: oauth.accessToken,
-        refreshToken: oauth.refreshToken,
-        expiresAt: oauth.expiresAt,
+        refreshToken: oauth.refreshToken ?? null,
+        expiresAt: oauth.expiresAt ?? null,
         subscriptionType: oauth.subscriptionType ?? null,
         rateLimitTier: oauth.rateLimitTier ?? null,
       };
@@ -72,6 +72,7 @@ export class DefaultAccountCredentialManager implements AccountCredentialManager
    * Check if credentials are expired or about to expire.
    */
   isExpired(credentials: OAuthCredentials): boolean {
+    if (!credentials.expiresAt) return false; // Setup tokens without expiry are treated as non-expired
     return credentials.expiresAt < Date.now() + TOKEN_REFRESH_BUFFER_MS;
   }