Switch from Service Account to OAuth2 for Google Calendar (Personal Gmail)

- Replace JWT service account authentication with OAuth2 refresh token flow
- Service accounts cannot create Google Meet links for personal Gmail accounts
- Update edge function to use OAuth2 token exchange
- Change database column from google_service_account_json to google_oauth_config
- Add helper tool (get-google-refresh-token.html) to generate OAuth credentials
- Update IntegrasiTab UI to show OAuth config instead of service account
- Add SQL migration file for new google_oauth_config column

OAuth2 Config format:
{
  "client_id": "...",
  "client_secret": "...",
  "refresh_token": "..."
}

This approach works with personal @gmail.com accounts without requiring
Google Workspace or Domain-Wide Delegation.

add-google-oauth-config.sql

@@ -0,0 +1,11 @@
+-- Add google_oauth_config column to platform_settings table
+-- This replaces google_service_account_json for personal Gmail accounts
+
+ALTER TABLE platform_settings
+ADD COLUMN IF NOT EXISTS google_oauth_config jsonb;
+
+-- Add comment
+COMMENT ON COLUMN platform_settings.google_oauth_config IS 'OAuth2 configuration for Google Calendar API (for personal Gmail accounts). Format: {"client_id": "...", "client_secret": "...", "refresh_token": "..."}';
+
+-- Note: The old google_service_account_json column can be dropped later if no longer needed
+-- ALTER TABLE platform_settings DROP COLUMN IF EXISTS google_service_account_json;