#534 [API/Race] oauth2.py global config mutation not atomic

File: api/oauth_handlers/oauth2.py:37-39,95-106. Global _OAUTH2_CONFIG_CACHE dict assigned separately from _OAUTH2_CONFIG_CACHE_TIME - not atomic. Another thread could see partially constructed state. IMPACT: Race condition could cause auth failures. FIX: Use single atomic assignment with frozen dataclass.