KAFKA-19583: fix: enable oauthbearer sasl with native image

[wilmerdooley]

The native Kafka image fails to start when KAFKA_SASL_ENABLED_MECHANISMS=OAUTHBEARER is configured because GraalVM native-image reachability metadata does not retain the no-argument constructors used by the reflective instantiation in LoginManager and the SASL provider factories. This avoids the failure by instantiating the known login, callback handler, and SASL factory classes directly rather than via Utils.newInstance / Provider.put, ensuring they are reachable in the native image.

Changes:

• LoginManager: introduce createLogin and createLoginCallbackHandler helpers that directly instantiate DefaultLogin, KerberosLogin, OAuthBearerRefreshingLogin, AbstractLogin.DefaultLoginCallbackHandler, and OAuthBearerUnsecuredLoginCallbackHandler, falling back to Utils.newInstance for any other class.
• OAuthBearerSaslClientProvider and OAuthBearerSaslServerProvider: register their services via putService with an overridden newInstance that constructs the factory directly, instead of registering the class name and relying on Provider to instantiate it reflectively.

---

Delete this text and replace it with a detailed description of your change. The
PR title and body will become the squashed commit message.

If you would like to tag individuals, add some commentary, upload images, or
include other supplemental information that should not be part of the eventual
commit message, please use a separate comment.

If applicable, please include a summary of the testing strategy (including
rationale) for the proposed change. Unit and/or integration tests are expected
for any behavior change and system tests should be considered for larger
changes.

• Tests passed
• Integration tests passed (if applicable)
• Documentation added (if applicable)
• Release notes updated (if applicable)

JIRA: https://issues.apache.org/jira/browse/KAFKA-19583