Do not require all oauth scopes to *start* the mcp server

[christian-kreuzberger-dtx]

When starting the MCP Server, we are checking whether all oauth scopes requested are also available, and failing, if it's not the case.

This leads to a lot of support requests, which are often caused by the fact that not all oauth scopes are set up properly on the oauth client.

In addition, in PR #43 we have seen that adding new scopes will break the mcp server for existing end-users, as they will need to setup their Oauth clients again.

In order to allow adding new features, making the setup process a bit easier, the following changes are suggested:

• Only verify basic scopes that are needed for all API Calls (like app-engine:functions:run, app-engine:apps:run),
• Every tool needs to specify which scopes it needs. For every tool, we will create a separate dtClient with the needed scopes
• If creating this dtClient fails, we can provide a proper error message with the scopes we requested, and the error message we retrieved. This should furthermore help with troubleshooting end-users.
• Furthermore, this gives us the opportunity to get rid of environment variables USE_APP_SETTINGS and USE_WORKFLOWS, and instead also move those scopes directly to the creation of dtClient for the respective tool .

When developing this, please refactor this into a separate file and create unit tests for it.

[christian-kreuzberger-dtx]

This was implemented using #54