test(gateway): add recovery admin auth/method/throttle coverage

[j-rafique]

Summary

This PR adds targeted unit tests for the new recovery admin gateway endpoints in supernode/transport/gateway/recovery_admin.go.

Given the API introduces auth gating, method-specific handlers, and semaphore-based concurrency control, this adds the minimum high-leverage coverage to reduce regression risk.

What’s covered

• Auth wrapper (wrap)
• token unset → 503 Service Unavailable
• wrong token → 401 Unauthorized
• correct token → wrapped handler executes
• Method enforcement
• handleReseed rejects non-POST with 405 Method Not Allowed
• handleStatus rejects non-GET with 405 Method Not Allowed
• Semaphore throttling
• reseedSem contention returns 429 Too Many Requests
• statusSem contention returns 429 Too Many Requests
• Basic response shape/status checks
• dependency-missing paths for handleStatus / handleReseed return 503 with JSON including ok=false and error

Why

New admin recovery surface area is operationally sensitive.
These tests lock down critical behavior around auth, request method constraints, and concurrency throttling.
Prevents accidental behavior drift in future refactors.

Validation

Ran locally:
go test ./supernode/transport/gateway
Result: ok

[roomote-v0]

Rooviewer   See task

No issues found. The tests correctly cover auth token validation, HTTP method enforcement, semaphore throttling, and missing-dependency error responses. Stubs properly implement their interfaces and test logic matches the production code paths.

_{Mention @roomote in a comment to request specific changes to this pull request or fix all unresolved issues.}