IAV-1027/feat(meta): add Instagram Professional API token auto-refresh pipeline

Summary

Introduces a fully automated refresh pipeline for Instagram Professional API long-lived access tokens (60-day TTL), preventing credential expiry from silently breaking connected social integrations.

Changes

Infrastructure

• PlatformApiProperties — externalized HTTP timeout configuration via @ConfigurationProperties(prefix = "iavia.platforms").
• RestTemplateConfig — configures a @Primary RestTemplate using Apache HttpClient 5 with explicit connect / response / connection-request timeouts.

Core Refresh Flow (MetaTokenRefreshService)

1. Decrypt stored credential data and extract the raw bearer token.
2. Call GET graph.instagram.com/refresh_access_token (no client secret required).
3. Validate the response; fall back to a 60-day TTL if expires_in is absent.
4. persistNewToken (@Transactional(REQUIRES_NEW)) — commits the new encrypted token and expiry to DB before any N8N call. This guarantees the source-of-truth is always consistent regardless of downstream propagation outcome.
5. propagateToN8nInstances — updates each linked N8N credential instance; failures are isolated per-instance and do not affect others or roll back the DB.

Scheduling (MetaTokenRefreshScheduler)

• Cron 0 0 3 * * * — runs daily at 03:00.
• 15-day refresh window: provides 14 retry attempts before a 60-day token expires.

Repository additions

• CredentialRepository#findExpiringCredentials — JPQL text-block query filtering by type list and expiry threshold.
• CredentialInstanceRepository#findAllByCredential — bulk lookup of N8N instances by parent credential.

Related Issues

Closes IAV-1027