fix(proxy): add L7 inspection to forward proxy path

[latenighthackathon]

Summary

The forward proxy previously rejected all requests to endpoints with L7 rules (blanket 403), forcing clients through the CONNECT tunnel. This meant policies like access: read-only (allow GET, block POST) had no effect on plain http:// requests via the forward proxy.

This PR replaces the blanket rejection with actual L7 evaluation:

• refactor(l7): Make evaluate_l7_request() public for cross-module use
• fix(proxy): Query L7 config, clone OPA engine, evaluate request method/path against L7 policy
  • Allow if policy permits
  • Deny with 403 if enforcement: enforce and policy denies
  • Audit mode: log but allow (matching CONNECT path behavior)
  • Fail-closed: deny on evaluation errors
• docs: Update architecture/security-policy.md V1 simplifications note
• e2e: Update regression tests to validate new behavior (GET allowed → 200, POST denied → 403)

Security posture change

Endpoints that previously received a blanket 403 on the forward proxy path will now be evaluated against their L7 policy. If enforcement: audit (the default), traffic that was previously blocked will now flow through with audit logging. If enforcement: enforce, only policy-permitted requests will be forwarded.

The forward proxy uses Connection: close (one request per connection), so a single L7 evaluation suffices — no relay loop needed. The implementation mirrors the CONNECT path's patterns for OPA engine cloning, L7EvalContext construction, and enforcement handling.

Test plan

• cargo test passes
• forward_proxy_allows_l7_permitted_request: GET /allowed → 200
• forward_proxy_denies_l7_blocked_request: POST /allowed → 403
• CONNECT path L7 inspection unchanged (no regression)
• Forward proxy without L7 config unchanged (no regression)
• L7 eval failure → deny (fail-closed)

Closes #643

I have read the DCO document and I hereby sign the DCO.

[latenighthackathon]

I have read the DCO document and I hereby sign the DCO.