client: allow injecting a requests.Session + stop following redirects

The HTTP Session was hardcoded with no injection point and followed
redirects by default, so a server-side caller pointing the client at an
attacker-influenced base_url (a tenant's prime_endpoint) had no way to
attach an SSRF policy, and a public endpoint could 302-redirect the
request to an internal address (e.g. the cloud metadata service).

- Client/DragonchainSDK now accept an optional `session` so callers can
  inject a Session whose transport adapter refuses internal IPs. Default
  stays unguarded for trusted/CLI use — the guard belongs in the server.
- Requests are sent with allow_redirects=False; Prime never legitimately
  redirects, and a 3xx now surfaces to the caller instead of being followed.

prime_sdk/__init__.py

@@ -91,6 +91,7 @@ class DragonchainSDK:
         auth_key_id: str,
         auth_key: str,
         base_url: str,
+        session: "Optional[requests.Session]" = None,
     ):
         """Create a new Dragonchain SDK client.
 
@@ -99,8 +100,12 @@ class DragonchainSDK:
             auth_key_id: Your authentication key ID.
             auth_key: Your authentication key.
             base_url: Base URL of your node (e.g. "https://chains.dragonchain.com").
+            session: Optional pre-configured ``requests.Session``. Inject one
+                with an SSRF-guarded transport adapter when ``base_url`` is
+                attacker-influenced (a tenant's prime_endpoint); the default
+                session is unguarded and intended for trusted/CLI use.
         """
-        self._client = Client(public_id, auth_key_id, auth_key, base_url)
+        self._client = Client(public_id, auth_key_id, auth_key, base_url, session=session)
         self.transaction = TransactionClient(self._client)
         self.transaction_type = TransactionTypeClient(self._client)
         self.contract = ContractClient(self._client)