verify communication api keys are invalidated during unenroll

[adam-stokes]

Must unenroll an agent without revoke: True then query ES for the api keys: https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-get-api-key.html

From there figure out the agentid and verify the invalidated field is True for botht he access key and output key.

This should also be run against a force unenroll (revoke = True)