LG-12873: Annotate reCAPTCHA assessments with MFA results

[aduth]

🎫 Ticket

LG-12873

🛠 Summary of changes

Updates phone setup flow to annotate a reCAPTCHA assessment after the user initiates and completes phone setup.

Related resources:

• https://cloud.google.com/recaptcha-enterprise/docs/annotate-assessment

📜 Testing Plan

Verify that you see events for annotating an assessment upon initiating and completing phone setup:

1. Have make run and make watch_events running in parallel in two separate terminal processes
2. Visit http://localhost:3000
3. Sign in or create an account
4. When possible, add a phone to your account (clicking "Add phone number" at the account dashboard if signing in, or choosing "Text or voice message" at the MFA selection screen during account creation)
5. Enter an international phone number, e.g. +610491570006
6. Click "Send code"
7. Observe ~an event recaptcha_assessment_annotated~ that the Telephony: OTP sent event includes an recaptcha_annotation with non-null assessment_id and a reason of 'INITIATED_TWO_FACTOR'
8. Click "Submit" to submit the one-time code
9. Observe ~an event recaptcha_assessment_annotated~ that the Multi-factor authentication: Phone added event includes an recaptcha_annotation with non-null assessment_id, a reason of 'PASSED_TWO_FACTOR', and a annotation of 'LEGITIMATE'

[aduth]

This is ready for review now. I've also tested this against real reCAPTCHA Enterprise which revealed some necessary changes in c0ef243, but worked successfully afterward. Let me know if you'd like to test the real Enterprise and I can get you set up with it.