Jared Snider

Notes for reviewers: Per a discussion between Auth and Platform regarding service design, I refactored all of `DeviceTrustCryptoService` to accept user id as a required parameter for all methods.

The latest commit finishes implementing the `clearTwoFactorToken` logic for all login strategies that support remembering a 2FA token (password, SSO, and auth request). I retested on desktop, browser, and web...

Per discussion with Auth team, we will be QA'ing this in `main`.

Notes for reviewers about the latest changes: - The `ApiService` now uses a new `refreshAccessTokenErrorCallback` to ensure that any error in refreshing an access token is not swallowed silently like...

Additional context for reviewers as to why we had to make more changes: @justindbaur discovered that we had client specific default values on account initialization for the vault timeout. I...

Further notes for reviewers: we had more work to do because we discovered that the CLI wasn't setting a vault timeout so we had to enable migrations to have access...