Add 2FA credentials to a hub operator staff member's user authentication details

[PaulMakinMojaloop]

If a 2FA solution has been deployed as part of a Mojaloop Hub, then its use should be enforced.

This story assumes that a staff member's details have been created in the IAM solution by another staff member with the appropriate credentials/privileges appended to their role.

When the staff member successfully logs on using their assigned credentials, a check should be made as to whether or not a second factor has been associated with their identity.

If no such 2FA is found:

• the staff member should be prompted to select one 2FA mechanism from a list of those accepted by that deployment, and to configure/synchronise it with the Hub's IAM solution. Details should be retained with their identity.
• The staff member should be logged off (forced to login/re-authenticate, this time including 2FA).

If a 2FA is found:

• login should proceed as normal (see https://app.zenhub.com/workspaces/vnext-workstream-660fc8b866c04915432fd68f/issues/gh/mojaloop/project/3890)

Acceptance Criteria

1. Scenario: 2FA is not associated with the staff member's identity

• Given the staff member's identity does not have a 2FA associated with it
• When the staff member logs in
• Then the staff member should be prompted to select a 2FA alternative from a list of accepted options
• And the staff member should be required to configure/synchronize the selected 2FA with the Hub's IAM solution
• And the staff member should be logged off and prompted to log in again, including the 2FA

2. Scenario: 2FA is associated with the staff member's identity

• Given the staff member's identity has a 2FA associated with it
• When the staff member logs in
• Then the staff member should be able to log in as normal