Add 2FA credentials to a hub operator staff member's user authentication details

[PaulMakinMojaloop]

If a 2FA solution has been deployed as part of a Mojaloop Hub, then its use should be enforced.

This story assumes that a staff member's details have been created in the IAM solution by another staff member with the appropriate credentials/privileges appended to their role.

When the staff member successfully logs on using their assigned credentials, a check should be made as to whether or not a second factor has been associated with their identity.

If no such 2FA is found:

• the staff member should be prompted to select one 2FA mechanism from a list of those accepted by that deployment, and to configure/synchronise it with the Hub's IAM solution. Details should be retained with their identity.
• The staff member should be logged off (forced to login/re-authenticate, this time including 2FA).

• If a 2FA is found:

• login should proceed as normal (see https://app.zenhub.com/workspaces/vnext-workstream-660fc8b866c04915432fd68f/issues/gh/mojaloop/project/3890)

Acceptance Criteria

1. Scenario: 2FA is not associated with the staff member's identity
   • Given the staff member's identity does not have a 2FA associated with it
   • When the staff member logs in
   • Then the staff member should be prompted to select a 2FA alternative from a list of accepted options
   • And the staff member should be required to configure/synchronize the selected 2FA with the Hub's IAM solution
   • And the staff member should be logged off and prompted to log in again, including the 2FA
2. Scenario: 2FA is associated with the staff member's identity
   • Given the staff member's identity has a 2FA associated with it
   • When the staff member logs in
   • Then the staff member should be able to log in as normal