Ensure all device push fields appear together

[eoger]

Before Firefox had support for Push payloads, it was possible for a client to register its device record with a pushCallback but no pushAuthKey/pushPublicKey. We enforce this rule on our servers by allowing pushCallback to appear alone, but making sure the 2 other fields come together: https://github.com/mozilla/fxa-auth-server/blob/30e65674e70ee42befc1ba09b6fc0fd7dde2f608/lib/routes/devices-and-sessions.js#L159

With the help of @jbuck, we have observed that:

• 0.5% of the total number of devices registered in our DB have a callback set with null keys.
• All of them were created before June 2016.
• None of them have pinged the FxA servers since 2017 (when redis was deployed): we could not find any associated redis records for these users.

Let's make things easy for everyone, and ensure that either all of these 3 fields are set or none of them are. It would also simplify our Rust FxA client implementation.

blocks #2547

[hritvi]

May I work on this?

[shane-tomlinson]

@hritvi it looks like @hybrid1999 has already taken up the bug!

[vladikoff]

This was fixed in https://github.com/mozilla/fxa-auth-server/pull/2937