feat: update mfa everywhere

[UnicornChance]

Description

To mitigate some security questions we've opted for over protecting users and requiring all users to setup and use MFA.

This of course requires a rework of integration tests and exploring setting up a smtp server ( more to come on this ).

What changed in the realm.json:

• UDS Authentication

  • removed MFA flow
  • added OTP Form - Required before UDS Group Validation

• UDS Registration

  • added OTP Form - Required before UDS Group Validation

• UDS Reset Credentials

  • added OTP Form - Required before Reset Password

• Update IDP

  • create new authentication flow that combines OTP Form and UDS Group Validation called MFA and Group Validation
  • Post Login Flow - MFA and Group Validation

• Required Actions

  • configure otp to be enabled and a default action since we are requiring all new users to have this now

• Realm.json Authentication flow cleanup

  • MFA flow is not in use anymore
  • Group Protection Authorization flow is not in use anymore
  • MFA Login flow is not in use

Related Issue

Relates to #148 and #117

Type of change

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Other (security config, docs update, etc)

Checklist before merging

• Test, docs, adr added or updated as needed
• Contributor Guide Steps(https://github.com/defenseunicorns/uds-template-capability/blob/main/CONTRIBUTING.md#submitting-a-pull-request) followed

[UnicornChance]

Not in love with the naming scheme of x509 and noX509, looking for suggestions there if its a big enough problem.

[UnicornChance]

Will evaluate other option of removing passwords ( which is the true reason we need MFA ) otherwise will leave this functionality to sit till a later date when we have more control over our realm to optionally choose different types of identity.