[#951] create new route for Virtual Agent JWT proof of concept

[aaronyoung-tw]

original issue 951
Co-authored-by: Maurice Okumu maurice.okumu@thoughtworks.com

Note: Delete the description statements, complete each step. None are optional, but can be justified as to why they cannot be completed as written. Provide known gaps to testing that may raise the risk of merging to production.

Summary

• (Summarize the changes that have been made to the platform)
  Created a new route to create a mobile JWT token for the virtual agent team.
  This is a proof of concept and won't be enabled in production, its behind a feature flag.
• (If bug, how to reproduce)
  n/a
• (What is the solution, why is this the solution)
  n/a
• (Which team do you work for, does your team own the maintainence of this component?)
  Virtual Agent Chatbot
• (If using a flipper, what is the end date of the flipper being required/success criteria being targeted)

Related issue(s)

• department-of-veterans-affairs/va.gov-team#0000
• Link to ticket created in va.gov-team repo
  https://github.com/department-of-veterans-affairs/va-virtual-agent/issues/951
• Link to previous change of the code/bug (if applicable)
• Link to epic if not included in ticket

Testing done

testing needs to be done in the staging environment - this is a POC behind a feature flag

• Describe what the old behavior was prior to the change
  route didn't exist
• Describe the steps required to verify your changes are working as expected
  We will be testing via postman to see if we get a JWT created in staging
• Describe the tests completed and the results

Screenshots

Note: Optional

What areas of the site does it impact?

(Describe what parts of the site are impacted andifcode touched other areas)

Acceptance criteria

• I fixed|updated|added unit tests and integration tests for each feature (if applicable).
• No error nor warning in the console.
• Events are being sent to the appropriate logging solution
• Documentation has been updated (link to documentation)
• No sensitive information (i.e. PII/credentials/internal URLs/etc.) is captured in logging, hardcoded, or specs
• Feature/bug has a monitor built into Datadog or Grafana (if applicable)
• If app impacted requires authentication, did you login to a local build and verify all authenticated routes work as expected
• I added a screenshot of the developed feature

[ryan-mcneil]

@aaronyoung-tw I won't enforce, as it's a POC, but please note that untested code brings down overall code coverage for the entire repo. So please remember to remove this or create a spec file as you continue to build on it. Thanks!