Introduce credential manager passkey fetching

[ThomazFB]

Summary

Fix issues:

• Add support for Passkey from third-party providers woocommerce/woocommerce-android#10559
• Fix Credential Manager failing to fetch Passkeys through WordPress.com auth challenge woocommerce/woocommerce-android#10558
• Implement Passkey fetching through the Credential Manager API woocommerce/woocommerce-android#10557

Introduces a rework of the Passkey fetching system inside the Library, where instead of relying to the FIDO2 API, it uses the Credential Manager. This will allow us to properly support Passkeys provided by third-party security services, like 1Password.

Screen capture

Screen_recording_20240201_124606.mp4

How to Test

⚠️ Pre-requisites

To make this test scenario possible, make sure you have the following:

1. A WordPress.com account configured with Security key authentication.
2. An operational 1Password account.
3. An Android 14 device, emulators won't work, it must be a physical Android 14 device.
4. A second device, Android or iOS, different from the Android 14 one mentioned in requirement 3.

Scenario 1 - Login with locally installed Passkey

1. Open your Android device browser and access WordPress.com.
2. Go to your Security settings and create a Security Key in your account using the device browser.
3. Open the Woo app configured with this PR and start the login flow with the same WordPress.com account you used to create the Security Key.
4. Once you hit the 2FA screen, make sure the Use security key button appears and click on it.
5. Make sure the Credential Manager opens up with a selectable Passkey and select it.
6. Verify that the login flow continues and succeeds.

Scenario 2 - Login with Passkey provided by 1Password

1. Open your Mac browser and access WordPress.com in a browser containing the 1Password extension installed.
2. Go to your Security settings and create a Security Key in your account using 1Password.
3. Open the Woo app configured with this PR and start the login flow with the same WordPress.com account you used to create the Security Key.
4. Once you hit the 2FA screen, make sure the Use security key button appears and click on it.
5. Make sure the Credential Manager opens up with a selectable 1Password passkey option.
6. Verify that the login flow continues and succeeds.

Scenario 3 - Login with Passkey provided by another device

1. Take a device different from the Android 14 one you used in Scenario 1.
2. Open this second device browser and access WordPress.com.
3. Go to your Security settings and create a Security Key in your account using the device browser.
4. Open the Woo app configured with this PR with the Android 14 device and start the login flow with the same WordPress.com account you used to create the Security Key.
5. Once you hit the 2FA screen, make sure the Use security key button appears and click on it.
6. Once the Credential Manager opens up, select the Sign-in optionsand select thelogin with another device` option.
7. Make sure a QR Code appears.
8. Read this QR code with your SECONDARY device you used in step 1 to create a Passkey.
9. Verify that both devices connects with each other and the Passkey is used from the Secondary device to the Android 14 one.
10. Verify that the login flow continues and succeeds.

Update release notes:

• I have considered if this change warrants user-facing release notes and have added them to RELEASE-NOTES.txt if necessary.

[ThomazFB]

@atorresveiga a follow-up from what we discussed last Thursday, I decided to leave that error handling we talked about to be tackled in #138. The solution is not quite as straightforward as I expected, so I decided to leave to a separate PR.

[atorresveiga]

Great work, Thomaz! The code looks great, and the three testing scenarios work as expected. 🎉

LGTM!