[identity] Implement LogOutPrimaryDevice RPC
Summary:
Implemented the RPC for primary device logout. It:
- Verifies if the RPC is called by a primary device
- Validates received device list: if it is a singleton of the primary device
- Applies the updated device list
- Revokes user device's CSATs
- Removes devices' data and OTKs
Test Plan:
Created a user with a few devices. Used function from D12586 to call this RPC:
- It failed when called from secondary device
- It failed when deliberately malformed the device list payload or used a different device ID
- It succeeded when called from primary device. Verified DDB:
- Users table item was still there
- Devices table contained the singleton device list. No device data was present
- OTKs and tokens were gone
Reviewers: kamil, varun, will
Reviewed By: kamil
Subscribers: ashoat, tomek
Differential Revision: https://phab.comm.dev/D12590