1853 id verification consent sms

[eastandwestwind]

Closes #1853

Code Changes

• Adjust back-end to support both email and SMS id verification for consent
• Adds SMS input field to privacy center
• Adds unit tests

Steps to Confirm

• In fides.toml set subject_identity_verification_required = true and notification_service_type = "twilio_text"
• nox -s dev
• Add twilio sms config/secret using postman (follow https://docs.ethyca.com/fides/dsr_quickstart/dsr_support/messaging#twilio to set up your twilio acct)
• Ensure your phone number has been added to the twilio account's verified phone numbers (https://console.twilio.com/us1/develop/phone-numbers/manage/verified)
• In a new terminal, cd into clients/privacy-center, run npm install, npm run build, then npm run dev
• Submit consent request, enter verification code sent to phone
• Please also regression test email id verification for consent

Pre-Merge Checklist

• All CI Pipelines Succeeded
• Documentation:
  • documentation complete, PR opened in fidesdocs
  • documentation issue created in fidesdocs
• Issue Requirements are Met
• Relevant Follow-Up Issues Created
• Update CHANGELOG.md

Description Of Changes

Write some things here about the changes and any potential caveats

[adamsachs]

the BE here generally looks good to me, pretty clean updates! just a couple of minor points that i don't think are necessary to address, but wanted to call attention to them.

i also ran through manual testing of the basic functionality here, and covered regression testing with email verification too. it may be worth noting the privacy center config flags used to determine whether email or phone_number are required identity inputs, since that did catch my attention for a sec. i'm not sure if we've got any spot to document privacy center configurability, but at least putting a note in the PR or issue may be helpful if people run into questions when they try to use this in the wild?

a couple of other asides that i noticed along the way, which we may want to create follow ups for:

• i found the setup docs generally good, but lacking a crucial detail that indicates the actual URL/path that needs to be hit for the given steps. am i missing something obvious? there do seem to be other points in the docs where we've also omitted the URL/path, so perhaps this is a deliberate decision? from the POV of a client, i think i'd find this pretty confusing. what do you think?
• i also noticed what seems to be a bug in our caching of verification codes - i don't think we're actually setting our verification codes to expire in the cache using the identity_verification_code_ttl_seconds setting, i think we're just relying on the default_ttl_seconds expiration time. i created a follow up ticket for this one (the redis.identity_verification_code_ttl_seconds config property is not being respected #2104)

[eastandwestwind]

Thanks so much for the thorough testing and review @adamsachs ! A couple things:

1. Based on your feedback, I've updated comments in the code to reflect he configurability of the PC:

Consent requests, unlike privacy requests, only accept 1 identity type- email or phone. 
    These identity types are configurable as optional/required within the privacy center config.json.
    If both identity types are provided, we'll use identity type if defined in
    CONFIG.notifications.notification_service_type, else default to email.

2. As discussed in Slack, now that I know where the new docs live, I'll make the appropriate updates to Twilio configuration docs for clarity- Add clarity to Twilio Config docs #2107
3. Follow-up ticket for exception handling- Add new Exception type to the message dispatcher for 422 type errors #2106
4. Thanks so much for working on use verification ttl property when setting in cache #2105, I'll take a look today!

[adamsachs]

nice, this all looks good to me on the backend pieces - thanks for addressing everything i brought up in a thoughtful way!

not sure if we want to go ahead and merge without further FE code review? things certainly seem functional, but can't comment much on the code itself :)