[Pm 3797 Part 2] Add emergency access rotations (#3434)

## Type of change

<!-- (mark with an `X`) -->

```
- [ ] Bug fix
- [ ] New feature development
- [x] Tech debt (refactoring, code cleanup, dependency upgrades, etc)
- [ ] Build/deploy pipeline (DevOps)
- [ ] Other
```

## Objective
<!--Describe what the purpose of this PR is. For example: what bug you're fixing or what new feature you're adding-->
See #3425 for part 1 and background.

This PR adds emergency access to the rotation. All new code is hidden behind a feature flag.

The Accounts controller has also been moved to Auth ownership.

## Code changes
<!--Explain the changes you've made to each file or major component. This should help the reviewer understand your changes-->
<!--Also refer to any related changes or PRs in other repositories-->

* **file.ext:** Description of what was changed and why
* **AccountsController.cs:** Moved to Auth ownership. Emergency access validation was added (as well as initializing empty lists to avoid errors).
* **EmergencyAccessRotationValidator.cs:** Performs validation on the provided list of new emergency access keys.
* **EmergencyAccessRepository.cs:** Adds a method to rotate encryption keys. This is added to a list in the `RotateUserKeyCommand` that the `UserRepository` calls so it doesn't have to know about all the domains.

## Before you submit

- Please check for formatting errors (`dotnet format --verify-no-changes`) (required)
- If making database changes - make sure you also update Entity Framework queries and/or migrations
- Please add **unit tests** where it makes sense to do so (encouraged but not required)
- If this change requires a **documentation update** - notify the documentation team
- If this change has particular **deployment requirements** - notify the DevOps team

src/Core/Auth/UserFeatures/UserKey/IRotateUserKeyCommand.cs

@@ -1,4 +1,5 @@
 using Bit.Core.Auth.Models.Data;
+using Bit.Core.Entities;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.Data.SqlClient;
 
@@ -12,7 +13,14 @@ public interface IRotateUserKeyCommand
     /// <param name="model">All necessary information for rotation. Warning: Any encrypted data not included will be lost.</param>
     /// <returns>An IdentityResult for verification of the master password hash</returns>
     /// <exception cref="ArgumentNullException">User must be provided.</exception>
-    Task<IdentityResult> RotateUserKeyAsync(RotateUserKeyData model);
+    Task<IdentityResult> RotateUserKeyAsync(User user, RotateUserKeyData model);
 }
 
-public delegate Task UpdateEncryptedDataForKeyRotation(SqlTransaction transaction = null);
+/// <summary>
+/// A type used to implement updates to the database for key rotations. Each domain that requires an update of encrypted
+/// data during a key rotation should use this to implement its own database call. The user repository loops through
+/// these during a key rotation.
+/// <para>Note: connection and transaction are only used for Dapper. They won't be available in EF</para>
+/// </summary>
+public delegate Task UpdateEncryptedDataForKeyRotation(SqlConnection connection = null,
+    SqlTransaction transaction = null);