Passkey: add support for discoverable credentials

Apart from server-side credentials passkey should also register
discoverable credentials.
ipa user-add-passkey --register now supports an additional option,
--cred-type server-side|discoverable
that is propagated to passkey_child command.

Signed-off-by: Florence Blanc-Renaud <flo@redhat.com>
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>

doc/designs/passkeys.md

@@ -60,6 +60,8 @@ During the registration process, it is possible to specify
 the authentication will force to execute the user verification check even if
 the passkey settings do not set this flag. If credentials are registered without
 the flag, the global passkey settings apply.
+- credential type: `server-side` or `discoverable`
+Discoverable credentials do not require to first identify the user.
 
 When the passkey credential is registered, a relaying party (RP) is set to be
 the IPA domain (e.g. ipa.test). While using a domain-wide relaying party