remove: configs for deprecated MFA feature

- the MFA feature has long been deprecated
and will soon be removed in the next release,
see: cloudfoundry/uaa#2717
- see breaking change planning: #739

[#186854489]

jobs/uaa/spec

@@ -987,24 +987,6 @@ properties:
     description: "If set to false, only users pre-populated in the UAA user database will be allowed to authenticate via LDAP. If set to true, any user from LDAP will be allowed to authenticate and an internal user will be created if one does not yet exist."
     default: true
 
-  # Multifactor Authentication
-  login.mfa.providers:
-    description: "NOTE: This feature has been deprecated and will be removed in a future release. A list of providers and their configuration. Provider names must be alphanumeric. Currently only `google-authenticator` is supported with no additional attributes. Issuer is optional."
-    example:
-      myExampleProvider1:
-        type: google-authenticator
-        config:
-          providerDescription: test adding a google authenticator to the default zone
-          issuer: uaa
-    default: ~
-
-  login.mfa.providerName:
-    description: "NOTE: This feature has been deprecated and will be removed in a future release. The unique name of the MFA provider to use for default zone."
-    default: ~
-  login.mfa.enabled:
-    description: "NOTE: This feature has been deprecated and will be removed in a future release. Set true to enable Multi-factor Authentication (MFA) for the default zone. Defaults to false."
-    default: false
-
   # OpenID Connect/OAuth
 
   login.oauth.providers:

jobs/uaa/templates/config/uaa.yml.erb

@@ -795,18 +795,6 @@
     end
   end
 
-  if_p('login.mfa.providers') do |providers|
-    providers.each do |mfaName, provider|
-      provider.each do |key,value|
-        add_value(params, value, 'login', 'mfa', 'providers', mfaName, key)
-      end
-      add_value(params, p('login.mfa.providers.'+mfaName+'.config.issuer'), 'login', 'mfa', 'providers', mfaName, 'config', 'issuer') if p_opt('login.mfa.providers.'+mfaName+'.config.issuer')
-    end
-  end
-
-  add_value(params, p('login.mfa.providerName'), 'login', 'mfa', 'providerName') if p_opt('login.mfa.providerName')
-  add_value(params, p('login.mfa.enabled'), 'login', 'mfa', 'enabled') if p_opt('login.mfa.enabled')
-
   if_p('login.oauth.providers') do |providers|
     providers.each do |idpAlias, provider|
       provider.each do |key,value|

spec/compare/all-properties-set-uaa.yml

@@ -618,15 +618,6 @@ login:
     waZKhM1W0oB8MX78M+0fG3xGUtywTx0D4N7pr1Tk2GTgNw==
     -----END RSA PRIVATE KEY-----
   selfServiceLinksEnabled: false
-  mfa:
-    enabled: true
-    providerName: myExampleProvider
-    providers:
-      myExampleProvider:
-        type: google-authenticator
-        config:
-          providerDescription: test google authenticator
-          issuer: google
   oauth:
     providers:
       my-oauth-provider:

spec/compare/bosh-lite-uaa.yml

@@ -259,9 +259,6 @@ logout:
       disable: false
 
 login:
-  mfa:
-    enabled: true
-    providerName: myExampleProvider
   url: https://login.bosh-lite.com
   selfServiceLinksEnabled: true
   defaultIdentityProvider: uaa

spec/input/all-properties-set.yml

@@ -12,15 +12,6 @@ properties:
     https_proxy: http://test.ssl.proxy:8080
     no_proxy: localhost,127.0.0.0/8
   login:
-    mfa:
-      enabled: true
-      providerName: myExampleProvider
-      providers:
-        myExampleProvider:
-          type: google-authenticator
-          config:
-            providerDescription: test google authenticator
-            issuer: google
     asset_base_url: /resources/testing
     branding:
       company_name: company name

spec/input/bosh-lite.yml

@@ -7,9 +7,6 @@ properties:
       passphrase: my-passphrase
   login:
     defaultIdentityProvider: uaa
-    mfa:
-      enabled: true
-      providerName: myExampleProvider
     brand: oss
     enabled: true
     links: