messagix/bloks: Handle new MFA methods

[radon-at-beeper]

This makes a ton of improvements across the messenger-lite login flows, especially for more robustly handling the yawning, labyrinthine abyss of different MFA types that Facebook supports in different cases.

• Support for both image and audio captchas (using bridgev2/login: add attachments option to user input step type go#465)
• Support in the interpreter bridge for bk.action.navigation.OpenUrl as well as setting watches on global variables which are sometimes used to return error messages
• Reverse engineered the integer typing system used internally to Bloks, so that is used properly now rather than being stubbed out (1 = bool, 2 = string, etc)
• Support for the "AP" page navigation style, which is an entire parallel universe to the normal flow. This entails a whole new set of different navigation states and separate RPCs, as well as support for a special component that embeds an action inside a page inside an action
• Handle unicode escapes in the Lisp parser because some of them are used in user-visible error messages now
• Reduce incidence of nil pointer dereferences in the Selenium utilities
• Some new utilities for listing child components and evaluating on_bind attributes
• In all cases where entering a credential or code can fail, handle the error, display it to the user, and prompt for re-entry
• Handle the email code entry MFA step, both in the case where it is displayed on the normal (or AP-style) MFA screen and in the case where it is prompted automatically as an interstitial due to entering the wrong password and the account password having been changed recently
• More general MFA method detection, which finds all available MFA methods rather than just ones with explicit support. Filter out Google OAuth MFA automatically since it can't be done without a very custom webview
• If messenger-lite login fails, log the error rather than only returning it to calling code
• A bunch of new test code in the bloks command-line tool, especially the ability to make actual RPC requests from the command line

Note: there is a replace directive in the go.mod and a place where I return an error right after successful login (to avoid needing to log out again), these are both just for easier testing and will be removed before merge.

There's also a custom TestCaptcha flow state in Selenium that you can use to easily test whether captcha codes show up correctly in clients, without needing to actually trigger one from Facebook. I'm open to removing this in case we think the dead code is ugly, though