fix: signInWithCredential MFA cookie issue

[shuowu]

This PR:

• fixes missing {withCredential: true} when call signInWithCredential method
• adds a React MFA (v1) sample under /samples folder, the sample supports Email and Security question factors
• adds mfa-password-and-question cucumber feature to verify the SDK change against e2e
• updates SIW to the latest version in repo

[codecov-commenter]

Codecov Report

Merging #893 (b846896) into 5.3 (a4bb17a) will increase coverage by 0.00%.
The diff coverage is 100.00%.

@@           Coverage Diff            @@
##              5.3     #893    +/-   ##
========================================
  Coverage   91.58%   91.59%            
========================================
  Files         120      120            
  Lines        3375     3497   +122     
  Branches      695      734    +39     
========================================
+ Hits         3091     3203   +112     
- Misses        284      294    +10     

Impacted Files	Coverage Δ
lib/OktaAuth.ts	89.70% <100.00%> (+0.94%)	⬆️
lib/tx/AuthTransaction.ts	89.71% <100.00%> (ø)
lib/idx/index.ts	100.00% <0.00%> (ø)

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update a4bb17a...b846896. Read the comment docs.

[aarongranick-okta]

If version bump is included in this PR, would be best to squash everything, but leave version bump (and changelog if you want) in its own commit (the last before we promote), so it will have an extra entry in the commit history and we will see it in master after the backport merge.