fix: don't fail early on bad gRPC username

[AaronFeickert]

Description

Modifies gPRC credential validation not to fail early on an incorrect username.

Closes #5904.

Motivation and Context

Concurrent work in #5902 modifies gPRC username comparison to be a (mostly) constant-time operation. However, overall credential validation will still fail early if the username is incorrect without running Argon2 on the provided passphrase. This could leak timing information to an attacker, who could use it to determine if the provided username is correct.

This PR modifies the credential validation flow to run both username and password validation. If either fails, a more generic error is returned. It is still possible to fail early on data that can't be parsed correctly; however, this doesn't leak any information and is therefore safe.

It also updates credential failure tests, which were written in a way that didn't fully exercise the proper failure mode.

Note that this will introduce a small conflict with #5902 that will require a trivial modification to address.

How Has This Been Tested?

Existing tests pass. Modified tests pass.

What process can a PR reviewer use to test or verify this change?

Check that the new validation flow has the intended effect, and that the updated test exercises the correct failure mode.

[github-actions]

Test Results (CI)

1 254 tests   1 254 ✔️  15m 10s ⏱️
     39 suites         0 💤
       1 files           0 ❌

Results for commit 971a924.

♻️ This comment has been updated with latest results.

[github-actions]

Test Results (Integration tests)

31 tests  +31   31 ✔️ +31   14m 27s ⏱️ + 14m 27s
11 suites +11     0 💤 ±  0 
  2 files   +  2     0 ❌ ±  0 

Results for commit 971a924. ± Comparison against base commit 1195afb.

♻️ This comment has been updated with latest results.

[brianp]

LGTM, utAck

[AaronFeickert]

This is now superseded by an update to #5902.