Move blocking calls to FortiAuthenticator push auth API to Sidekiq

This is a follow-up to #321728 (closed) and #322595 (closed).

Discussion with ~"team::Scalability" in gitlab-com/gl-infra/scalability#916, the proposed solution to handle blocking calls is to initiate the requests from Sidekiq jobs. We need /two_factor_check to return the URL where the status can be queried. To get the push auth result from this new endpoint, we can either:

1. poll that endpoint (once a second perhaps, for a fairly short time like 15 seconds), or
2. use websockets to wait on a result (hand-waving), or
3. we add specific handling in workhorse, like we do for CI runner job polling, and have the UI call the result endpoint and cheaply block in workhorse until there is a result available or it times out.

This is required before enabling FortiAuthenticator on GitLab.com.