Link service account and oauth application to duo workflow instance settings

Description

We are planning to use one service account per instance to use Duo Workflow. Service account will be created during onboarding. The service account user's id will need to be persisted in the database so we know which service account user is the Duo Workflow service account user. We will also be creating a composite oauth application for Duo Workflow. We can use a generic instance settings table ai_settings to store this info.

Implementation Plan

• DB Migration (add jsonb column) to add duo_workflow settings to ai_settings table.
• Add validations for jsonb column
• When service account user is onboarded, store user id in duo_workflow settings.
• When composite oauth application for DW is onboarded, store it in duo_workflow settings.
• Add cache (if required) for duo_workflow settings.
• Mechanism to restore these settings if not found.