feat(auth): add reauthentication flow with automatic operation retry

[demolaf]

Closes #563 .

Implements the reauthentication flow.

FirebaseAuthScreen now handles AuthState.ReauthenticationRequired internally. When this state is emitted, it automatically shows a bottom sheet scoped to only the providers already linked to the current user, disables new account creation, and retries the original operation on successful reauthentication — all without any extra wiring from the caller.

Two new APIs expose this to apps:

withReauth — wraps any sensitive Firebase operation. If it throws FirebaseAuthRecentLoginRequiredException, it emits ReauthenticationRequired with the operation attached as a retry. FirebaseAuthScreen picks it up, shows the reauth sheet, and re-runs the operation automatically on success.

lifecycleScope.launch {
    authUI.withReauth(context, reason = "Verify your identity to delete your account") {
        user.delete().await()
    }
}

createReauthFlow — activity-based alternative returning an AuthFlowController for apps that want an explicit, launcher-style reauth flow scoped to the current user's linked providers.

FirebaseAuthScreen also gains a reauthContent slot for apps that want to supply their own reauth UI instead of the default bottom sheet.

Preview

Reauthentication.Demo.webm

[gemini-code-assist]

Code Review

This pull request introduces a reauthentication flow to the FirebaseUI Auth library, which is required before performing sensitive operations such as account deletion. It adds a new AuthState.ReauthenticationRequired state, a createReauthFlow method in FirebaseAuthUI, and updates the email and OAuth providers to support reauthentication. Additionally, it integrates a reauthentication bottom sheet in FirebaseAuthScreen and updates the demo application to demonstrate account deletion. The review feedback highlights three key improvement opportunities: wrapping the retry(context) invocation in a try-catch block within FirebaseAuthScreen to prevent potential crashes from unhandled exceptions, and replacing unsafe double-bang (!!) operators on auth.currentUser with defensive null checks in both EmailAuthProvider+FirebaseAuthUI.kt and OAuthProvider+FirebaseAuthUI.kt.