Send confirmation code and the flow confirmation code separately in user account recovery API v2

[isuruhettiarachchi]

Describe the issue:
In the user account recover API v2, WSO2 IS is sending the confirmation code and flow confirmation code appended with a dot.
With the improvement done in #14808, users can use an OTP instead of UUID in the recovery flows and utilize it in the API based implementation such as mobile applications that will utilize REST API to confirm.

When the flow confirmation code and the confirmation code are appended, it is not to show only the confirmation code without string manipulation.

It is required to send the confirmation code without appending the confirmation code to the user in the recovery flow.

How to reproduce:

1. Enable OTP support for recovery flows Allow sending OTP for confirmation and recovery scenarios via email #14808
2. Initiate password recovery flow with API v2 [1]
3. In the recovery flow, the confirmation code will return with flow confirmation code appended.

{
    "code": "PWR-02001",
    "message": "Password recovery information sent via user preferred notification channel.",
    "flowConfirmationCode": "cc8136de-ea44-440b-8338-f5c625a8954c",
    "notificationChannel": "EXTERNAL",
    "confirmationCode": "cc8136de-ea44-440b-8338-f5c625a8954c.wR5hT4",
    "resendCode": "b87de6d1-abb2-4aee-b079-cc2934b8ef69",
    "links": [
        {
            "rel": "next",
            "href": "/api/users/v2/recovery/password/confirm",
            "type": "POST"
        },
        {
            "rel": "resend",
            "href": "/api/users/v2/recovery/password/resend",
            "type": "POST"
        }
    ]
}

Expected behavior:
Only the confirmation code should send in the email. Flow confirmation code should be send in the API response to use in the next API call.

Environment information:

• Product Version: IS 7.0.0

---

[1] - https://is.docs.wso2.com/en/latest/apis/user-account-recovery-v2-rest-api/