feat(geo): use server-verified location from PUT response

[cyaconi]

Summary

The geoloc service recently added a location crosscheck feature: when a device submits a suspicious location via the WiFi strategy (poor accuracy or large distance jump from previous known position), the service re-queries a verification provider (e.g. Google Geolocation) to get a corrected result.

However, the corrected location was only persisted server-side — the agent continued using the original (potentially incorrect) location for the current session because it never read the PUT response body.

This change makes the agent check the PUT /geo response body for a server-verified location. When the geoloc service returns a corrected geolocation, the agent uses it instead of the original, so the current session benefits from the correction immediately.

What changed

• strategies.js: The needle.put callback now captures the response (respPut) and checks if respPut.body.location exists. If present, it uses the server-verified location; otherwise, it falls back to the original geolocation from the external provider.

Backward compatible

• If the geoloc service returns null (current behavior for unverified locations), respPut.body.location is falsy, so the agent falls back to the original location — no behavior change.
• Only when the service returns a corrected geolocation object does the agent switch to using it.

Test plan

• Verify that when the geoloc service returns null in the PUT response, the agent uses the original external provider location (no regression)
• Verify that when the geoloc service returns a corrected geolocation in the PUT response, the agent uses the corrected one
• Verify the log message "Using server-verified location instead of original" appears when a corrected location is used