Bluetooth: host: Fail pairing if remote cannot meet required security

Fail after pairing request and response have been exchanged if the
selected pairing method would not result in the required security level.
This avoids the case where we would discover this after having encrypted
the connection and disconnect instead.

This was partially attempted but lacked checking for authentication
requirement when L3 was required, as well as skipping the check if L4
was required but remote did not support Secure Connections since the
check was after we had taken the legacy branch.

Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>