`federated.csrf` cookie is not created in some cases

[spwitt]

federated.csrf cookie is not created in some cases

Description

The federated.csrf cookie (required for IdP logins since version 1.47.0) is not written by the /oauth2/authorize page when

1. An idp_hint query string parameter is provided in the URL -and-
2. All configured IdPs for the application are configured to use Managed Domains

Observed versions

1.49.2

Affects versions

>= 1.47.0

Steps to reproduce

1. From a fresh install
2. Create an Identity Provider with a Managed domain (see screenshot)
3. Enable the IdP for one or more applications
4. Navigate to the /oauth2/authorize page for the application and include the idp_hint query string parameter
5. The user will be redirected to the IdP automatically
6. Navigate back to the FusionAuth URL and inspect cookies
7. There is no federated.csrf cookie written

Expected behavior

The federated.csrf cookie should be written when redirecting to an external IdP based on the idp_hint parameter.

Screenshots

Community guidelines

All issues filed in this repository must abide by the FusionAuth community guidelines.

[robotdan]

Assuming we are considering this is a bug, can we tag it?

[pramodva]

when this bug will be addressed?