Feat: Bind origin domain cookie to state parameter

[tanya732]

Changes

• Origin domain HMAC cookie now includes the state parameter in its signature: HMAC(domain|state, secret)
• On callback, the cookie is verified against the state from the request, if mismatched (replay from a different transaction), verification fails and falls back to domainProvider.getDomain()
• Added context-bound sign(value, context, secret) and verifyAndExtract(signedValue, context, secret) overloads to SignedCookieUtils

[tanya732]

@copilot Please review the PR

[Copilot]

@copilot Please review the PR

Reviewed the PR. Here's a summary:

SignedCookieUtils

• New sign(value, context, secret) overload computes HMAC(value|context, secret) but only stores value|signature — the context (state) is never written to the cookie, so it must be re-supplied on verification. ✅
• New verifyAndExtract(signedValue, context, secret) overload recomputes the same HMAC and uses constant-time MessageDigest.isEqual for comparison. ✅
• The existing (context-less) overloads are preserved and unchanged.

TransientCookieStore

• storeSignedOriginDomain / getSignedOriginDomain now accept state and delegate to the context-bound overloads. ✅

RequestProcessor

• assertValidState is refactored to return the validated state string instead of void — clean minimal change. ✅
• The returned state is passed to getSignedOriginDomain, so a replayed cookie from a different transaction will fail HMAC verification and fall back to domainProvider.getDomain(). ✅

AuthorizeUrl

• Guards the storeSignedOriginDomain call with state != null and passes state through. ✅

Tests

• All existing tests updated to match new signatures.
• New tests cover: context-bound sign/verify, wrong context rejection, cross-overload isolation, null handling, and a replay-detection scenario.
• Full test suite passes with BUILD SUCCESSFUL.

No issues found — the implementation correctly binds the origin domain cookie to the transaction's state parameter.