Support CookieManager to handle SameSite=None on iOS12 etc #269
Description
With Google Chrome 80 coming next week, many sites are updating to MicrosoftOwin 4.1.0. It now sends an explicit SameSite=None cookie attribute if SameSiteMode is set to None. This is all done automatically when updating the Microsoft.Owin.Security package to 4.1.0, without any need to change the code in these packages.
Unfortunately iOS12 (and some more browser/OS combinations) break if an explicit Samesite=None attribute is sent. The workaround suggested by Microsoft is to use a custom CookieManager that detects the user agent, and if needed sets SameSite=(SameSiteMode)(-1). To support this, the options of each provider need to be updated with an ICookieManager property and the handlers need to call the new overload of AuthenticationHandler.GenerateCorrelationId that takes the cookie manager as a param.