* core/authenticate: refactor identity authenticators to initiate redirect, use cookie for redirect url for cognito * set secure and http only, update test
