domain_sso_admin_toolbar: fix path prefix handling and skip SSO for same-host domains

Problem

DomainSwitchController::switchDomain() has two bugs when used with domain path prefixes (multiple domains sharing a hostname, differentiated by URL path prefix):

1. Path prefix leaks into target URL

When switching domains, the referer path is extracted and appended to the target domain URL without stripping the current domain's path prefix (or language prefix). For example, switching from example.com/fr/admin to a domain on other.com:

• Referer path extracted: /fr/admin (includes current prefix /fr)
• Target URL built: other.com/ + /fr/admin = other.com/fr/admin
• Expected: other.com/admin (prefix stripped)

Similarly, IssueController builds the SSO consume URL using Url::fromRoute() which runs outbound path processors that prepend the current domain's prefix to a URL meant for the target domain.

2. Unnecessary SSO handshake for same-host domains

When two domains share the same hostname (differing only by path prefix, e.g. example.com/en/ and example.com/fr/), the controller still goes through the SSO handshake. This is unnecessary because same-hostname domains share browser session cookies — a direct redirect is sufficient and faster.

Fix

1. DomainSwitchController: use processInbound() to strip all prefixes (domain path prefix, language prefix, etc.) from the referer path before building the target URL.
2. IssueController: pass 'domain' => $domain option to Url::fromRoute() so outbound path processors use the target domain's context instead of the current domain's.
3. Same-host skip: compare source and target domain hostnames — if they match, redirect directly without SSO.