Device flow input doesn't work

[TheDevMinerTV]

Describe the bug

The device flow input doesn't work, it just redirects to the stage configuration flow and then to the homepage of the Authentik instance.

To Reproduce
Steps to reproduce the behavior:

0. Prepare

   export CLIENT_ID="***"
   export BASE_URL="https://***"

1. Trigger the device flow endpoint:

   INIT_RES=$(curl -s -X POST --data-urlencode "client_id=$CLIENT_ID" --data-urlencode "scopes=openid email" $BASE_URL/application/o/device/)
   echo $INIT_RES | jq '{uri: .verification_uri, code: .user_code}'
   export DEVICE_CODE=$(echo $INIT_RES | jq -r .device_code)

2. Go to the URI in that JSON response and enter the code
3. Get redirected to the home of the instance
4. Try to redeem the device code

   curl -X POST --data-urlencode 'grant_type=urn:ietf:params:oauth:grant-type:device_code' --data-urlencode "client_id=$CLIENT_ID" --data-urlencode "device_code=$DEVICE_CODE" $BASE_URL/application/o/token/  | jq {expires_in: .expires_in}

5. Receive {"error": "authorization_pending", "error_description": "The authorization request is still pending as the end user hasn't yet completed the user-interaction steps"}
6. Run this and click on the link

   echo $INIT_RES | jq '.verification_uri_complete'

7. Run the redeem snippet again

   curl -X POST --data-urlencode 'grant_type=urn:ietf:params:oauth:grant-type:device_code' --data-urlencode "client_id=$CLIENT_ID" --data-urlencode "device_code=$DEVICE_CODE" $BASE_URL/application/o/token/  | jq '{expires_in: .expires_in}'

8. It works.
   Expected behavior

I expect the code input to actually work.

Screenshots
2024-03-09 23-40-00.webm

Logs
Output of docker-compose logs or kubectl logs respectively

Version and Deployment:

• authentik version: 2024.2.2
• Deployment: docker compose

Additional context

The flow works when adding ?code=<CODE> manually to the URL.