UX: Improve error handling for common OmniAuth exceptions (PR #7991)

This displays more useful messages for the most common issues we see:

  • CSRF (when the user switches browser)
  • Invalid IAT (when the server clock is wrong)
  • OAuth::Unauthorized for OAuth1 providers, when the credentials are incorrect

This commit also stops earlier for disabled authenticators. Now we stop at the request phase, rather than the callback phase.

GitHub

You’ve signed the CLA, davidtaylorhq. Thank you! This pull request is ready for review.

    error_key = params[:message].to_s.gsub(/[^\w-]/, "") || "generic"
    error_key = params[:message].to_s.gsub(/[^\w-]/, "") || "generic"