FIX: Correct OmniAuth route ordering

/auth/failure should be given higher precedence than /auth/:provider

config/routes.rb

@@ -599,9 +599,9 @@ Discourse::Application.routes.draw do
     end
   end
 
+  match "/auth/failure", to: "users/omniauth_callbacks#failure", via: [:get, :post]
   get "/auth/:provider", to: "users/omniauth_callbacks#confirm_request"
   match "/auth/:provider/callback", to: "users/omniauth_callbacks#complete", via: [:get, :post]
-  match "/auth/failure", to: "users/omniauth_callbacks#failure", via: [:get, :post]
   get "/associate/:token", to: "users/associate_accounts#connect_info", constraints: { token: /\h{32}/ }
   post "/associate/:token", to: "users/associate_accounts#connect", constraints: { token: /\h{32}/ }
 

spec/requests/omniauth_callbacks_controller_spec.rb

@@ -84,6 +84,12 @@ RSpec.describe Users::OmniauthCallbacksController do
       SiteSetting.enable_google_oauth2_logins = true
     end
 
+    it "should display the failure message if needed" do
+      get "/auth/failure"
+      expect(response.status).to eq(200)
+      expect(response.body).to include(I18n.t("login.omniauth_error"))
+    end
+
     describe "request" do
       it "should error for non existant authenticators" do
         post "/auth/fake_auth"