Improve Group SAML authentication failed messages
What
Create improved error messages for the following:
- Extern uid has already been taken: actually caused by trying to log into multiple users with one identity.
- User has already been taken: actually caused by mismatched NameID
- Both of the above: actually relates to NameID capitalization
- Ensure there is a sensible error message when NameID is missing
Update documentation for these under https://docs.gitlab.com/ee/user/group/saml_sso/#message-saml-authentication-failed-extern-uid-has-already-been-taken
Why
These messages are currently confusing and don't help diagnose NameID misconfiguration. A first guess with the current messages might be the opposite of what is actually occurring.
Relates to #33464 (closed)
Edited by James Edwards-Jones