SAML re-authorization dialog

[niik]

Description

This introduces special case handling of a particular set of access denied errors related to SAML and SSO. When a user is signed in but their token hasn't yet been authorized for a particular SAML organization fetches, pushes, and pulls will fail with a specific error message from the server informing the user that they need to re-authorize (sign out and back in again).

Screenshots

Before

After

Flow

Testing notes (requires membership in a SAML org)

1. In your primary browser, sign out of GitHub.com completely
2. In GitHub Desktop, sign out of your GitHub.com account.
3. Sign in using the web flow in GitHub Desktop but do not authorize the SAML org

4. Attempt to fetch, push, or pull a private repository owned by your SAML org

Expected result is a dialog that allows you to sign in again using the Web flow where you have the ability to authorize the SAML org.

Release notes

Notes:

[tierninho]

Testing notes:

• Overall this works well and will hopefully help with some of the auth issues coming through 👍
• I can foresee some minor confusion with "authorize" and "continue" on the SSO page. We do not explicitly say you have to click "authorize", just "grant access". I think most will get it though. If the user clicks continue, we surface a similar warning but only in the console logs:

install.ts:27 fetchCommit: returned an error 'github/quality@de8bc7a12fc8208e9e21ff47777bee9e13905d26'
Error: Resource protected by organization SAML enforcement. You must grant your personal token access to this organization.

No strong feels on doing anything to change the current fix, just wanted to point it out.

[kuychaco]

Code looks great! Thanks @niik ✨. And thanks @tierninho for testing 🙏