fix(login): check for error before automatic idp redirect (#7891)

* fix(login): check for error before automatic idp redirect

* hide next button on login page if username password is not enabled

internal/api/ui/login/login_handler.go

@@ -95,7 +95,7 @@ func (l *Login) renderLogin(w http.ResponseWriter, r *http.Request, authReq *dom
 	if err != nil {
 		errID, errMessage = l.getErrorMessage(r, err)
 	}
-	if singleIDPAllowed(authReq) {
+	if err == nil && singleIDPAllowed(authReq) {
 		l.handleIDP(w, r, authReq, authReq.AllowedExternalIDPs[0].IDPConfigID)
 		return
 	}

internal/api/ui/login/static/templates/login.html

@@ -36,7 +36,9 @@
         <a class="lgn-icon-button lgn-left-action" id="back-button" href="#">
             <i class="lgn-icon-arrow-left-solid"></i>
         </a>
+        {{if hasUsernamePasswordLogin}}
         <button class="lgn-raised-button lgn-primary lgn-initial-focus" id="submit-button" type="submit">{{t "Login.NextButtonText"}}</button>
+        {{end}}
         <span class="fill-space"></span>
         {{if hasRegistration}}
         <button class="lgn-stroked-button" name="register" value="true" formnovalidate>{{t "Login.RegisterButtonText"}}</button>