Ensure errors in the auth flow (SAML) redirect cleanly

[daviddob]

With the current implementation errors in the SAML auth flow dead end the user on the API in their browser instead of redirecting them to an error page back on the client.

Errors at this stage (if caught on our API) should gracefully redirect users back to the client. These errors often are associated with a misconfigured SAML provider which can and should be mitigated by proper config validation before creating the SAML Strategy.