fix: redirect TPA account_settings errors to Account MFE with duplicate_provider param

Author: Gi-ron

common/djangoapps/third_party_auth/views.py

@@ -3,9 +3,11 @@
 """
 
 import logging
+from urllib.parse import quote
 
 from django.conf import settings
 from django.contrib.auth.decorators import login_required
+from django.contrib.messages import get_messages
 from django.core.exceptions import PermissionDenied, ValidationError
 from django.db import DatabaseError
 from django.http import (
@@ -32,6 +34,7 @@
 from common.djangoapps.student.models import UserProfile
 from common.djangoapps.student.views import compose_and_send_activation_email
 from common.djangoapps.third_party_auth import pipeline, provider
+from openedx.core.djangoapps.site_configuration import helpers as configuration_helpers
 
 from .models import SAMLConfiguration, SAMLProviderConfig
 
@@ -273,3 +276,21 @@ def disconnect_json_view(request, backend, association_id=None):
             'backend': backend,
             'association_id': association_id
         }, status=500)
+
+def account_settings_redirect_view(request):
+    """
+    Redirect to Account MFE, preserving auth error messages (e.g., AuthAlreadyAssociated).
+    """
+    account_mfe_url = configuration_helpers.get_value(
+        'ACCOUNT_MICROFRONTEND_URL',
+        settings.ACCOUNT_MICROFRONTEND_URL,
+    ).rstrip('/')
+
+    duplicate_backend = pipeline.get_duplicate_provider(get_messages(request))
+    if not duplicate_backend:
+        return redirect(account_mfe_url)
+
+    enabled_providers = list(provider.Registry.get_enabled_by_backend_name(duplicate_backend))
+    provider_name = enabled_providers[0].name if enabled_providers else duplicate_backend
+
+    return redirect(f'{account_mfe_url}/?duplicate_provider={quote(provider_name)}')

openedx/core/djangoapps/user_api/legacy_urls.py

@@ -1,12 +1,10 @@
 """
 Defines the URL routes for this app.
 """
-from django.conf import settings
 from django.urls import include, path, re_path
-from django.views.generic import RedirectView
 from rest_framework import routers
 
-from openedx.core.djangoapps.site_configuration import helpers as configuration_helpers
+from common.djangoapps.third_party_auth.views import account_settings_redirect_view
 
 from . import views as user_api_views
 from .models import UserPreference
@@ -19,12 +17,7 @@
     # This redirect is needed for backward compatibility with the old URL structure for the authentication
     # workflows using third-party authentication providers until the authentication workflows fully support
     # the URL structure with MFEs.
-    re_path(r'^account(?:/settings)?/?$', RedirectView.as_view(
-        url=configuration_helpers.get_value(
-            'ACCOUNT_MICROFRONTEND_URL',
-            settings.ACCOUNT_MICROFRONTEND_URL,
-        )),
-    ),
+    re_path(r'^account(?:/settings)?/?$', account_settings_redirect_view),
     path('user_api/v1/', include(USER_API_ROUTER.urls)),
     re_path(
         fr'^user_api/v1/preferences/(?P<pref_key>{UserPreference.KEY_REGEX})/users/$',