When a user with two-factor auth enabled attempts to use an OAuth2
provider to sign-in, the user would see a 500 error without explanation
why. This occurred because the failure case in
OmniauthCallbacksController was attempting to render the partial of the
new session, but the CAPTCHA helpers are only defined for
SessionsController, not for this one.

To fix this problem, redirect the page with the alert to the sign-in
page and display a flash alert with a notice about an unconfirmed
e-mail. The redirection also cleans up the URL so that the page doesn't
look like it starts from an Omniauth callback.

Closes https://gitlab.com/gitlab-org/gitlab/-/issues/232611