Tidy up the OAuth authorization screens

Make sure all messages are translatable, separate errors from
user initiated denial of authorization.

app/controllers/oauth_controller.rb

@@ -67,10 +67,12 @@ protected
           end
         else
           @token.invalidate!
+          @message = t("oauth.oauthorize_failure.denied", :app_name => @token.client_application.name)
           render :action => "authorize_failure"
         end
       end
     else
+      @message = t "oauth.oauthorize_failure.invalid"
       render :action => "authorize_failure"
     end
   end

app/views/oauth/authorize.html.erb

@@ -1,8 +1,9 @@
 <% content_for :heading do %>
-  <h1>Authorize access to your account</h1>
-  <p><%= raw t('oauth.oauthorize.request_access', :app_name => link_to(@token.client_application.name, @token.client_application.url), :user => link_to(@user.display_name, :controller => :user, :action => :view, :display_name => @user.display_name)) %></p>
+  <h1><%= t "oauth.oauthorize.title" %></h1>
 <% end %>
 
+<p><%= raw t("oauth.oauthorize.request_access", :app_name => link_to(@token.client_application.name, @token.client_application.url), :user => link_to(@user.display_name, :controller => :user, :action => :view, :display_name => @user.display_name)) %></p>
+
 <%= form_tag authorize_url do %>
   <%= hidden_field_tag "oauth_token", @token.token %>
   <%- if params[:oauth_callback] -%>

app/views/oauth/authorize_failure.html.erb

@@ -1,3 +1,5 @@
 <% content_for :heading do %>
-  <h1>You have disallowed this request</h1>
-<% end %>
+  <h1><%= t "oauth.oauthorize_failure.title" %></h1>
+<% end %>
+
+<p><%= @message %></p>

app/views/oauth/authorize_success.html.erb

@@ -1,7 +1,9 @@
 <% content_for :heading do %>
-  <h1>You have allowed this request</h1>
+  <h1><%= t "oauth.oauthorize_success.title" %></h1>
 <% end %>
 
+<p><%= raw t("oauth.oauthorize_success.allowed", :app_name => link_to(@token.client_application.name, @token.client_application.url)) %></p>
+
 <% if @token.oob? and not @token.oauth10? %>
-<p>The verification code is <%= @token.verifier %></p>
+<p><%= t "oauth.oauthorize_success.verification", :code => @token.verifier %></p>
 <% end %>

config/locales/en.yml

@@ -1500,6 +1500,7 @@ en:
       need_to_see_terms: "Your access to the API is temporarily suspended. Please log-in to the web interface to view the Contributor Terms. You do not need to agree, but you must view them."
   oauth:
     oauthorize:
+      title: "Authorize access to your account"
       request_access: "The application %{app_name} is requesting access to your account, %{user}. Please check whether you would like the application to have the following capabilities. You may choose as many or as few as you like."
       allow_to: "Allow the client application to:"
       allow_read_prefs:  "read your user preferences."
@@ -1509,6 +1510,14 @@ en:
       allow_read_gpx:    "read your private GPS traces."
       allow_write_gpx:   "upload GPS traces."
       allow_write_notes: "modify notes."
+    oauthorize_success:
+      title: "Authorization request allowed"
+      allowed: "You have granted application %{app_name} access to your account."
+      verification: "The verification code is %{code}."
+    oauthorize_failure:
+      title: "Authorization request failed"
+      denied: "You have denied application %{app_name} access to your account."
+      invalid: "The authorization token is not valid."
     revoke:
       flash: "You've revoked the token for %{application}"
   oauth_clients:

test/integration/oauth_test.rb

@@ -285,7 +285,7 @@ class OAuthTest < ActionDispatch::IntegrationTest
       :allow_read_prefs => true, :allow_write_prefs => true
     assert_response :success
     assert_template "authorize_success"
-    m = response.body.match("<p>The verification code is ([A-Za-z0-9]+)</p>")
+    m = response.body.match("<p>The verification code is ([A-Za-z0-9]+).</p>")
     assert_not_nil m
     verifier = m[1]
     token.reload