SSO with a non-trusted client causes a loop

[dmcinnes]

During an SSO init, if an existing oauth dance is going on with an untrusted client, this line will show the authorization page: https://github.com/heroku/identity/blob/master/lib/identity/login_external.rb#L24 Then when 'Authorize' button is hit we redirect back to SSO and get into a loop: https://github.com/heroku/identity/blob/master/lib/identity/auth.rb#L231-L234

/cc @gulopine @heroku/management-experience