When using Oauth based authentication systems that redirect to an external system for authentication, the /login page is still available and presenting a login form (that obviously won't allow to login).

This was tested with both the Github Authentication Plugin and the Login with Google Security Realms.

As far as I can tell it is a minor issue given that it would only happen to a user that would follow a direct url to login but I witnessed it for at least one user.

Note: the fix isn't as simple as deactivating the page as it is often used for things like health checks.