We see several of these errors logged by the RA daily:
ra[863]: {"message":"Uncaught PHP Exception Surfnet\\SamlBundle\\Exception\\RuntimeException: \"Authentication logging context is unknown\" at SamlAuthenticationLogger.php line 100","context":{"exception":{"class":"Surfnet\\SamlBundle\\Exception\\RuntimeException","message":"Authentication logging context is unknown","code":0,"file":"/var/www/html/vendor/surfnet/stepup-saml-bundle/src/Monolog/SamlAuthenticationLogger.php:100"}},"level":500,"level_name":"CRITICAL","channel":"request","datetime":"XXX","extra":{"art":"42038","server":"ra.XXX","application":"registration-authority","request_id":"eafd9ac4be3c0e5d6813d7c37fe936a4"}}
The error location is in the SAML-Bundle: https://github.com/OpenConext/Stepup-saml-bundle/blob/main/src/Monolog/SamlAuthenticationLogger.php#L100
The original error is obscured by this exception. I don't think that this is the behaviour that we want, we should at least log the original message.
One customer (an RA) reported being stuck getting this error while activating the tiqr token of a user. The error occurred at the point where the gateway POSTed the SAML response of the tiqr GSSP authentication to the RA.
We see several of these errors logged by the RA daily:
ra[863]: {"message":"Uncaught PHP Exception Surfnet\\SamlBundle\\Exception\\RuntimeException: \"Authentication logging context is unknown\" at SamlAuthenticationLogger.php line 100","context":{"exception":{"class":"Surfnet\\SamlBundle\\Exception\\RuntimeException","message":"Authentication logging context is unknown","code":0,"file":"/var/www/html/vendor/surfnet/stepup-saml-bundle/src/Monolog/SamlAuthenticationLogger.php:100"}},"level":500,"level_name":"CRITICAL","channel":"request","datetime":"XXX","extra":{"art":"42038","server":"ra.XXX","application":"registration-authority","request_id":"eafd9ac4be3c0e5d6813d7c37fe936a4"}}The error location is in the SAML-Bundle: https://github.com/OpenConext/Stepup-saml-bundle/blob/main/src/Monolog/SamlAuthenticationLogger.php#L100
The original error is obscured by this exception. I don't think that this is the behaviour that we want, we should at least log the original message.
One customer (an RA) reported being stuck getting this error while activating the tiqr token of a user. The error occurred at the point where the gateway POSTed the SAML response of the tiqr GSSP authentication to the RA.