misc: log when login is refused because of authn_classref mismatch (#68236)

2022-08-17 21:38:46 +02:00 · 2022-08-17 21:38:46 +02:00 · 366758a54d
parent 437d1a3063
commit 366758a54d
1 changed files with 5 additions and 0 deletions
--- a/mellon/adapters.py
+++ b/mellon/adapters.py
@ -268,6 +268,11 @@ class DefaultAdapter:
        if required_classref:
            given_classref = saml_attributes['authn_context_class_ref']
            if given_classref is None or given_classref not in required_classref:
+                logger.info(
+                    'mellon: refused login because of authn_classref mismatch (%r vs %s)',
+                    given_classref,
+                    required_classref,
+                )
                raise PermissionDenied
        return True