Exception handling and logging of tiqr-server-libphp
Handle interface changes of tiqr-server-libphp
Use isblocked logic from UserStorage instead of reimplementening it in Stepup-tiqr
Hash identifiers before storing them in statestorage to protect sensitive values so we can now use the enrollment secret to get the SARI of the final enrollment set of the tiqr app. For all valid app interactions a SARI should now be available
Set SARI <-> identifier associations to expire after one hour, and do not mannually clean them up. This makes client server interaction errors like reusing a authentication session easier to diagnose because reused identifiers will still me recognised
Assert that the OCRA secret that the client POSTed makes sense
Add better diagnostics though logging of tiqr client requests that are missing parameters
Update to tiqr/tiqr-server-libphp to 3.0