Closed ericbuckley closed 4 years ago
@jholton / @benniemosher just an FYI on the process if you ever need to lookup a SAML Response payload
I ran a test on staging to verify that the invalid payload would be captured. It worked, but the process to view it was cumbersome.
PersonalInformationLog.where('data @> ?', {request_id: "X"}.to_json)
Debugging invalid SAML Responses from eauth.va.gov has been difficult because it's not always logged on their side. When a validation issue is raises on line 57, we should persist the value to the
PersonalInformationLog
table, so we can debug.Note: that table is set up to store PII, so no need to obfuscate any data in the response before saving.