I'm implementing NemLog-in3 / OIOSAML 3 authentication in my .NET Core web application. With great success so far. I have a question though, about the logging requirements for OIOSAML integrations. There is a list of things that must be validated and logged for all assertions. For example assertion ID, certificate validation results, user session id etc.
I can see that there is some logging going on in your NuGet package, but im not quite sure if it's enough to fulfill the requirements as stated above. I have tried implementing an event listener for IdentityModelEventSource.Logger, but i'm not sure if it's logging all the required things, since it's also logging a lot of other stuff. Am i tracking down the wrong path here?
The default logging in the library do not support the OIOSAML logging requirements at all.
It is necessary to implement a lot of extra log functionality.