added more verbose logging around failed SAML and OAuth2 requests

para-server/src/main/java/com/erudika/para/security/filters/GenericOAuth2Filter.java

@@ -316,8 +316,8 @@ private Map<String, Object> fetchProfileFromIDP(App app, String accessToken, Str
 				profile = jreader.readValue(respEntity.getContent());
 			}
 			if (profile == null || profile.isEmpty()) {
-				LOG.error("OAuth 2 provider did not return any valid user information - response code {} {}",
-						resp2.getStatusLine().getStatusCode(), resp2.getStatusLine().getReasonPhrase());
+				LOG.error("OAuth 2 provider did not return any valid user information - response code {} {}, app '{}'",
+						resp2.getStatusLine().getStatusCode(), resp2.getStatusLine().getReasonPhrase(), app.getId());
 			}
 			EntityUtils.consumeQuietly(respEntity);
 		}

para-server/src/main/java/com/erudika/para/security/filters/SAMLAuthFilter.java

@@ -110,6 +110,7 @@ public Authentication attemptAuthentication(HttpServletRequest request, HttpServ
 					appid = Config.getRootAppIdentifier();
 				}
 			}
+			boolean samlSettingsLoaded = false;
 			try {
 				App app = Para.getDAO().read(App.id(appid == null ? Config.getRootAppIdentifier() : appid));
 				if (app != null) {
@@ -128,6 +129,7 @@ public Authentication attemptAuthentication(HttpServletRequest request, HttpServ
 
 					Auth auth = new Auth(settings, request, response);
 
+					samlSettingsLoaded = true;
 					if (request.getParameter("SAMLResponse") != null) {
 						auth.processResponse();
 						if (auth.isAuthenticated()) {
@@ -151,6 +153,10 @@ public Authentication attemptAuthentication(HttpServletRequest request, HttpServ
 				LOG.error("Invalid SAML certificate key for app '{}': {}", appid, ex.getMessage());
 			} catch (Exception ex) {
 				LOG.error("Failed to authenticate app '" + appid + "' with SAML: ", ex);
+			} finally {
+				if (!samlSettingsLoaded) {
+					LOG.error("Failed to load SAML certificate for app '{}', check the format and encoding.");
+				}
 			}
 		}