1) Handle inconsistent context.state. The following PR it's just a proof-of-concept and needs more attention for a better rationale: https://github.com/IdentityPython/SATOSA/pull/272 <https://github.com/IdentityPython/SATOSA/pull/272>. I think to prevent the possibility to make authnRequest with invalid/inconsistent/corrupted context, this PR also introduces the possibility to handle in a definitive way Error or warning messages to end users: https://github.com/IdentityPython/SATOSA/issues/228#issuecomment-520275196 <https://github.com/IdentityPython/SATOSA/issues/228#issuecomment-520275196> Ivan: Code assumes that we will always be in a situation where the cookie will be there. Need to change that and indicate when the cookie is missing. We may also have some implicit actions being done, authentication response assumptions based on things we find in that cookie, or the query parameters, or the body of the query response. Can fix this by starting with this PR, but more will need to be done so we don’t need to have a user friendly message. Ivan: We don’t want to mess with HTML templates. What we want is an API that will allow us to return information about the error to other services for rendering. We still need to restructure the logging; that will help match the logging message to other error messages. Ivan for this PR, Ivan will rephrase the message then accept the PR. It is only a first step in what needs to be done.