Description

It would be nice to display information about authentication in the profiler:

• Know which authenticators are checked for support and which is actually used to authenticate ([Security] Add authenticators info to the profiler #42582)
• Inspect the Security passport + badges generated by this authenticator (maybe erase plain text passwords from the dump?) ([Security] Add authenticators info to the profiler #42582)
• See which badges are resolved and which aren't ([Security] Add badge resolution to profiler #51585)
• Show if authenticators support lazy-authentication?
• See the "unsafe" exception messages during authentication failure

I think (1) can be done by creating a TraceableAuthenticator that decorates all authenticators and (2) and (3) should probably be done by an event listener on CheckPassportEvent (with a very low priority).

• Another case where we can improve debugging is when deauthenticating. This often happens when the user provider is misconfigured (or the user is wrongly reloaded in any other way) and these are hard to debug. Adding information about deauthentication (especially why it happens) will be more helpful to debug these.

After this information is added to the profiler, we can investigate looking back at the profiler data before redirection to the login form and modifying the security item in the toolbar related to this. Most of this information is hidden behind at least one redirection (both authentication errors as deauthentication usually result in a redirect response).