Groups SSO SAML: Misleading error message on missing assertions

Summary

Based on error message customer is receiving, it looks like we may be throwing SAML authentication failed: SAML NameID can't be blank error message if any of the required assertions are missing, which is misleading.

Steps to reproduce

Don't currently have a setup to reproduce. Will try to do this later or have someone else in Support help here.

Example Project

Ticket (internal): https://gitlab.zendesk.com/agent/tickets/133921

Note: User is on ADFS. Not sure if this is the case for other providers.

What is the current bug behavior?

Get a SAML NameID can't be blank error when NameID is being passed.

What is the expected correct behavior?

Get a more appropriate error message, like SAML email can't be blank.

Output of checks

GitLab.com, GitLab Enterprise Edition 12.3.0-pre ac38081b