[SAML] RequestedAuthnContext should always be translated into authenticationLevel
As SP, when we request an authentication context, we verify that IDP has used this context. But it can have used another one, stronger. In this case, we should not raise an error.
We should always associate SAML authnContext to an authenticationLevel, and translate them back. We will never raise error, but this authenticationLevel can then be used in rules.