Spring Security Custom ResponseValidator in OpenSaml4AuthenticationProvider

We use a custom AuthenticationFailureHandler in our saml2Login configuration and we would like access to the Response in case of an Exception.

If for example the IdP returns the following XML:

<samlp:Response Destination="https://connect.test2.surfconext.nl/login/saml2/sso/oidcng"
    ID="CORTOcf0d43b90d6b32d2e667aca916e9d574f2c6e3af"
    InResponseTo="ARQ21e1bc5-552f-4e39-b27b-4ad9d22988dd" IssueInstant="2021-05-04T08:49:52Z"
    Version="2.0" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
    xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
    <saml:Issuer>https://engine.test.surfconext.nl/authentication/idp/metadata</saml:Issuer>
    <samlp:Status><samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:NoAuthnContext"/>
        <samlp:StatusMessage>The requesting service has indicated that the authenticated user is required to
            have an affiliation Student. Your institution has not provided this affiliation.</samlp:StatusMessage>
    </samlp:Status>
</samlp:Response>

we would like to throw a custom Saml2AuthenticationException that can provide the FailureHandler downstream with the InResponseTo and the nature of the exception.

There is already a hook for setting a custom AssertionValidator in OpenSaml4AuthenticationProvider, but no hook for a custom ResponseValidator. I would be happy to write a PR, if you can confirm that this is desired behaviour,