nextcloud-oidc-login icon indicating copy to clipboard operation
nextcloud-oidc-login copied to clipboard
verified publisher icon pulsejet

Fix unallowed characters in username

Open azmeuk opened this issue 2 years ago • 1 comments

Nextcloud does not allow accentuated or special character in the usernames: https://github.com/nextcloud/server/issues/21313

However sometimes nextcloud-oidc-login is plugged to a IDP where users already have accentuated characters.

I suggest that nextcloud-oidc-login automatically fixes unallowed characters in usernames: replacing accents with unaccented characters and removing other unallowed characters.

azmeuk avatar Jan 05 '24 10:01 azmeuk

Sounds good. This needs to be configurable since it potentially opens up attack vectors. If the IdP has a user azmeuk, then I can create another user àzmeuk in the IdP and pretend to be azmeuk in Nextcloud.

A possible solution would be to suffix the username with some kind of hash of the original, whenever any transformation is done.

pulsejet avatar Jan 05 '24 17:01 pulsejet