request #44855 OIDC connection failed because of too long username

Infos

Artifact ID#44855

Submitted byAurélien Tisné (atisne)

Last Modified On2025-10-01 10:37

Submitted on2025-09-19 19:23

Rank46580

Details

Summary *

OIDC connection failed because of too long username

Original Submission

When connecting using OpenIDConnect, we can received long user name from the remote user repository. For instance, some organizations used to prefix subcontractors' names by the name of their companies.

So, the name may exceed the unix max limitation of 30 characters.

We propose that the class UserNameNormalizer ensures that the name don't exceed this limit to avoid a connection failure.

CategoryOAuth2 / OpenID Connect server

Reported in version16.11

PlatformEmpty

Is an Enhancement or an internal improvement?

[ ] enhancement
[ ] internal improvement

CC listEmpty

Stage

Assigned toEmpty

StatusNew

Close dateEmpty

Attachments

AttachmentsEmpty

References

Cross references

Show items referenced by request #44855

Referenced by request #44855

Other

gerrit #35670

Follow-ups

Aurélien Tisné (atisne)

2025-10-01 10:37

I'm not sure the proposed fix is done at the right place. In this location, we should think that the fix is partial. It fixes the use case of this ticket but not all the cases. Maybe, it should rather be done in the openidconnectclient plugin (plugins/openidconnectclient/include/OpenIDConnectClient/Login/Registration/UsernameGenerator.php).

What's your opinion?

Aurélien Tisné (atisne)

2025-09-19 20:00

Please consider gerrit #35670

Public

Referenced by request #44855

Other

Follow-ups