http-auth succeeds but fails username and email

[linkyone]

• Gitea version (or commit ref): 1.6.1
• Git version: 2.20.0
• Operating system: FreeBSD 11.2
• Database (use [x]):
  • PostgreSQL
  • MySQL
  • MSSQL
  • SQLite
• Can you reproduce the bug at https://try.gitea.io:
  • Yes (provide example URL)
  • No
  • Not relevant
• Log gist:

Description

In my deployment, I use an nginx reverse proxy with certificate based authentication. The CN on the cert contains spaces. This does not prevent the auto-register from functioning, however, when I try to correct the email address (as mentioned in #2347), I receive an error about spaces not permitted in the username (as mentioned in #1641).
I've tried modifying the nginx config to use $ssl_client_fingerprint for the http-auth header to remove the spaces, but then Gitea complains that the username is too long (> 35).

• Nginx provides $ssl_client_escaped_cert which returns the client certificate in the PEM format (urlencoded) for an established SSL connection. Would it be possible to use this data to fill the email field?
• Is it possible to add an exception to the "space in username" rule when using http-auth?

[zeripath]

So I've added a PR #5554 which implements the proxy providing the email - this obviously doesn't solve your issue with making changes to users with spaces in the username.

Hmm, I wonder if we need to move to using the LoginName, LoginSource and LoginType fields and then have a generated username that can be trusted to be valid for us.

[stale]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs during the next 2 weeks. Thank you for your contributions.