Allow usernames to be case-insensitive with app passwords #40281
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
phil-davis
force-pushed
the
issue-40119
branch
from
d4d8b28 to
e386804
Compare
10 tasks
phil-davis
force-pushed
the
issue-40119
branch
from
e386804 to
0951bd4
Compare
jvillafanez
reviewed
Aug 10, 2022
| @@ -919,7 +919,7 @@ private function validateToken($token, $user = null) { | |||
| ); | |||
|
|
|||
| // Check if login names match | |||
| if ($user !== null && $dbToken->getLoginName() !== $user) { | |||
| if ($user !== null && \strcasecmp($dbToken->getLoginName(), $user) !== 0) { | |||
There was a problem hiding this comment.
I'm not sure if this will work with greek, cyrillic and other utf8 strings. Maybe we don't need to support it if the username is expected to contain only ascii chars.
There was a problem hiding this comment.
"Error creating user: Only the following characters are allowed in a username: "a-z", "A-Z", "0-9", and "+_.@-'""
Usernames in oC10 are only a limited set of ASCII.
|
Kudos, SonarCloud Quality Gate passed! |
jvillafanez
approved these changes
Aug 11, 2022
11 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
An acceptance test scenario is added that uses an app password generated by user "Alice" but provides user "alice" in the webDAV requests. The scenario fails without the fix, and passes with the fix in Session.php
Related Issue
How Has This Been Tested?
CI
Types of changes
Checklist: