Invalid usernames in SSO setup


(Stuart Campbell) #1

We have an SSO setup that tries to create users with usernames matching their canonical (external) account. I recently noticed that this fails for usernames with a trailing underscore.

What’s the recommended solution for this? Should we be normalizing usernames in our SSO endpoint? Or is there some way for Discourse to normalize the given username? Thanks.


(Jeff Atwood) #2

Not sure, I know there were some bugs around that particular pattern, perhaps @sam can answer.


(Sam Saffron) #3

Are you 100% that is the issue. Try logging in with one of these accounts and look at: Log In | 99designs

Link me to the error you get.


(Stuart Campbell) #4

Yes, I saw a corresponding error in the logs earlier: Log In | 99designs

(N.B.: the actual error message is “Username must end with a letter or number or an underscore”, but the source code indicates that a trailing underscore is illegal. Plus, I saw this commit in the Discourse repo: https://github.com/discourse/discourse/commit/e204144a582ec8c3a4424516b3b1b00d2b27655f.)


(Sam Saffron) #5

I wonder if we already fixed this, I just tried to write a failing test case for this and failed.

Deploying latest now, can you try again in 10 minutes?


(Stuart Campbell) #6

Sure, I’ll give it a try now!


(Stuart Campbell) #7

It does appear to be fixed for that particular user. Great! Thanks :slight_smile:


(Gerhard Schlager) #8

Maybe… I fixed a bug in the UsernameSuggester two weeks ago.