Skip to content

fix: normalize htpasswd user id to lowercase#307

Open
allamiro wants to merge 1 commit into
lixmal:masterfrom
allamiro:fix/user-id-normalization
Open

fix: normalize htpasswd user id to lowercase#307
allamiro wants to merge 1 commit into
lixmal:masterfrom
allamiro:fix/user-id-normalization

Conversation

@allamiro

@allamiro allamiro commented Jun 13, 2026

Copy link
Copy Markdown
Contributor

Fixes #278.

Problem

UserInfo.id keys the in-memory DbCache, but backends normalized it inconsistently: LDAP lowercases, htpasswd didn't. Case variations of the same user produced duplicate cache entries (and inconsistent log identities).

Changes

  • htpasswd backend lowercases the id (display name keeps the typed casing), matching LDAP — this also resolves the 'handle case sensitivity' TODO on the trait
  • OIDC is deliberately untouched: OIDC sub values are case-sensitive opaque strings per spec, lowercasing could merge distinct users; this is now documented on the AuthBackend trait

Testing

cargo test: 9/9 pass.


Summary by cubic

Lowercases htpasswd user IDs to match LDAP and prevent duplicate DB cache entries and inconsistent log identities. Documents that OIDC sub stays case-sensitive and unchanged.

  • Bug Fixes
    • Htpasswd now lowercases UserInfo.id; display name keeps original casing.
    • Added trait docs: case-insensitive backends must lowercase IDs; OIDC subjects are used as-is.

Written for commit 3467525. Summary will update on new commits.

Review in cubic

The LDAP backend lowercases UserInfo.id while htpasswd used it as-is.
The id keys the in-memory db cache, so case variations of the same
user created separate cache entries. htpasswd now lowercases like
LDAP; OIDC subjects are case-sensitive opaque strings and stay as-is
(documented on the trait).
@allamiro allamiro force-pushed the fix/user-id-normalization branch from 3467525 to 1bcc84c Compare June 13, 2026 00:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Inconsistent user id normalization across auth backends

1 participant