github-starred/gitea
2
0
Fork 0
mirror of https://github.com/go-gitea/gitea.git synced 2026-03-15 20:52:52 -05:00
Code Issues 2.6k Packages Projects Releases 100 Wiki Activity

http-auth succeeds but fails username and email #2665

New Issue
Open
opened 2025-11-02 04:43:53 -06:00 by GiteaMirror · 2 comments
GiteaMirror commented 2025-11-02 04:43:53 -06:00
Owner
Copy Link

Originally created by @linkyone on GitHub (Dec 15, 2018).

  • Gitea version (or commit ref): 1.6.1
  • Git version: 2.20.0
  • Operating system: FreeBSD 11.2
  • Database (use [x]):
    • PostgreSQL
    • MySQL
    • MSSQL
    • SQLite
  • Can you reproduce the bug at https://try.gitea.io:
    • Yes (provide example URL)
    • No
    • Not relevant
  • Log gist:

Description

In my deployment, I use an nginx reverse proxy with certificate based authentication. The CN on the cert contains spaces. This does not prevent the auto-register from functioning, however, when I try to correct the email address (as mentioned in #2347), I receive an error about spaces not permitted in the username (as mentioned in #1641).
I've tried modifying the nginx config to use $ssl_client_fingerprint for the http-auth header to remove the spaces, but then Gitea complains that the username is too long (> 35).

  • Nginx provides $ssl_client_escaped_cert which returns the client certificate in the PEM format (urlencoded) for an established SSL connection. Would it be possible to use this data to fill the email field?
  • Is it possible to add an exception to the "space in username" rule when using http-auth?
Originally created by @linkyone on GitHub (Dec 15, 2018). - Gitea version (or commit ref): 1.6.1 - Git version: 2.20.0 - Operating system: FreeBSD 11.2 - Database (use `[x]`): - [ ] PostgreSQL - [x] MySQL - [ ] MSSQL - [ ] SQLite - Can you reproduce the bug at https://try.gitea.io: - [ ] Yes (provide example URL) - [ ] No - [x] Not relevant - Log gist: ## Description In my deployment, I use an nginx reverse proxy with certificate based authentication. The CN on the cert contains spaces. This does not prevent the auto-register from functioning, however, when I try to correct the email address (as mentioned in #2347), I receive an error about spaces not permitted in the username (as mentioned in #1641). I've tried modifying the nginx config to use $ssl_client_fingerprint for the http-auth header to remove the spaces, but then Gitea complains that the username is too long (> 35). - Nginx provides [$ssl_client_escaped_cert](http://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_client_certificate) which returns the client certificate in the PEM format (urlencoded) for an established SSL connection. Would it be possible to use this data to fill the email field? - Is it possible to add an exception to the "space in username" rule when using http-auth?
GiteaMirror added the issue/confirmed label 2025-11-02 04:43:53 -06:00
GiteaMirror commented 2025-11-02 04:43:54 -06:00
Author
Owner
Copy Link

@zeripath commented on GitHub (Dec 16, 2018):

So I've added a PR #5554 which implements the proxy providing the email - this obviously doesn't solve your issue with making changes to users with spaces in the username.

Hmm, I wonder if we need to move to using the LoginName, LoginSource and LoginType fields and then have a generated username that can be trusted to be valid for us.

@zeripath commented on GitHub (Dec 16, 2018): So I've added a PR #5554 which implements the proxy providing the email - this obviously doesn't solve your issue with making changes to users with spaces in the username. Hmm, I wonder if we need to move to using the LoginName, LoginSource and LoginType fields and then have a generated username that can be trusted to be valid for us.
GiteaMirror commented 2025-11-02 04:43:54 -06:00
Author
Owner
Copy Link

@stale[bot] commented on GitHub (Feb 14, 2019):

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs during the next 2 weeks. Thank you for your contributions.

@stale[bot] commented on GitHub (Feb 14, 2019): This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs during the next 2 weeks. Thank you for your contributions.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
$20
$250
$50
$500
backport/done
💎 Bounty
docs-update-needed
good first issue
hacktoberfest
issue/bounty
issue/confirmed
issue/critical
issue/duplicate
issue/needs-feedback
issue/not-a-bug
issue/regression
issue/stale
issue/workaround
lgtm/need 2
modifies/api
modifies/translation
outdated/backport/v1.18
outdated/theme/markdown
outdated/theme/timetracker
performance/bigrepo
performance/cpu
performance/memory
performance/speed
pr/breaking
proposal/accepted
proposal/rejected
pr/wip
pull-request
Mirrored from GitHub Pull Request
 reviewed/wontfix
💰 Rewarded
skip-changelog
status/blocked
topic/accessibility
topic/api
topic/authentication
topic/build
topic/code-linting
topic/commit-signing
topic/content-rendering
topic/deployment
topic/distribution
topic/federation
topic/gitea-actions
topic/issues
topic/lfs
topic/mobile
topic/moderation
topic/packages
topic/pr
topic/projects
topic/repo
topic/repo-migration
topic/security
topic/theme
topic/ui
topic/ui-interaction
topic/ux
topic/webhooks
topic/wiki
type/bug
type/deprecation
type/docs
type/enhancement
type/feature
type/miscellaneous
type/proposal
type/question
type/refactoring
type/summary
type/testing
type/upstream
No Label issue/confirmed
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/gitea#2665
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?