Preflight Checklist
Problem Description
According to https://openid.net/specs/openid-connect-core-1_0.html#StandardClaims, user name is "End-User's full name in displayable form" (display name), and preferred_username is "Shorthand name by which the End-User wishes to be referred to at the RP, such as janedoe or j.doe. This value MAY be any valid JSON string including special characters such as @, /, or whitespace."
Even though preferred username can have special characters, some implementations don't handle this very well, and they have semantically different meanings (username vs display name).
Proposed Solution
The authproxy connector should have separate headers for specifying these values, such as a X-Remote-User-Name header in addition to the existing X-Remote-User.
Alternatives Considered
No response
Additional Information
No response
Preflight Checklist
Problem Description
According to https://openid.net/specs/openid-connect-core-1_0.html#StandardClaims, user name is "End-User's full name in displayable form" (display name), and preferred_username is "Shorthand name by which the End-User wishes to be referred to at the RP, such as janedoe or j.doe. This value MAY be any valid JSON string including special characters such as @, /, or whitespace."
Even though preferred username can have special characters, some implementations don't handle this very well, and they have semantically different meanings (username vs display name).
Proposed Solution
The authproxy connector should have separate headers for specifying these values, such as a
X-Remote-User-Nameheader in addition to the existingX-Remote-User.Alternatives Considered
No response
Additional Information
No response