fix(federation): allows equal signs in federation idfix/noid/allows-some-char-from-federationid

Signed-off-by: Maxence Lange <maxence@artificial-owl.com>

2 files changed, 8 insertions, 1 deletions

diff --git a/lib/private/Federation/CloudIdManager.php b/lib/private/Federation/CloudIdManager.php
index a7d36eda4a0..7e7adda3d39 100644
--- a/lib/private/Federation/CloudIdManager.php
+++ b/lib/private/Federation/CloudIdManager.php
@@ -106,7 +106,10 @@ class CloudIdManager implements ICloudIdManager {
 			$user = substr($id, 0, $lastValidAtPos);
 			$remote = substr($id, $lastValidAtPos + 1);
 
-			$this->userManager->validateUserId($user);
+			// We accept slightly more chars when working with federationId than with a local userId.
+			// We remove those eventual chars from the UserId before using
+			// the IUserManager API to confirm its format.
+			$this->userManager->validateUserId(str_replace('=', '-', $user));
 
 			if (!empty($user) && !empty($remote)) {
 				$remote = $this->ensureDefaultProtocol($remote);
diff --git a/tests/lib/Federation/CloudIdManagerTest.php b/tests/lib/Federation/CloudIdManagerTest.php
index 1775c18a5e9..7019cd202db 100644
--- a/tests/lib/Federation/CloudIdManagerTest.php
+++ b/tests/lib/Federation/CloudIdManagerTest.php
@@ -91,6 +91,10 @@ class CloudIdManagerTest extends TestCase {
 			['test@example.com/cloud/', 'test', 'example.com/cloud', 'test@example.com/cloud'],
 			['test@example.com/cloud/index.php', 'test', 'example.com/cloud', 'test@example.com/cloud'],
 			['test@example.com@example.com', 'test@example.com', 'example.com', 'test@example.com@example.com'],
+
+			// Equal signs are not valid on Nextcloud side, but can be used by other federated OCM compatible servers
+			['test==@example.com', 'test==', 'example.com', 'test==@example.com'],
+			['==@example.com', '==', 'example.com', '==@example.com'],
 		];
 	}