[Bug]: Long SAML UID name causes user registration error

[tarkibi]

⚠️ This issue respects the following points: ⚠️

• This is a bug, not a question or a configuration/webserver/proxy issue.
• This issue is not already reported on Github OR Nextcloud Community Forum (I've searched it).
• Nextcloud Server is up to date. See Maintenance and Release Schedule for supported versions.
• I agree to follow Nextcloud's Code of Conduct.

Bug description

After upgrading Nextcloud from version 30.0.17 to 32.0.2 and to 33.0.5 and upgrading SSO&SAML to 8.1.2, a problem arose:

If a long UID consisting of Russian letters is used during SSO authentication, an error appears in the log:
InvalidArgumentException User "" is not valid.

Example - "Ивановченко Иванов Иван Балалайка Водка"

The user can't log in and sees an error: Internal Server Error.
I checked ADSF—a valid UID is being transmitted.

sudo -u www-data php occ user:list lists all users, including problematic ones
but
sudo -u www-data php occ user:info "Ивановченко Иванов Иван Балалайка Водка" → User not found

In WEB its look like:
You do not have permission to view this account.

Im use MySQL + php8.1/8.2/8.5 (I don't think it depends on the version)

The issue affects both new users and those who have logged in previously.

Steps to reproduce

1. Use SAML
2. Create a user with long name
3. Login to NC server

Expected behavior

The user is logged in, hurray!

Nextcloud Server version

33

Operating system

Debian/Ubuntu

PHP engine version

PHP 8.5

Web server

Nginx

Database engine version

MySQL

Is this bug present after an update or on a fresh install?

Upgraded to a MAJOR version (ex. 31 to 32)

Are you using the Nextcloud Server Encryption module?

Encryption is Disabled

What user-backends are you using?

• Default user-backend (database)
• LDAP/ Active Directory
• SSO - SAML
• Other

Configuration report

sudo -u www-data php occ config:list system
{
    "system": {
        "instanceid": "***REMOVED SENSITIVE VALUE***",
        "passwordsalt": "***REMOVED SENSITIVE VALUE***",
        "secret": "***REMOVED SENSITIVE VALUE***",
        "trusted_domains": [
            "***REMOVED SENSITIVE VALUE***",
            "***REMOVED SENSITIVE VALUE***"
        ],
        "datadirectory": "***REMOVED SENSITIVE VALUE***",
        "dbtype": "mysql",
        "version": "33.0.5.1",
        "overwrite.cli.url": "https:\/\/***REMOVED SENSITIVE VALUE***",
        "htaccess.RewriteBase": "\/",
        "dbname": "***REMOVED SENSITIVE VALUE***",
        "dbhost": "***REMOVED SENSITIVE VALUE***",
        "dbport": "",
        "dbtableprefix": "oc_",
        "mysql.utf8mb4": true,
        "dbuser": "***REMOVED SENSITIVE VALUE***",
        "dbpassword": "***REMOVED SENSITIVE VALUE***",
        "installed": true,
        "tempdirectory": "\/data\/tmp",
        "default_phone_region": "light",
        "trashbin_retention_obligation": "auto, 7",
        "memcache.locking": "\\OC\\Memcache\\Redis",
        "memcache.distributed": "\\OC\\Memcache\\Redis",
        "memcache.local": "\\OC\\Memcache\\Redis",
        "redis": {
            "host": "***REMOVED SENSITIVE VALUE***",
            "port": "0"
        },
        "maintenance": false,
        "theme": "",
        "loglevel": 0,
        "saml_debug": true,
        "defaultapp": "files,dashboard",
        "forbidden_filename_characters": [
            "\\",
            "\/"
        ],
        "forbidden_filename_extensions": [
            ".filepart",
            ".part"
        ],
        "log_type": "file",
        "logfile": "\/data\/nextcloud\/data\/nextcloud.log",
        "files.chunked_upload.max_size": 104857600
    }
}

List of activated Apps

sudo -u www-data php occ app:list
Enabled:
  - activity: 6.0.0
  - admin_audit: 1.23.0
  - analytics: 6.5.0
  - app_api: 33.0.0
  - bruteforcesettings: 6.0.0
  - calendar: 6.5.0
  - circles: 33.0.0
  - cloud_federation_api: 1.17.0
  - comments: 1.23.0
  - contactsinteraction: 1.14.1
  - dashboard: 7.13.0
  - dav: 1.36.0
  - federatedfilesharing: 1.23.0
  - federation: 1.23.0
  - files: 2.5.0
  - files_accesscontrol: 4.0.1
  - files_automatedtagging: 4.0.0
  - files_downloadlimit: 5.1.0
  - files_pdfviewer: 6.0.0
  - files_reminders: 1.6.0
  - files_retention: 4.0.1
  - files_sharing: 1.25.2
  - files_trashbin: 1.23.0
  - files_versions: 1.26.0
  - firstrunwizard: 6.0.0
  - group_default_quota: 0.1.14
  - jsloader: 2.1.0
  - logreader: 6.0.0
  - lookup_server_connector: 1.21.0
  - nextcloud_announcements: 5.0.0
  - notifications: 6.0.0
  - oauth2: 1.21.0
  - onlyoffice: 10.1.0
  - password_policy: 5.0.0
  - photos: 6.0.0
  - privacy: 5.0.0
  - profile: 1.2.0
  - provisioning_api: 1.23.0
  - recommendations: 6.0.0
  - related_resources: 4.0.0
  - serverinfo: 5.0.0
  - settings: 1.16.0
  - sharebymail: 1.23.0
  - support: 5.0.0
  - survey_client: 5.0.0
  - systemtags: 1.23.0
  - text: 7.0.1
  - theming: 2.8.0
  - theming_customcss: 1.20.0
  - twofactor_backupcodes: 1.22.0
  - twofactor_totp: 15.0.0
  - updatenotification: 1.23.0
  - user_saml: 7.1.5
  - user_status: 1.13.0
  - viewer: 6.0.0
  - weather_status: 1.13.0
  - webhook_listeners: 1.5.0
  - workflowengine: 2.15.0
Disabled:
  - encryption: 2.21.0
  - files_downloadactivity: 1.18.1 (installed 1.17.0)
  - files_external: 1.25.1
  - forcetheme: 1.0.0 (installed 1.0.0)
  - forcethemeclient: 1.0.0 (installed 1.0.0)
  - richdocuments: 8.5.2 (installed 8.5.2)
  - richdocumentscode: 26.4.104 (installed 26.4.104)
  - suspicious_login: 11.0.0
  - twofactor_nextcloud_notification: 7.0.0
  - user_ldap: 1.24.0
  - user_saml_backup: 8.1.2

Nextcloud Signing status

Nextcloud Logs

Additional info

{
"reqId": "5XK5jG6xYLfAVGkjQ3aO",
"level": 3,
"time": "2026-06-17T20:03:15+00:00",
"remoteAddr": "10.100.10.20",
"user": "--",
"app": "index",
"method": "POST",
"url": "/apps/user_saml/saml/acs",
"scriptName": "/index.php",
"message": "User "" is not valid",
"userAgent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/149.0.0.0 Safari/537.36",
"version": "33.0.5.1",
"exception": {
"Exception": "InvalidArgumentException",
"Message": "User "" is not valid",
"Code": 0,
"Trace": [
{
"file": "/data/nextcloud/lib/private/AppFramework/Http/Dispatcher.php",
"line": 205,
"function": "assertionConsumerService",
"class": "OCA\User_SAML\Controller\SAMLController",
"type": "->"
},
{
"file": "/data/nextcloud/lib/private/AppFramework/Http/Dispatcher.php",
"line": 118,
"function": "executeController",
"class": "OC\AppFramework\Http\Dispatcher",
"type": "->"
},
{
"file": "/data/nextcloud/lib/private/AppFramework/App.php",
"line": 153,
"function": "dispatch",
"class": "OC\AppFramework\Http\Dispatcher",
"type": "->"
},
{
"file": "/data/nextcloud/lib/private/Route/Router.php",
"line": 321,
"function": "main",
"class": "OC\AppFramework\App",
"type": "::"
},
{
"file": "/data/nextcloud/lib/base.php",
"line": 1155,
"function": "match",
"class": "OC\Route\Router",
"type": "->"
},
{
"file": "/data/nextcloud/index.php",
"line": 25,
"function": "handleRequest",
"class": "OC",
"type": "::"
}
],
"File": "/data/nextcloud/apps/user_saml/lib/Controller/SAMLController.php",
"Line": 397,
"message": "User "" is not valid",
"exception": "{"class":"InvalidArgumentException","message":"User \"\" is not valid","code":0,"file":"/data/nextcloud/apps/user_saml/lib/Controller/SAMLController.php:397","trace":"#0 /data/nextcloud/lib/private/AppFramework/Http/Dispatcher.php(205): OCA\User_SAML\Controller\SAMLController->assertionConsumerService()\n#1 /data/nextcloud/lib/private/AppFramework/Http/Dispatcher.php(118): OC\AppFramework\Http\Dispatcher->executeController()\n#2 /data/nextcloud/lib/private/AppFramework/App.php(153): OC\AppFramework\Http\Dispatcher->dispatch()\n#3 /data/nextcloud/lib/private/Route/Router.php(321): OC\AppFramework\App::main()\n#4 /data/nextcloud/lib/base.php(1155): OC\Route\Router->match()\n#5 /data/nextcloud/index.php(25): OC::handleRequest()\n#6 {main}"}",
"CustomMessage": "User "" is not valid"
},
"id": "6a32fd8bc4f4c"
}