$wgAuth->getCanonicalName() is meant to allow authentication plugins to munge a user name from the login name to a mediawiki name. Unfortunately, getCanonicalName is also used for a million other things, like page titles, and checking the validity of user names.
Overloading this function for munging names in auth plugins and for checking validity of usernames and page titles causes an incredible number of bugs. We really need some better method of handling this.
Version: 1.21.x
Severity: normal