Merge pull request #7609 from LibreSign/backport/7608/stable32

vitormattos · web-flow · commit 87a54001d223 · 2026-04-25T16:11:45.000-03:00
[stable32] fix: hide account identifier from SignerCommonName
diff --git a/lib/Service/SignFileService.php b/lib/Service/SignFileService.php
@@ -948,7 +948,11 @@ private function normalizeCertificateFieldToString(mixed $value): string {
 					$flattened[] = (string)$item;
 				}
 			});
-			return implode(', ', $flattened);
+			$displayValues = array_values(array_filter(
+				$flattened,
+				static fn (string $item) => !preg_match('/^account:\s*/i', $item),
+			));
+			return implode(', ', $displayValues);
 		}
 
 		return $value === null ? '' : (string)$value;
diff --git a/tests/php/Unit/Service/SignFileServiceTest.php b/tests/php/Unit/Service/SignFileServiceTest.php
@@ -1244,6 +1244,22 @@ public static function providerGetSignatureParamsCommonName(): array {
 				'',
 				'',
 			],
+			'legacy AD/LDAP cert with account: prefix in CN array' => [
+				[
+					'issuer' => ['CN' => 'LibreCode CA'],
+					'subject' => ['CN' => ['account:johndoe', 'John Doe']],
+				],
+				'LibreCode CA',
+				'John Doe',
+			],
+			'legacy AD/LDAP cert with spaced account: prefix in CN array' => [
+				[
+					'issuer' => ['CN' => 'LibreCode CA'],
+					'subject' => ['CN' => ['account: johndoe', 'John Doe']],
+				],
+				'LibreCode CA',
+				'John Doe',
+			],
 		];
 	}
 

Original file line number	Diff line number	Diff line change
`@@ -948,7 +948,11 @@ private function normalizeCertificateFieldToString(mixed $value): string {`
`948`	`948`	`$flattened[] = (string)$item;`
`949`	`949`	`}`
`950`	`950`	`});`
`951`		`- return implode(', ', $flattened);`
	`951`	`+ $displayValues = array_values(array_filter(`
	`952`	`+ $flattened,`
	`953`	`+ static fn (string $item) => !preg_match('/^account:\s*/i', $item),`
	`954`	`+ ));`
	`955`	`+ return implode(', ', $displayValues);`
`952`	`956`	`}`
`953`	`957`
`954`	`958`	`return $value === null ? '' : (string)$value;`