symfony
diff --git a/‎src/Symfony/Component/Security/Http/Authenticator/Passport/Badge/UserBadge.php
Lines changed: 18 additions & 5 deletions b/‎src/Symfony/Component/Security/Http/Authenticator/Passport/Badge/UserBadge.php
Lines changed: 18 additions & 5 deletions
diff --git a/‎src/Symfony/Component/Security/Http/CHANGELOG.md
Lines changed: 1 addition & 0 deletions b/‎src/Symfony/Component/Security/Http/CHANGELOG.md
Lines changed: 1 addition & 0 deletions
diff --git a/‎src/Symfony/Component/Security/Http/Tests/Authenticator/Passport/Badge/UserBadgeTest.php
Lines changed: 29 additions & 0 deletions b/‎src/Symfony/Component/Security/Http/Tests/Authenticator/Passport/Badge/UserBadgeTest.php
Lines changed: 29 additions & 0 deletions
@@ -36,6 +36,8 @@ class UserBadge implements BadgeInterface
     private UserInterface $user;
     private ?array $attributes;
 
+    private ?\Closure $identifierNormalizer = null;
+
     /**
      * Initializes the user badge.
      *
@@ -49,19 +51,30 @@ class UserBadge implements BadgeInterface
      * is thrown). If this is not set, the default user provider will be used with
      * $userIdentifier as username.
      */
-    public function __construct(string $userIdentifier, callable $userLoader = null, array $attributes = null)
+    public function __construct(string $userIdentifier, callable $userLoader = null, array $attributes = null, ?\Closure $identifierNormalizer = null)
     {
         if (\strlen($userIdentifier) > self::MAX_USERNAME_LENGTH) {
             throw new BadCredentialsException('Username too long.');
         }
+        if ($identifierNormalizer) {
+            $this->identifierNormalizer = static fn () => $identifierNormalizer($userIdentifier);
+        } else {
+            $this->userIdentifier = $userIdentifier;
+        }
 
-        $this->userIdentifier = $userIdentifier;
         $this->userLoader = $userLoader;
         $this->attributes = $attributes;
     }
 
     public function getUserIdentifier(): string
     {
+        if (isset($this->userIdentifier)) {
+            return $this->userIdentifier;
+        }
+
+        $this->userIdentifier = ($this->identifierNormalizer)();
+        $this->identifierNormalizer = null;
+
         return $this->userIdentifier;
     }
 
@@ -84,15 +97,15 @@ public function getUser(): UserInterface
         }
 
         if (null === $this->getAttributes()) {
-            $user = ($this->userLoader)($this->userIdentifier);
+            $user = ($this->userLoader)($this->getUserIdentifier());
         } else {
-            $user = ($this->userLoader)($this->userIdentifier, $this->getAttributes());
+            $user = ($this->userLoader)($this->getUserIdentifier(), $this->getAttributes());
         }
 
         // No user has been found via the $this->userLoader callback
         if (null === $user) {
             $exception = new UserNotFoundException();
-            $exception->setUserIdentifier($this->userIdentifier);
+            $exception->setUserIdentifier($this->getUserIdentifier());
 
             throw $exception;
         }
 
@@ -5,6 +5,7 @@ CHANGELOG
 ---
 
  * Add `#[IsCsrfTokenValid]` attribute
+ * Add argument `$identifierNormalizer` to `UserBadge::__construct()` to allow normalizing the identifier
 
 7.0
 ---
 
@@ -14,6 +14,10 @@
 use PHPUnit\Framework\TestCase;
 use Symfony\Component\Security\Core\Exception\UserNotFoundException;
 use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
+use Symfony\Component\String\Slugger\AsciiSlugger;
+use Symfony\Component\String\UnicodeString;
+
+use function Symfony\Component\String\u;
 
 class UserBadgeTest extends TestCase
 {
@@ -23,4 +27,29 @@ public function testUserNotFound()
         $this->expectException(UserNotFoundException::class);
         $badge->getUser();
     }
+
+    /**
+     * @dataProvider provideUserIdentifierNormalizationData
+     */
+    public function testUserIdentifierNormalization(string $identifier, string $expectedNormalizedIdentifier, callable $normalizer)
+    {
+        $badge = new UserBadge($identifier, fn () => null, identifierNormalizer: $normalizer);
+
+        static::assertSame($expectedNormalizedIdentifier, $badge->getUserIdentifier());
+    }
+
+    public static function provideUserIdentifierNormalizationData(): iterable
+    {
+        $lowerAndNFKC = fn (string $identifier) => u($identifier)->normalize(UnicodeString::NFKC)->lower()->toString();
+        $upperAndAscii = fn (string $identifier) => u($identifier)->ascii()->upper()->toString();
+        $slugger = new AsciiSlugger('en');
+        $asciiWithPrefix = fn (string $identifier) => u($slugger->slug($identifier))->ascii()->lower()->prepend('USERID--')->toString();
+
+        yield 'Simple lower conversion' => ['SmiTh', 'smith', $lowerAndNFKC];
+        yield 'Normalize ﬁ to fi. Other unicode characters are preserved (р, с, ѕ and а)' => ['рrinсeѕѕ.ﬁonа', 'рrinсeѕѕ.fionа', $lowerAndNFKC];
+        yield 'Greek characters' => ['ΝιΚόΛΑος', 'νικόλαος', $lowerAndNFKC];
+        yield 'Greek to ASCII' => ['ΝιΚόΛΑος', 'NIKOLAOS', $upperAndAscii];
+        yield 'Katakana to ASCII' => ['たなかそういち', 'TANAKASOUICHI', $upperAndAscii];
+        yield 'Username with prefix' => ['John Doe 1', 'USERID--john-doe-1', $asciiWithPrefix];
+    }
 }