Forbid creating a user with a name equal to JWT_AUTHENTICAION_MARKER

src/Access/User.cpp

@@ -33,6 +33,8 @@ void User::setName(const String & name_)
         throw Exception(ErrorCodes::BAD_ARGUMENTS, "User name '{}' is reserved", name_);
     if (name_.starts_with(EncodedUserInfo::SSH_KEY_AUTHENTICAION_MARKER))
         throw Exception(ErrorCodes::BAD_ARGUMENTS, "User name '{}' is reserved", name_);
+    if (name_.starts_with(EncodedUserInfo::JWT_AUTHENTICAION_MARKER))
+        throw Exception(ErrorCodes::BAD_ARGUMENTS, "User name '{}' is reserved", name_);
     name = name_;
 }
 

src/Core/Protocol.h

@@ -62,6 +62,8 @@ const char USER_INTERSERVER_MARKER[] = " INTERSERVER SECRET ";
 
 /// Marker for SSH-keys-based authentication (passed as the user name)
 const char SSH_KEY_AUTHENTICAION_MARKER[] = " SSH KEY AUTHENTICATION ";
+
+/// Market for JSON Web Token authentication
 const char JWT_AUTHENTICAION_MARKER[] = " JWT AUTHENTICATION ";
 
 };