404 when sharing history if username has capital letters

[laperlej]

Describe the bug
Users from external auth can have usernames that are not in line with current restrictions used for routing.

Related to #16194 and #16251

From the discussions, I don't think anyone at the time realized this also affects capital letters.

This is the requirement used for routing:

galaxy/lib/galaxy/webapps/galaxy/buildapp.py

Line 145 in 03307f6

USERNAME_REQS = {"username": VALID_PUBLICNAME_RE.pattern.strip("^$")}

galaxy/lib/galaxy/security/validate_user_input.py

Line 38 in 03307f6

VALID_PUBLICNAME_RE = re.compile(r"^[a-z0-9._\-]+$")

This means that it's not enough to just make the usernames valid for URL encoding purposes (see #16251)

I guess this can be fixed either by changing the code that creates the username or by loosening the requirements on the routing side.

Galaxy Version and/or server at which you observed the bug
Galaxy Version: 24.1
Commit: Bug is still on dev (currently c6a10d6)

Browser and Operating System
Operating System: Windows, Linux, macOS
Browser: Firefox, Chrome, Chrome-based, Safari

To Reproduce
Steps to reproduce the behavior:

1. Impersonate a user with capitals in their username
2. share or publish history
3. toggle Make history accessible
4. follow the link
5. 404

Expected behavior
Should see the shared history