fix: allow unicode characters in org domains (#6675)

Co-authored-by: Elio Bischof <eliobischof@gmail.com>

internal/domain/org_domain.go

@@ -6,6 +6,7 @@ import (
 
 	http_util "github.com/zitadel/zitadel/internal/api/http"
 	"github.com/zitadel/zitadel/internal/crypto"
+	"github.com/zitadel/zitadel/internal/errors"
 	"github.com/zitadel/zitadel/internal/eventstore/v1/models"
 )
 
@@ -32,15 +33,18 @@ func (domain *OrgDomain) GenerateVerificationCode(codeGenerator crypto.Generator
 	return validationCode, nil
 }
 
-func NewIAMDomainName(orgName, iamDomain string) string {
+func NewIAMDomainName(orgName, iamDomain string) (string, error) {
 	// Reference: label domain requirements https://www.nic.ad.jp/timeline/en/20th/appendix1.html
 
 	// Replaces spaces in org name with hyphens
 	label := strings.ReplaceAll(orgName, " ", "-")
 
 	// The label must only contains alphanumeric characters and hyphens
-	// Invalid characters are replaced with and empty space
-	label = string(regexp.MustCompile(`[^a-zA-Z0-9-]`).ReplaceAll([]byte(label), []byte("")))
+	// Invalid characters are replaced with and empty space but as #6471,
+	// as these domains are not used to host ZITADEL, but only for user names,
+	// the characters shouldn't matter that much so we'll accept unicode
+	// characters, accented characters (\p{L}\p{M}), numbers and hyphens.
+	label = string(regexp.MustCompile(`[^\p{L}\p{M}0-9-]`).ReplaceAll([]byte(label), []byte("")))
 
 	// The label cannot exceed 63 characters
 	if len(label) > 63 {
@@ -64,7 +68,12 @@ func NewIAMDomainName(orgName, iamDomain string) string {
 		label = label[:len(label)-1]
 	}
 
-	return strings.ToLower(label + "." + iamDomain)
+	// Empty string should be invalid
+	if len(label) > 0 {
+		return strings.ToLower(label + "." + iamDomain), nil
+	}
+
+	return "", errors.ThrowInvalidArgument(nil, "ORG-RrfXY", "Errors.Org.Domain.EmptyString")
 }
 
 type OrgDomainValidationType int32