What you show here apears to be result of non-strict mode of base64_decode() in Http adapter, which silently drops invalid portions of base64 encoded string

This repository has been closed and moved to laminas/laminas-authentication; a new issue has been opened at laminas/laminas-authentication#1.

This repository has been moved to laminas/laminas-authentication. If you feel that this patch is still relevant, please re-open against that repository, and reference this issue. To re-open, we suggest the following workflow:

• Squash all commits in your branch (git rebase -i origin/{branch})
• Make a note of all changed files (`git diff --name-only origin/{branch}...HEAD
• Run the laminas/laminas-migration tool on the code.
• Clone laminas/laminas-authentication to another directory.
• Copy the files from the second bullet point to the clone of laminas/laminas-authentication.
• In your clone of laminas/laminas-authentication, commit the files, push to your fork, and open the new PR.
  We will be providing tooling via laminas/laminas-migration soon to help automate the process.