Describe the bug
Setting up a trusted publisher for GitLab CI requires case sensitivity that does not match the actual spelling.

I have a project on GitLab where the organization has a captialized letter in it: coBib. The URL is https://gitlab.com/cobib/cobib.
I configured a trusted publisher for the cobib package specifying the owner as coBib and project as cobib.
This resulted in the following error:

ERROR    TrustedPublishingFailure: The token request failed; the index server   
         gave the following reasons:                                            
                                                                                
         * `invalid-publisher`: valid token, but no corresponding publisher     
         (Publisher with matching claims was not found)  

It was only after playing around a bit, that I tried to set owner to cobib, after which my trusted publisher config worked.

Expected behavior
The owner field of a trusted publisher should not be case sensitive.

I thought, that this is already the case, but I still ran into this problem on Wednesday of this week.

To Reproduce

• Create a project on GitLab with an organization name using a capitalized letter
• Configure a trusted publisher for .gitlab-ci.yml where the correct capitalized spelling is used
• Observe the token failure

My Platform

• Project URL: https://gitlab.com/cobib/cobib
• GitLab CI config at the time of failure: https://gitlab.com/cobib/cobib/-/blob/v5.5.3/.gitlab-ci.yml (no changes to this file were necessary to make v5.5.5 publish successfully, as I only had to update the trusted publisher config as described above)

Additional context
There are some (semi-)related issues which all appear to be resolved:

• Adding PyPI Trusted Publisher note about repository entry case-sensitivity #14622
• GitHub repository in Trusted Publisher should (probably) be case insensitive #15498
• Trusted publishing from GitLab CI/CD fails with caps in environment name #18330

Looking at the GitLab oidc model, I would even expect the current code to work, which further adds to my confusion of why it did not: