by Jeff Shrek.
To answer my own question, I figured out that there is no username policy specified in config (only password policy).
The default behavior for Moodle username is: Moodle username policy only allows alphanumeric lowercase characters (letters/numbers) and underscore ( _ ) and hyphen( - ) and period( . ) and at-symbol( @ )
So using preg_replace you can eliminate everything that should not be there with this:
$username = strtolower($username); //convert any UPPERCASE to lowercase
$username = preg_replace('/[^-.@_0-9a-z]/', '', $username); //remove all other characters that are not allowed