fix(server): make email and name optional in OIDC user info

[hayd1n]

This change updates the OIDCUserInfoSchema to make the name and email fields optional because these values are already resolved through the configurable claimsMap. Since different OIDC Providers may use different claim names—or omit certain claims entirely—the schema should not require fields that are not guaranteed to exist.

This problem is particularly visible when using Synology SSO Server’s OIDC Provider. Synology SSO Server returns a username claim instead of name or preferred_username. Because the previous schema required name and email, parsing the userinfo response resulted in validation errors despite the presence of equivalent data under different claim keys.

By marking name and email as optional, the schema now correctly reflects real-world provider behavior, allowing claimsMap to map the appropriate fields without causing runtime errors.

Summary by CodeRabbit

• Bug Fixes
  • Enhanced OpenID Connect authentication to support a broader range of identity providers. Email and name fields are now optional in user profile validation, allowing authentication to proceed even when these fields are missing. Email format validation is preserved when the email field is present.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[CLAassistant]

All committers have signed the CLA.

[coderabbitai]

Walkthrough

The OIDC user info schema validation was relaxed to make email and name fields optional. Previously both fields were required, with email requiring valid format. Now both fields are optional, though email format validation is maintained when present.

Changes

Cohort / File(s)	Summary
OIDC Schema Validation packages/backend/server/src/plugins/oauth/providers/oidc.ts	Made email and name fields optional in OIDC userinfo schema; email retains format validation when provided

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

• Single file modification with straightforward schema constraint relaxation
• No logic changes or control flow modifications
• Minimal test surface area to consider

Poem

🐰 The schema softens, fields now bend,
Email and name need not attend,
Validation still holds, when present they stay,
More flexibility comes our way! ✨

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Title check	✅ Passed	The title accurately describes the main change: making email and name optional in OIDC user info schema, which aligns with the changeset's objective.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[darkskygit]

fixed by #14061