fix: Enable OIDC with Synology SSO Server (#4544)

mealie/core/security/providers/openid_provider.py

@@ -63,12 +63,14 @@ class OpenIDProvider(AuthProvider[UserInfo]):
             try:
                 # some IdPs don't provide a username (looking at you Google), so if we don't have the claim,
                 # we'll create the user with whatever the USER_CLAIM is (default email)
-                username = claims.get("preferred_username", claims.get(settings.OIDC_USER_CLAIM))
+                username = claims.get(
+                    "preferred_username", claims.get("username", claims.get(settings.OIDC_USER_CLAIM))
+                )
                 user = repos.users.create(
                     {
                         "username": username,
                         "password": "OIDC",
-                        "full_name": claims.get("name"),
+                        "full_name": claims.get(settings.OIDC_NAME_CLAIM),
                         "email": claims.get("email"),
                         "admin": is_admin,
                         "auth_method": AuthMethod.OIDC,
@@ -96,7 +98,7 @@ class OpenIDProvider(AuthProvider[UserInfo]):
     def required_claims(self):
         settings = get_app_settings()
 
-        claims = {"name", "email", settings.OIDC_USER_CLAIM}
+        claims = {settings.OIDC_NAME_CLAIM, "email", settings.OIDC_USER_CLAIM}
         if settings.OIDC_REQUIRES_GROUP_CLAIM:
             claims.add(settings.OIDC_GROUPS_CLAIM)
         return claims

mealie/core/settings/settings.py

@@ -332,6 +332,7 @@ class AppSettings(AppLoggingSettings):
     OIDC_PROVIDER_NAME: str = "OAuth"
     OIDC_REMEMBER_ME: bool = False
     OIDC_USER_CLAIM: str = "email"
+    OIDC_NAME_CLAIM: str = "name"
     OIDC_GROUPS_CLAIM: str | None = "groups"
     OIDC_SCOPES_OVERRIDE: str | None = None
     OIDC_TLS_CACERTFILE: str | None = None