From 9740011a313d912fdb71ee0c9ee83d56cf45ad1e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20Guillot?= <f@miniflux.net>
Date: Sun, 8 Jun 2025 18:00:29 -0700
Subject: [PATCH] feat(oidc): use `preferred_username` first instead of `email`
 claim

---
 internal/oauth2/oidc.go | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/internal/oauth2/oidc.go b/internal/oauth2/oidc.go
index 6d9784f1..54068d07 100644
--- a/internal/oauth2/oidc.go
+++ b/internal/oauth2/oidc.go
@@ -75,7 +75,9 @@ func (o *oidcProvider) GetProfile(ctx context.Context, code, codeVerifier string
 		return nil, fmt.Errorf(`oidc: failed to parse user claims: %w`, err)
 	}
 
-	for _, value := range []string{userClaims.Email, userClaims.PreferredUsername, userClaims.Name, userClaims.Profile} {
+	// Use the first non-empty value from the claims to set the username.
+	// The order of preference is: preferred_username, email, name, profile.
+	for _, value := range []string{userClaims.PreferredUsername, userClaims.Email, userClaims.Name, userClaims.Profile} {
 		if value != "" {
 			profile.Username = value
 			break