fix: use idToken for mapping when using old configs (#5458)

* fix: use idToken for mapping when using old configs

* fix events and add tests

internal/idp/providers/oidc/oidc.go

@@ -20,6 +20,7 @@ type Provider struct {
 	isCreationAllowed bool
 	isAutoCreation    bool
 	isAutoUpdate      bool
+	useIDToken        bool
 	userInfoMapper    func(info oidc.UserInfo) idp.User
 	authOptions       []rp.AuthURLOpt
 }
@@ -55,6 +56,13 @@ func WithAutoUpdate() ProviderOpts {
 	}
 }
 
+// WithIDTokenMapping enables that information to map the user is retrieved from the id_token and not the userinfo endpoint.
+func WithIDTokenMapping() ProviderOpts {
+	return func(p *Provider) {
+		p.useIDToken = true
+	}
+}
+
 // WithRelyingPartyOption allows to set an additional [rp.Option] like [rp.WithPKCE].
 func WithRelyingPartyOption(option rp.Option) ProviderOpts {
 	return func(p *Provider) {

internal/idp/providers/oidc/session.go

@@ -47,6 +47,9 @@ func (s *Session) FetchUser(ctx context.Context) (user idp.User, err error) {
 	if err != nil {
 		return nil, err
 	}
+	if s.Provider.useIDToken {
+		info = s.Tokens.IDTokenClaims
+	}
 	u := s.Provider.userInfoMapper(info)
 	return u, nil
 }