Fallback on email in the token if Auth0 userinfo fails (#36347)

We fetch userinfo from Auth0 on new accounts. The thing we really need is an email (name + nickname are optional and nice to have).

This isn't possible for some of our external apps (Chef), so fallback on taking the email from the validated access token instead.

GitOrigin-RevId: 8650f40bb0d90456bcfbae1a89f7b8f8ed48d545

Author: sshader

crates/authentication/src/lib.rs

@@ -225,18 +225,35 @@ pub struct ConsoleClaims {
 pub struct ConsoleAccessToken {
     email: String,
     sub: String,
+    name: Option<String>,
+    nickname: Option<String>,
 }
 impl ConsoleAccessToken {
     #[cfg(any(test, feature = "testing"))]
     pub fn new(email: String, sub: String) -> Self {
-        Self { email, sub }
+        Self {
+            email,
+            sub,
+            name: None,
+            nickname: None,
+        }
     }
 
     pub fn email(&self) -> &str {
         &self.email
     }
 }
 
+impl From<ConsoleAccessToken> for UserInfo {
+    fn from(value: ConsoleAccessToken) -> Self {
+        Self {
+            email: value.email,
+            name: value.name,
+            nickname: value.nickname,
+        }
+    }
+}
+
 #[derive(Deserialize, Clone)]
 /// Relevant fields returned from the Auth0 userinfo endpoint
 pub struct UserInfo {
@@ -400,6 +417,9 @@ where
             .as_ref()
             .expect("Already validated subject is present")
             .to_owned(),
+        // TODO(sarah) read these from the token if possible
+        nickname: None,
+        name: None,
     })
 }