fix: Use sub instead of id in Gitlab

[tedzards509]

https://docs.gitlab.com/ee/integration/openid_connect_provider.html

The profile id is in the sub field not in the id field

☕️ Reasoning

https://docs.gitlab.com/ee/integration/openid_connect_provider.html According to this documentation for Gitlab as an OIDC provider, "The ID of the user" is in the sub field. An id field is not provided. This change works with Gitlab Enterprise version 16.11 while editing nect-auth version 4.24.5 due to other issues that were fixed by downgrading.

🧢 Checklist

• [ ] Documentation
• [ ] Tests
• [ ] Ready to be merged

🎫 Affected issues

📌 Resources

• Security guidelines
• Contributing guidelines
• Code of conduct
• Contributing to Open Source

[vercel[bot]]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
auth-docs	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Jun 16, 2024 9:45pm

1 Ignored Deployment

Name	Status	Preview	Comments	Updated (UTC)
next-auth-docs	⬜️ Ignored (Inspect)	Visit Preview		Jun 16, 2024 9:45pm

[vercel[bot]]

@tedzards509 is attempting to deploy a commit to the authjs Team on Vercel.

A member of the Team first needs to authorize it.

[tedzards509]

When sub.toString() is called on an undefined sub, this prevents it from reaching the error handler for a non-existing id field leading to a more cryptic error. Hence the addition of the ?

[tvh]

I don't think this PR is correct @tedzards509. As I read the code in https://github.com/nextauthjs/next-auth/blob/5e5a7fc5b41ea2e7e687f5c6e6d89c7967609dcb/packages/core/src/lib/actions/callback/oauth/callback.ts#L146, it will only use the token if the provider is marked as oidc. However, GitLab is marked as oauth. That means profile is called using the result of userinfo instead.

@balazsorban44, the ? is indeed necessary for the login to work at all here because of what I described above. However, it will lead to a random id being generated.