feat: basic OpenID Connect support

server/entity/LinkedAccount.ts

@@ -0,0 +1,27 @@
+import { Column, Entity, ManyToOne, PrimaryGeneratedColumn } from 'typeorm';
+import { User } from './User';
+
+@Entity('linked_accounts')
+export class LinkedAccount {
+  constructor(options: Omit<LinkedAccount, 'id'>) {
+    Object.assign(this, options);
+  }
+
+  @PrimaryGeneratedColumn()
+  id: number;
+
+  @ManyToOne(() => User, (user) => user.linkedAccounts, { onDelete: 'CASCADE' })
+  user: User;
+
+  /** Slug of the OIDC provider. */
+  @Column({ type: 'varchar', length: 255 })
+  provider: string;
+
+  /** Unique ID from the OAuth provider */
+  @Column({ type: 'varchar', length: 255 })
+  sub: string;
+
+  /** Account username from the OAuth provider */
+  @Column()
+  username: string;
+}

server/entity/User.ts

@@ -1,6 +1,7 @@
 import { MediaRequestStatus, MediaType } from '@server/constants/media';
 import { UserType } from '@server/constants/user';
 import { getRepository } from '@server/datasource';
+import { LinkedAccount } from '@server/entity/LinkedAccount';
 import { Watchlist } from '@server/entity/Watchlist';
 import type { QuotaResponse } from '@server/interfaces/api/userInterfaces';
 import PreparedEmail from '@server/lib/email';
@@ -91,6 +92,9 @@ export class User {
   @Column({ type: 'varchar', nullable: true, select: false })
   public plexToken?: string | null;
 
+  @OneToMany(() => LinkedAccount, (link) => link.user)
+  public linkedAccounts: LinkedAccount[];
+
   @Column({ type: 'integer', default: 0 })
   public permissions = 0;