Do not allow updating usernames for OIDC and GitHub accounts, even for admins, but track the OAuth provider usernames instead.

Context

We should not allow changing usernames for OIDC or GitHub-provisioned accounts. The source of truth should be the username obtained from the OIDC/GitHub provider. Instead, we should automatically update the username on each new login if it is changed in the provider.

For example, I have observed this behavior in JFrog Artifactory OAuth users.

Drawback

A possible drawback is losing data if resources are named based on the username, i.e.,data.coder_workspace.me.owner. We can solve this by updating example templates to not use the username for naming resources.

Benefit

Moving towards a unified, easy setup for new workspaces, i.e.,#8462, where they would integrate with other cloud providers or external services like Artifactory, will prevent any mismatch between the usernames on Coder and the external service.

For example, if a user logs into Artifactory and the Coder using the GitHub login, Artifacrory tracks the GitHub username and updates the Artifactory username automatically, while Coder does not.