chore(oidc): 回应 Copilot review

- ProviderType 从 identity.ProviderType 取（不再硬编码）
- fast-path 日志改用 infraerrors.Reason(err) 避免泄露 PII / 降噪

backend/internal/handler/auth_oidc_oauth.go

@@ -1246,7 +1246,7 @@ func (h *AuthHandler) tryOIDCVerifiedEmailFastPath(
 		upstreamMetadata[k] = v
 	}
 	input := service.EmailOAuthIdentityInput{
-		ProviderType:     "oidc",
+		ProviderType:     strings.TrimSpace(identity.ProviderType),
 		ProviderKey:      strings.TrimSpace(identity.ProviderKey),
 		ProviderSubject:  strings.TrimSpace(identity.ProviderSubject),
 		Email:            strings.TrimSpace(strings.ToLower(compatEmail)),
@@ -1258,11 +1258,11 @@ func (h *AuthHandler) tryOIDCVerifiedEmailFastPath(
 	}
 	tokenPair, user, err := h.authService.LoginOrRegisterVerifiedEmailOAuthWithInvitation(ctx, input, "", "")
 	if err != nil {
-		log.Printf("[OIDC OAuth] verified-email fast path skipped: %v", err)
+		log.Printf("[OIDC OAuth] verified-email fast path skipped: reason=%s", infraerrors.Reason(err))
 		return false
 	}
 	if err := h.ensureBackendModeAllowsUser(ctx, user); err != nil {
-		log.Printf("[OIDC OAuth] verified-email fast path blocked by backend mode: %v", err)
+		log.Printf("[OIDC OAuth] verified-email fast path blocked by backend mode: reason=%s", infraerrors.Reason(err))
 		return false
 	}