There are several advantages (as well as disadvantages) to using an external identity provider. It allows for faster sign in and account creation, users don't need to remember different passwords for each website, etc.
However, it can be a privacy issue. The OAuth 2.0/OpenID Connect access scope should have the minimum permissions necessary to sign in and collect the external user ID (and e-mail address if creating a new account), and nothing else (throw away all unnecessary information such as the user's full name), and using an external identity provider to sign in to MediaWiki should be optional.
While creating an account, let users use their external account to create the account. The e-mail address on the external account (if any) will be used as the MediaWiki account's e-mail address, and the user will be asked to create a username after signing in to their external account. If there is no e-mail address on the external account, or MediaWiki was unable to get the e-mail address, the user should be asked to specify an e-mail address and verify it.
Users should be able to link and unlink their external accounts using Special:Preferences.
Users will be asked to create a password (or get a temporary password by e-mail) if they unlink all external accounts and they don't currently have a MediaWiki password.
As for what identity providers to use in Wikimedia sites, use the most commonly used ones, such as Google, Facebook and Microsoft, and sort by most commonly used. And use identity providers that implement OAuth 2.0, OpenID Connect and (maybe) SAML 2.0.