Overly broad WCA OAuth scope?

[jfly]

There's an oauth url with a scope defined in a few places in this repo:

• https://github.com/cubing/CubePB/blob/6f8d7a584eed59be26a4dc562fce5fb7c1f83ef0/frontend/.env.example
• https://github.com/cubing/CubePB/blob/e80625da5de3f275cc43cee8113308af5e83d703/.github/workflows/build-frontend.yml
• https://github.com/cubing/CubePB/blob/99c192a881601878c369ba395c3ae95740d141d3/.github/workflows/frontend-deploy-alpha.yml
• https://github.com/cubing/CubePB/blob/d4a6fa3f31f22228a2c2a034d71aab91fc34c084/.github/workflows/frontend-deploy.yml

All of those have scope=public+dob+email+manage_competitions. Do you really need dob and manage_competitions? If you do, it would be nice to have an explanation of why when I log in.

Neat project, btw! I look forward to learning more about it =)

[big213]

Fair point, and thanks for bringing this to my attention. I guess the dob and manage_competitions scopes are not really needed, I think they were added because I just copy and pasted that part from some other project that did use them. Anyway, I will get these references removed in the next release.