Make Discord OAuth not require `guilds.join` scope

[zarvox]

Some people expressed concern at the fact that jolly-roger requests guilds.join, which allows us to make users members of our guild, when we could instead provide invite links (and require an additional click to accept the guild invite), to allow the user to drive that action rather than requiring a kinda-powerful scope on our tokens.

[ebroder]

The flip side is that without guilds.join we won't have an automatic way to link a JR user back to a Discord account. Unless people link their accounts manually (and based on experience with Slack, I worry that they won't), we won't have any way to do permission management and such.

[zarvox]

I don't think that's necessarily true? We can retain the behavior where you don't get access unless you've linked accounts in jolly-roger. Suppose the following:

• We still don't let random rank-and-file users create Discord invites (no CREATE_INSTANT_INVITE permission on @everyone)
• We still make people OAuth with just the identity scope to link their jolly-roger and Discord identities (which we can retrieve after OAuthing via /users/@me)
• After linking Discord ID to jolly-roger user via OAuth, we create a guild invite scoped to their user id, and then show that link in a different notification. The user clicks that link and then Discord allows them to confirm they wish to join the Discord guild.
• We can dismiss that notification after use by watching the stream of users joining the guild/channels via the bot on the gateway, or just letting the user manually dismiss. If we don't want to watch the user stream/track state, we can just show the invite link on the user profile page if we need some way to make it possible for users to find again later.

[zarvox]

I think we should still do this, especially in light of the move to more hunt-attached behavior for external services rather than server-attached behavior for external services. In the hunt-attached model, I propose:

• the OAuth application ID + bot are still global and configured server-globally
• jolly-roger uses OAuth to bind Discord identities to users at the server level
• the creator (or operators) of a hunt may invite the bot to their guild. (Granting adequate permissions to the bot prove that you are a sufficiently-privileged member of the guild to represent it, as far as jolly-roger is concerned.)
• once invited to a guild, the hunt creators/operators whose Discord user invited the bot to the guild may may bind that guild to hunts they created/operate. (You must be known to jolly-roger as a representative of the guild to bind it to a hunt.)
• the same set of users may configure permissions or announcement/firehose channels for that hunt from the specified guild. (If you are known to be a guild operative, and are a hunt operator, you may configure other guild-specific behavior for the areas in the intersection of those two roles.)
• if the guild is configured for a hunt, participants in that hunt may, once they have connected a Discord user to their jolly-roger user, receive an invitation link to the guild that they can follow to self-drive Discord access.