fix(discord): always include identify scope (#414)

[yabanci]

What

Closes #414.

providers/discord/discord.go:newConfig currently drops ScopeIdentify whenever the caller passes any custom scope:

if len(scopes) > 0 {
    for _, scope := range scopes {
        c.Scopes = append(c.Scopes, scope)
    }
} else {
    c.Scopes = []string{ScopeIdentify}
}

So calling discord.New(k, s, cb, "email") yields Scopes: ["email"], which Discord rejects with 401 from /users/@me. The reporter (@tardisx) hit this exact path.

Discord's docs are explicit: identify is the scope that gates /users/@me itself; email only enriches the response. The existing constant in this file even spells it out:

// ScopeIdentify allows /users/@me without email
// ScopeEmail enables /users/@me to return an email

Change

Always include ScopeIdentify first, then append user scopes while filtering out a duplicate identify:

Scopes: []string{ScopeIdentify},
...
for _, scope := range scopes {
    if scope != ScopeIdentify {
        c.Scopes = append(c.Scopes, scope)
    }
}

Backward compatibility

• Callers passing no scopes: unchanged — [identify].
• Callers passing [identify, ...]: unchanged — order preserved, no duplication.
• Callers passing scopes without identify (e.g. [email]): now [identify, email] instead of [email]. Their previously-broken FetchUser call now succeeds. The only behavioural difference is that Discord's consent screen will list identify — which is correct, since the app was already trying to read user info.

Tests

Added Test_DefaultScopeAlwaysIncludesIdentify — table-driven, four cases:

name	input scopes	expected config.Scopes
no scopes	nil	[identify]
email only	[email]	[identify, email]
identify explicit (no dupe)	[identify, email]	[identify, email]
multiple custom	[email, connections, guilds]	[identify, email, connections, guilds]

Verified the new test fails on master (cases 2 and 4 explicitly miss identify) and passes with the fix applied. go test ./... is green across all 50+ providers; go vet ./... is clean.