From 6b9b8467b6bf03951315097730f4738266540a68 Mon Sep 17 00:00:00 2001
From: Maciej Pienczyn <maciej.pienczyn@inpi.pl>
Date: Wed, 11 Mar 2026 08:26:49 +0100
Subject: [PATCH] fix: add openid email scopes to Google OAuth for account
 identification

Without email scope, userinfo endpoint returns 401 and account email
cannot be captured during OAuth flow. Added openid+email to both GBP
and Search Console scopes.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 oauth_service.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/oauth_service.py b/oauth_service.py
index ebbb91a..ae2f503 100644
--- a/oauth_service.py
+++ b/oauth_service.py
@@ -28,8 +28,8 @@ OAUTH_PROVIDERS = {
         'auth_url': 'https://accounts.google.com/o/oauth2/v2/auth',
         'token_url': 'https://oauth2.googleapis.com/token',
         'scopes': {
-            'gbp': 'https://www.googleapis.com/auth/business.manage',
-            'search_console': 'https://www.googleapis.com/auth/webmasters',
+            'gbp': 'https://www.googleapis.com/auth/business.manage openid email',
+            'search_console': 'https://www.googleapis.com/auth/webmasters openid email',
         },
     },
     'meta': {