fix: stop requesting account_email by default for Kakao

[heyman333]

Summary

• remove account_email from the default Kakao OAuth scopes
• keep Kakao default scopes as profile_image, profile_nickname
• add regression tests to ensure account_email is not requested by default

Why

account_email consent is available only for Kakao Business apps in many setups. Requesting it by default can break Kakao login for non-business apps.

Testing

• Could not run tests in this environment because Docker daemon was not running and Go is not installed locally.
• Added/updated tests in:
  • internal/api/provider/kakao_test.go
  • internal/api/external_kakao_test.go

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

Configuration used: Central YAML (base), Organization UI (inherited)

Review profile: CHILL

Plan: Pro

Cache: Disabled due to Reviews > Disable Cache setting

Disabled knowledge base sources:

• Linear integration is disabled

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between a9b20af and 8d848d4.

📒 Files selected for processing (3)

• internal/api/external_kakao_test.go
• internal/api/provider/kakao.go
• internal/api/provider/kakao_test.go

🚧 Files skipped from review as they are similar to previous changes (3)

• internal/api/provider/kakao.go
• internal/api/provider/kakao_test.go
• internal/api/external_kakao_test.go

---

📝 Walkthrough

Summary by CodeRabbit

• Kakao OAuth integration updated. Email access removed from default requested permissions and now requires Kakao Business app registration. Kakao login now defaults to requesting only profile image and profile nickname, streamlining the permission consent process. Custom scopes remain available for those requiring additional user data.

Walkthrough

The changes modify the Kakao OAuth provider's default scopes by removing account_email from the default scope list, keeping only profile_image and profile_nickname as default scopes. A comment was added indicating that account_email requires Kakao Business app registration. Test cases were added to verify the default scope configuration and to confirm that custom scopes can be appended to the defaults. Integration test assertions were updated to validate the expected scope configuration.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[cemalkilic]

Hi @heyman333 , thanks for the PR!

I’m going to close this for now because removing account_email from the default scopes could be a backward-incompatible change, some users may already be relying on that scope being requested by default.

The good news is we’re working on custom OAuth providers, which should go live next week in the Supabase Dashboard. With that, developers will be able to configure any OAuth/OIDC provider without requiring code changes on Supabase Auth side.

Let me know if you're interested in testing it with Kakao. If so, you can create a ticket on https://supabase.help referring to this message and I'll take it from there!