google-calendar: Narrow the permission scope to calendar events.

Previously used scope: `calendar.readonly`
New scope: `calendar.events.readonly`

Other than events, a calendar contains `settings`, `addons` ,`app`,
`calendarlist`, `calendars`, `acls` (permissions), `freebusy`
(availability), and more.
Since this integration only sends reminders, we need access only to the
events.

More narrow scopes like `calendar.events.owned.readonly` and
`calendar.events.public.readonly` are available, but we want to be able
to support shared calendars as well, so we're not using them.

Also removed a comment regarding SCOPES that has now become redundant.

Author: Niloth-p

zulip/integrations/google/get-google-credentials

@@ -5,11 +5,7 @@ from google.auth.transport.requests import Request
 from google.oauth2.credentials import Credentials
 from google_auth_oauthlib.flow import InstalledAppFlow
 
-# If modifying these scopes, delete your previously saved credentials
-# at zulip/bots/gcal/
-# NOTE: When adding more scopes, add them after the previous one in the same field, with a space
-# seperating them.
-SCOPES = ["https://www.googleapis.com/auth/calendar.readonly"]
+SCOPES = ["https://www.googleapis.com/auth/calendar.events.readonly"]
 # This file contains the information that google uses to figure out which application is requesting
 # this client's data.
 CLIENT_SECRET_FILE = "client_secret.json"  # noqa: S105

zulip/integrations/google/google-calendar

@@ -21,7 +21,7 @@ except ImportError:
 sys.path.append(os.path.join(os.path.dirname(__file__), "../../"))
 import zulip
 
-SCOPES = ["https://www.googleapis.com/auth/calendar.readonly"]
+SCOPES = ["https://www.googleapis.com/auth/calendar.events.readonly"]
 CLIENT_SECRET_FILE = "client_secret.json"  # noqa: S105
 HOME_DIR = os.path.expanduser("~")