Use repository owner for scope by default

[tspascoal]

closes #18

If scope parameter wasn't passed it used empty by default.

This means a token would be returned for the first installation id on the list.

If the app had a single install this would work fine, otherwise the user will get a token scope to an owner that (probably) didn't meant to.

With this change it now uses the current repo owner (org or account).

Note I don't think this is a breaking change, however some users could be accident getting the wrong scope but still it was they needed by chance (if it's the first installation and the first installation is not the current owner).

As a check this step can be used to list the repos to which the returned token has access to

- name: list repos accessible to token
   run: gh api /installation/repositories --paginate --jq .repositories.[].full_name
   env:
      GITHUB_TOKEN: ${{ steps.my-app.outputs.token }}