Fix logic in "last used at per application" oauth token list

[mjankowski]

Background: #25060 (review)

The resulting query winds up looking like...

Doorkeeper::AccessToken Maximum (1.5ms)  SELECT MAX("oauth_access_tokens"."last_used_at") AS "maximum_last_used_at", "oauth_access_tokens"."application_id" AS "oauth_access_tokens_application_id" FROM "oauth_access_tokens" WHERE "oauth_access_tokens"."resource_owner_id" = $1 AND "oauth_access_tokens"."last_used_at" IS NOT NULL GROUP BY "oauth_access_tokens"."application_id"  [["resource_owner_id", 1259]]

...which gives us the id-indexed hash pointing to latest date for each application.

Future improvements here:

• At minium, we could declare an association for user<>token which could be used here and in a few other spots where we are fully building these types of queries
• In addition to that, we could contemplate something like Add Doorkeeper::Application.webapp helper #31042 (comment) in which case those new models could also have scopes for the "last used not nil" portion of this

I think this spec covers at least the most basic scenarios, but let me know if I missed an edge case or some portion of what this is doing.