OAuth tokens without expiry in the DB

In #340848 (closed), we enforced OAuth token expiry as a breaking change for 15.0. We did it 2 steps:

1. enforced expiring tokens for OAuth applications in !86362 (merged)
2. run a background migration to set expiry for all existing tokens in !86379 (merged)

Both changes have been successfully deployed, and the background migration successfully set expiry for all existing tokens.

However, since then, the number of OAuth tokens without expiry is growing which shouldn't happen.