Enable Automatic Reuse Detection in Doorkeeper - OAuth Access Tokens

Related to #363525 (closed)

Currently GitLab (via Doorkeeper) invalidates access tokens whenever a new token is requested via a refresh token. Similarly, once a refresh token is used it is also invalidated and a new refresh token is returned with the new access token.

However, GitLab does not currently support automatic refresh token reuse detection. That is, if a revoked refresh token is used any 'related' access and refresh tokens are not also revoked.

It appears Doorkeeper supports this feature automatically in the presence of a previous_refresh_token column in the oauth_access_tokens table. Documentation on this feature is pretty non-existent but see https://github.com/doorkeeper-gem/doorkeeper/blob/master/lib/generators/doorkeeper/templates/migration.rb.erb#L60-72.

Question: Will changing this behavior constitute a breaking change?