Fix OAuth app spam
This combined with pleroma-fe!1930 (merged) will fix the apps/oauth_tokens tables from being flooded with entries.
While here also add tests that scopes and website fields are correctly updated.
We're not supporting updating the :redirect_uris field at this time, but it could be added in the future.
Edited by feld