Bump doorkeeper to 5.4.0

What does this MR do?

Update doorkeeper gem from 5.3.0 to 5.4.0

The goal is to update to 5.5.0 and fix 2.7 warnings. This is a step towards that goal.

CHANGELOG: https://github.com/doorkeeper-gem/doorkeeper/blob/master/CHANGELOG.md#540

Review your custom patches or extensions for Doorkeeper internals if you have such - since now Doorkeeper passes Resource Owner instance to every objects and not just it's ID. See PR description for details.

I haven't found that we patch Doorkeeper internals

now fully according to RFC 7009 nobody can do a revocation request without client_id (for public clients) and client_secret (for private clients). Please update your apps to include that info in the revocation request payload.

Since revoke method has been changed, we need to review our tokens revokation, but it doesn't seem that we override revoke action in https://gitlab.com/gitlab-org/gitlab/-/blob/master/app/controllers/oauth/tokens_controller.rb