Add resourceAppId property to oAuth2PermissionGrant

[ouali-ls2]

To check what permissions are granted by our clients, we use application mode and get the servicePrincipal, this works fine for the permissions of type applications. The problem lies in the delegated permissions. Currently, oAuth2PermissionGrant exposes only resourceId (servicePrincipalId which is different from tenant to tenant) and no resourceAppId. So we need to get this servicePrincipal by this resourceId to get the appId. The problem here is that we are not allowed to do this unless we have an Application.Read.All which we cannot ask or justify to our clients because it is an elevated permission.

[amarmechai]

We also need resourceAppId exposed in oAuth2PermissionGrant for delegated permissions to avoid requiring elevated Application.Read.All access. This would help us identify target apps reliably across tenants.