This fixes an issue that, when the client is embedded on a partner site
using third-party auth:

1. The client reads grant token that the client embeds in their page
   from the page
2. The oauth-auth service sends a grant token request, receives back an
   access token which it caches
3. session.js calls oauth-auth's clearCache(), which deletes the access
   token
4. The next time the access token is needed the oauth-auth sends a
   second grant token request, with the same grant token, and gets a
   second access token

So two grant token requests are sent, when only one was needed, because
the cached access token is deleted unnecessarily.

The fix is to make clearCache() in oauth-auth a no-op for now. For now
it never makes sense for oauth-auth to clear its cached access token.
OAuth is currently only used when the client is embedded in partner
sites and the grant token is embedded in the page by the client. Since
the grant token never changes, there's never any reason to clear the
access token and request a new one using the same grant token again (you
would just be requesting a new access token for the same user account).