Django-oauth-toolkit

* South migrations fixed. Added new django migrations.

* Several docs improvements and minor fixes
* 185: fixed vulnerabilities on Basic authentication
* 173: ProtectResourceMixin now allows OPTIONS requests
* Fixed `client_id` and `client_secret` characters set
* 169: hide sensitive information in error emails
* 161: extend search to all token types when revoking a token
* 160: return empty response on successful token revocation
* 157: skip authorization form with ``skip_authorization_completely`` class field
* 155: allow custom uri schemes
* fixed ``get_application_model`` on Django 1.7
* fixed non rotating refresh tokens
* 137: fixed base template
* customized ``client_secret`` length
* 38: create access tokens not bound to a user instance for *client credentials* flow

* Don't pin oauthlib

* Added database indexes to the OAuth2 related models to improve performances.

**Warning: schema migration does not work for sqlite3 database, migration should be performed manually**

* Make Application model truly "swappable" (introduces a new non-namespaced setting `OAUTH2_PROVIDER_APPLICATION_MODEL`)

* added support for `scope` query parameter keeping backwards compatibility for the original `scopes` parameter.
* __str__ method in Application model returns content of `name` field when available