Allow custom redirect_uri validator for AbstractApplication

[alvingonzales]

I'm trying to find a way to override the validator specified for AbstractApplication.redirect_uris model field, but I don't think there's actually a way for someone to do that in django?

Would it be possible instead to have this configurable in a setting so that i.e. validators.validate_uris() would instead use the function I might specify in the settings when validating the field?]

My main use case here is to allow specifying custom uri schemes for native apps (e.g. com.mycompany.app:/oauth2redirect, see https://developers.google.com/identity/protocols/OAuth2InstalledApp). And while I might be able to specify the schemes in ALLOWED_REDIRECT_URI_SCHEMES, it doesnt really give the flexibility I need.

For example, I might want to store allowed custom schemes in the database, or use a blacklist, or allow any scheme but the app needs to be reviewed before the credentials can actually be used. This would be helpful to have an api protected by django-oauth-toolkit to be a backend data store for native iOS/Android apps.

I could implement and make a PR for this, but I'm more thinking if this is actually a good idea, or if there's a better way of handling it.

[cleder]

see #443