Django 1.7 compatibility and SchemedHttpResponseRedirect

[zopieux]

This PR fixes two things:

• With Django 1.7 it becomes impossible to have root-level functions that return a model class, as they're not yet loaded. Thus, the code below will fail. As a temporary workaround, I used monkey-patching within the application registry to make it work. This is quite hacky but I don't see any other way. See: get_application_model incompatible with Django 1.7 #151

class MyForm(ModelForm):
  class Meta:
    model = some_func()

• HttpResponseRedirect has a very restrictive list of allowed schemes (http, https, ftp) and fails with HTTP 400 for everything else. This prevents mobile (eg. Android) OAuth applications to use custom handlers eg. my-app-callback://oauth/. This PR adds a SchemedHttpResponseRedirect that allows all the schemes extracted from redirect_uris. As such, it remains safe.

The code has been live-tested but there are no unit tests yet.

Feel free to make comments I you want me to change things.

[zopieux]

Do not merge! The monkey patching is completely broken for tests. I'll update this PR ASAP to address the issue.

Well, I did not notice there were two other PR and one issue for the "redirect" issue.

• Issue Allow custom schemes in rediect_uri #154 is covered by this PR; I don't use any new setting, just allow whitelisted URI schemes – seems legit
• PR Allow custom uri schemes #155 is an implementation of the said unwanted new setting
• PR Allowed RedirectURIs fixed #168 seems a bit too wide (accepts everything that begins with a whitelisted URI) but maybe we can merge it too?

[zopieux]

Okay let's do this the proper way.