I have a separate resource and auth service and am trying to override the OAuth2Validator in django-oauth-toolkit to work with this setup.
In the original impl, OAuth2Validator.validate_bearer_token sets the request.client to the OAuth2 application - is this something internally required for the rest of the oauth-toolkit to function, or am I safe to not implement this if my service won't use Application? In my case I'm just validating the scopes/expiry/user of the token, and since Application is not stored on my resource, it is an extra request to retrieve it.