Support manually parsed code&state parameter for `authorize_access_token`

[cbscsm]

Is your feature request related to a problem? Please describe.

For now, authorize_access_token directly parses the parameters of GET/POST request and process it. I can't reuse only "processing" part without "parsing(deserialize)" part.

I have custom redirect endpoint using DRF's POST method. This endpoint is requested by our Frontend(actual OAuth2.0 redirected page). I use custom context key instead of Django session since the API(Authorization) server and Frontend server could be not in the same domain.

Describe the solution you'd like

So I want to parse the parameter of auth endpoint, and pass(inject) code&state value to authorize_access_token. I think we can separate public method with "parsing" part and "processing" part. For backward compatibility, authorize_access_token calls both public method. And if some users want just one of both, they just can call it directly.

Describe alternatives you've considered

For now, I can only implement this via subclassing DjangoOAuth2App. Or I can call directly required public methods in DjangoOAuth2App. But still I need to call _format_state_params that is protected method.