Implement LOLA-compliant OAuth2 validator and enhance Application registration

[aaronjae22]

This PR focus on enforcing LOLA specification compliance through a custom validator and improving the application registration experience.

These changes ensure our testbed properly supports secure service-to-service authorization flows for account transfers.

Validator Implementation

The core of this PR is the new ActivityPubOAuth2Validator.

The validator performs two critical functions:

First, it validates that all OAuth requests include the 'activitypub_account_portability' scope, rejecting any authorization attempts that don't explicitly request this scope. This ensures our OAuth endpoints can only be used for their intended purpose - ActivityPub account portability - rather than general authentication or other API access.

Second, it enforces redirect URI validation, ensuring authorization codes are only sent to pre-registered destinations.

The validator has been registered in the Django settings and is now active for all OAuth flows. django-oauth-toolkit will automatically use this validator for all OAuth requests.

It's actively enforcing LOLA compliance for all OAuth flows in the application right now. When a destination service initiates an OAuth request without the proper scope or with an invalid redirect URI, this validator will reject it, protecting the system from misuse.

Form and Utility Enhancements

This PR also enhances the application registration form to display the service name field with appropriate labels and help text. The service name is important in the OAuth flow as it appears on the authorization screen that users see when approving account transfers

Close #130