AccessTokens are stored in the table oauth_access_tokens.
This creates a new access token (as the superuser) and populates its values from the given request token.
This neatly encapsulates the "is this access token perfect?" check.
This will return a (boolean, message) pair, with boolean indicating success (true means the token is good) and message indicating error (or another affirmation of success).
Only root may have access to this model.
In the near future, we should allow the authorizing user to edit this token (taking care of course that the authorizing user is not actually authed via OAuth!)
