Make password hashing agnostic

[micahlmartin]

Make it so that when validating passwords the implementer can supply the hashing mechanism for the password.

PasswordTokenRequestAuthorizer.cs

            if (resourceOwner.Password != request.Password.ToHash())
                throw new OAuthException(ErrorCode.InvalidClient, "User credentials are invalid");

Should be somthing like:

            IPasswordHashProvider hashProvider = _serviceLocator.PasswordHashProvider;
            var hashedPassword = hashProvider.Hash(request.Password);
            if (resourceOwner.Password != hashedPassword)
                throw new OAuthException(ErrorCode.InvalidClient, "User credentials are invalid");

[micahlmartin]

Fixed here: #7