Allow setting, retrieving and resetting OAuth2 tokens

Unline password authentication the OAuth2 authentication can at any
time change the tokens due to reauthentication or access token
refresh. These updated tokens need to be passed up to the main
resource in order for them to be stored for use after a restart.

The access token also needs to be reset in case it is found not to be
valid any more.