This adds type hints throughout djblets.webapi.auth.backends. Return

types are now properly standardized and documented, as are credential

arguments. This will give us a path forward if we want to enhance these,

and aids in implementing backends in consuming codebases.
Token authentication, which uses both a webapi auth backend and a Django

auth backend with a validate_token() method, now has that relationship

clearly defined through use of Protocols, a typing feature to help with

duck typing. It also skips calling this method if there's no token to

validate, which can avoid problems in backends.
Some places where we were directly setting, deleting, or retrieving

custom Django-namespaced properties now uses setattr(), getattr(),

and delattr(), to avoid attribute errors during type checks.

All unit tests pass in all supported versions of Python.