Use volatile cache to store tokens and one key per site.

Token server can be totally different then resource server.

Return token on addition.
Use proxied scripts to access whole system in order to allow unprivileged user
to manage own tokens.
Update roles immediately in order to give unprivileged user access to
validated token.

By requiring token_validation_method extraction plugin is only responsible
for low level implementation.

BearerTokenModule_addNewToken allows to add token for Person passed as
destination_reference. In case if Person has no key assigned new one is
generated.

BearerToken_isValid allows to validate token against (possibly) related person
object.

Base_getHMAC is low level interface to hmac module.

In order to made tokens unique use User-Agent and REMOTE_ADDR in token
generation body. Thanks to this token will be narrowed to one broswer. In order
to avoid reuse token on different servers add Host.

Key to generate HMAC are stored on Person object using bearer_token_key property.

Bearer is token used in OAuth 2. This plugin extracts this token from
Authorisation header and uses defined portal type query in order to check
if token is valid and for which user.

Allow to edit Role Information using proper category (forgotten commit from 5272e987).

Remove not used proeprty.

Otherwise, we use superclass' __contains__ implementation, which uses
objectIds, which is inefficient in HBTreeFolder2 to lookup a single key.

This commit reverts fdf4fa44 that does not work in reality.

Provide migration ability from persistent Control Panel if present.
Drop destructive "backward-compatibility" code (delete object if old
version).
Fixes Zope 2.13 .

Fixes Zope 2.13 .

make items tales expression generic in PaymentTransactionGroup_viewSelectPaymentTransactionLineListDialog/your_sign.