Migrate oauth2_session_refresh_interaction_workflow to new-style workflows.

display comment by default

check contributor's organisation ealier

display corporate name instead of title

display web site instead of default document

add logo field for leaflet

display value used in dialog

update css

Call the original method instead of copy/pasting the code

We still keep the following patches:
 - user: this is an ERP5 addition and maybe we use it in customer project
   code (if we don't I'm in favor of removing the feature, it's used in
   only one place in this repo)
 - call `self.changeSkin(self.portal.getCurrentSkinName())`. Maybe this
   is needed for CMFCore tests and could be good to send upstream, I did
   not check this part

This reverts commit 8d81b128.

commit message was wrong

Call the original method instead of copy/pasting the code

The original method will use .encode() on the basic= argument, so it
needs to be an ascii str or an unicode on python2, we had to change
some callers to pass basic= as text, to prevent:

     File "eggs/Zope-4.5.3+slapospatched001-py2.7.egg/Testing/ZopeTestCase/functional.py", line 43, in wrapped_func
       return func(*args, **kw)
     File "eggs/Zope-4.5.3+slapospatched001-py2.7.egg/Testing/ZopeTestCase/functional.py", line 93, in publish
       env['HTTP_AUTHORIZATION'] = basic_auth_encode(basic)
     File "eggs/Zope-4.5.3+slapospatched001-py2.7.egg/ZPublisher/utils.py", line 91, in basic_auth_encode
       header = b'Basic ' + base64.b64encode(value.encode('latin-1'))
   UnicodeDecodeError: 'ascii' codec can't decode byte 0xc3 in position 2: ordinal not in range(128)

ValidationFailed is now a "real" class from Products.ERP5Type.Core.Workflow

See merge request nexedi/erp5!1676

this only supported http and never supported https, probably nobody is
using this and it makes porting to python3 more complicated

we had a patch to close <input/> elements, but with HTML5 this is no
longer recommended.

template_keep_path_list, template_keep_workflow_path_list and
template_keep_last_workflow_history_only_path_list were not sorted
for no reason

The _getOrderedList approach was not ideal, because the properties were
saved when being displayed, so the typical workflow was:

 1. enter the property as non sorted
 2. click save (property is saved as non sorted)
 3. the page displays the property again as sorted
 4. click save again so that the property is saved as sorted

by sorting the properties at save time, step 1 is enough

This change back the accessors to be "standard" accessors, ie. returning
lists, like every other list accessors, so a few tests and a few scripts
had to be adjusted for the new API.

Lazy loading img are also not loaded, which speed up page rendering.

This should evolve to become a browser-side OAuth2 client.

So every new instance is able to use self-contained oauh2 authentication.
In turn, this triggers atomated migration of a few portal types, which
cause the coding style tests to fail. So commit these as well.

Replace CookieCrumbler's cookie with OAuth2 tokens:
- add the notion of authenticated sessions: period from a login action to
  either a logout or the expiration of tokens
- avoids session fixation (knowing one token does not grant near-permanent
  access to the session)
- reduces the per-request cost of authentication (removes the need to
  compute user's groups, and the need to cache these groups for a fixed
  period).

Also, to reliably open login_form, log out.