First, cleanup testERPSecurity, moving related tests in sub-classes instead of big classes with lots of tests (diff is big, because methods are moved around)

Change google and facebook login to reuse portal.setAuthCookie, which is the central point to set a cookie securely so that it can be used for authentication.

Refactor management of oauth keys to fix #20181121-1A36AE2.

Some minor fixes in business template definition.