Rather than support the fiddly matrix of possiblities when a user
may not have a session with the application but has a session with
the identity provider, borrow the newer "Goldilocks" API design from
upstream where the application is responsible for its own session
and the BrowserId implementation is less stateful.

This is in preparation for using the so-called "Goldilocks API" of
Persona where we manage the session ourselves.

Handle errors, ready notification, cancellations and cleanups.

Frontend module reorg

Move toward cleaning up our angular namespaces and organization. By
flattening our namespaces and changing our file naming we're able to
reduce the boilerplate needed for angular module and asset bundle
definitions.

- Kill all the ``h.*`` angular submodules except for ``h.auth``,
  ``h.helpers`` and ``h.identity``. This vastly reduces the amount
  of dependency repetition throughout our angular files as all
  the dependencies of the entire main h module can be declared in
  app.coffee and all the other files simply add their exports to
  the main module.

- Add a helpers/helpers.coffee module definition file so that the
  rest of the helpers can use the 1-arity ``angular.module`` getter
  to attach themselves. These files can all be included with a glob
  in the asset bundle definition.

- Use the glob syntax to include all the directives in the asset
  bundle definition.

- Rename the controller modules in the auth bundle with a '-controller'
  suffix. These can be similarly globbed in the bundle definition.

- Make auth/auth.coffee a module definition file so that the
  rest of the component can use the 1-arity ``angular.module`` getter
  to attach themselves. These files can all be included with globs
  in the asset bundle definition.

- Ensure that all controllers are named in the ``FooController`` style.

Pull the identity service out of the auth module so that it can be
used separately. Wrap the service in a provider with properties
that applications can configure to adapt to different authentication
environments. These properties provide a way to configure injected
functions that the identity service can invoke in order to fulfill
requests from client applications for authorization grants without
tying the identity service itself to particular implementations of
sessions or authentication.

These resources are one resource on the backend. The pattern of
preserving object identity for the session response is unnecessary.
The identity module now listens for events on the root scope instead
of watching the session. The auth controller publishes the session
change directly and the auth directive is completely removed. Timeout
is handled in the controller.

Include the account and auth forms via a macro in the blocks template
so that all the dialogs can be overridden together and get rid of the
``show-account`` directive.

@pkra informs us that since we're "only support TeX-like input" we
should use this URL instead:

  https://github.com/hypothesis/h/pull/1532/files#r18140614

Besides potentially delaying the websocket connection unnecessarily,
this was causing a subtle race condition wherein the stream would
miss a digest and appear blank. Reasons are unclear, and may hide
dragons.

Close #1213

Close #867

Add math support

Multiple instances of Math in one annotation weren't rendering well. Put return in front of renderMath() recursive call.

Kill if !MathJax?

Remove unneeded math variable

Fix typo in forgetting to remove an instance of MathJaxFallback from the scope

Delete console.log error

Incorporates changes to the PDF plugin to support more recent PDF.js.

Updates PDF plugin and stops creating excess quote properties.

Now when we track down where the quote property on the target is
coming from (#1207) our search will still work.

Now there should be no code in the application that assumes the
existence of either of these.

Clean up unused code for bridge race conditions

If KaTex math rendering throws an error, load MathJax from the CDN and render
the math with MathJax.

Add KaTex javascript, CSS, and fonts to vendor folder.

Create a renderMath() function that parses sanitized markdown for math as denoted by '$$'

Modify ctrl.$render to first sanitize the markdown and then renderMath. Newly rendered
math is then trusted as HTML becuase otherwise ngSanatize removes crucial style attributes
that leave the math unreadable.

That syntax was not what I thought it was and had nasty issues when
there were no panes.