This has been enabled for all users for many months now.

Add config option to enable the new note button when the notes tab is selected.

Re-arrange OAuth service tests

Move the tests for fetching and persistence of tokens from/to storage
into the `describe('#tokenGetter', ...` block since this is the method
called from outside the service that initiates the fetching /
persistence.

Also reword a couple of the test cases to be clearer now that the OAuth
service now handles fetching tokens using methods other than exchanging
grant tokens.

Change UI for Elife.

See https://github.com/hypothesis/product-backlog/issues/350

Add config options for the following:

disableToolbarCloseBtn: false/true
Disables and hides the close button on the toolbar

disableToolbarMinimizeBtn: true/false
Disables and hides the minimize button on the toolbar

disableToolbarHighlightsBtn: true/false
Disables and hides the highlights button on the toolbar

disableToolbarNewNoteBtn: true/false
Disables and hides the new note button on the toolbar

disableBucketBar: true/false
Disables and hides the bucket bar

enableSidebarDropShadow: true/false
Turns on the dropshadow for the sidebar

theme: 'clean'
Turns on the 'clean' theme for the sidebar. By default the classic view(with annotation cards) is turned on, which the rest of the Hypothesis users will see.

usernameUrl: 'someurl/'
The url to direct a user to when their username in the annotation is clicked.

Remove form-input and form-validate directives

Coalesce anchoring status updates

Respond to CR feedback that the function of this code was unclear.

Profiling the test case in #556 showed significant overhead from the
processing involved in or triggered by each `UPDATE_ANCHOR_STATUS`
action handled by the store. Previously one `UPDATE_ANCHOR_STATUS`
action was dispatched for each annotation whose anchoring status
changed.

Improve the situation by making the `UPDATE_ANCHOR_STATUS` action handle
updates for multiple annotations at once and modifying the `frameSync`
service to coalesce anchoring status updates from the host page into
a smaller number of `UPDATE_ANCHOR_STATUS` actions.

Fixes #556

Historically annotations did not have local tags until after they had
been anchored in the page.

This is no longer the case as annotations are assigned local tags as
soon as they are added into the app state by ADD_ANNOTATIONS.

Therefore, it is no longer necessary for the UPDATE_ANCHOR_STATUS action
to support updating the tags of annotations or to support identifying
the annotation which has been anchored by its ID instead of its tag.

This is unused since the removal of the login form from the sidebar app.

This is now unused

These directives were used only by the inline login form which was
removed as part of the removal of cookie auth support.

There are still a couple of references to "form-input" in templates but
these are CSS classes used for styling purposes.

Remove cookie auth related code

Update docstrings in response to CR feedback. In particular, document
parameter and return types more clearly.

This is now obsolete since login always happens in a popup window.

Add missing page index bounds check

Strip unknown query params when generating Internet Archive embed URLs

Add OAuth client registration steps to developer docs

These tests previously existed for the cookie-based auth but needed to
be re-implemented following the switch-over to OAuth.

These dependencies are no longer used following the removal of the
legacy cookie auth and JWT-based API tokens.

After OAuth tokens are changed by another tab, a `session.load()` call
is needed to actually fetch an updated profile.

The `store.profile.read` operation which fetches the profile is done in
a loop until it succeeds, on the basis that network requests may fail if
connectivity is intermittent. The `update` step should always succeed
however, so move it out of the loop.

This token is not fetched from the service or sent to any requests to
the service when using OAuth.

This was only used when using cookie-based authentication

This commit removes several tests that are still relevant for OAuth,
such as caching of profile data. These will be re-implemented in a
subsequent commit.

Remove the runtime switching between cookie and OAuth authentication.