Change UI for Elife.

See https://github.com/hypothesis/product-backlog/issues/350

Add config options for the following:

disableToolbarCloseBtn: false/true
Disables and hides the close button on the toolbar

disableToolbarMinimizeBtn: true/false
Disables and hides the minimize button on the toolbar

disableToolbarHighlightsBtn: true/false
Disables and hides the highlights button on the toolbar

disableToolbarNewNoteBtn: true/false
Disables and hides the new note button on the toolbar

disableBucketBar: true/false
Disables and hides the bucket bar

enableSidebarDropShadow: true/false
Turns on the dropshadow for the sidebar

theme: 'clean'
Turns on the 'clean' theme for the sidebar. By default the classic view(with annotation cards) is turned on, which the rest of the Hypothesis users will see.

usernameUrl: 'someurl/'
The url to direct a user to when their username in the annotation is clicked.

Remove form-input and form-validate directives

Coalesce anchoring status updates

Respond to CR feedback that the function of this code was unclear.

Profiling the test case in #556 showed significant overhead from the
processing involved in or triggered by each `UPDATE_ANCHOR_STATUS`
action handled by the store. Previously one `UPDATE_ANCHOR_STATUS`
action was dispatched for each annotation whose anchoring status
changed.

Improve the situation by making the `UPDATE_ANCHOR_STATUS` action handle
updates for multiple annotations at once and modifying the `frameSync`
service to coalesce anchoring status updates from the host page into
a smaller number of `UPDATE_ANCHOR_STATUS` actions.

Fixes #556

Historically annotations did not have local tags until after they had
been anchored in the page.

This is no longer the case as annotations are assigned local tags as
soon as they are added into the app state by ADD_ANNOTATIONS.

Therefore, it is no longer necessary for the UPDATE_ANCHOR_STATUS action
to support updating the tags of annotations or to support identifying
the annotation which has been anchored by its ID instead of its tag.

This is unused since the removal of the login form from the sidebar app.

This is now unused

These directives were used only by the inline login form which was
removed as part of the removal of cookie auth support.

There are still a couple of references to "form-input" in templates but
these are CSS classes used for styling purposes.

Remove cookie auth related code

Update docstrings in response to CR feedback. In particular, document
parameter and return types more clearly.

This is now obsolete since login always happens in a popup window.

Add missing page index bounds check

Strip unknown query params when generating Internet Archive embed URLs

Add OAuth client registration steps to developer docs

These tests previously existed for the cookie-based auth but needed to
be re-implemented following the switch-over to OAuth.

These dependencies are no longer used following the removal of the
legacy cookie auth and JWT-based API tokens.

After OAuth tokens are changed by another tab, a `session.load()` call
is needed to actually fetch an updated profile.

The `store.profile.read` operation which fetches the profile is done in
a loop until it succeeds, on the basis that network requests may fail if
connectivity is intermittent. The `update` step should always succeed
however, so move it out of the loop.

This token is not fetched from the service or sent to any requests to
the service when using OAuth.

This was only used when using cookie-based authentication

This commit removes several tests that are still relevant for OAuth,
such as caching of profile data. These will be re-implemented in a
subsequent commit.

Remove the runtime switching between cookie and OAuth authentication.

As long as we are using Yarn as the official way to manage exact
versions of the client, ignore npm v5+ lockfiles in the source tree.

The client uses Yarn rather than `npm` for package management. Having
the npm v5 lockfile present creates opportunities for the npm and Yarn
lockfiles to disagree on which versions of packages to install.

This happened with 'babelify' (v6.x in the npm lockfile, v7.x in Yarn).

When anchoring an annotation with a position and a quote selector, if
the position selector fails, then PDF anchoring searches page contents
starting with those pages nearest the position.

If the position selector's `start` offset was greater than the length of
the PDF's text, `prioritizePages` would try to fetch the text of page
indexes beyond the valid range, causing PDF.js to throw an exception and
quote anchoring to fail.

Fix this by adding a missing bounds check.

This is a partial fix for #558. It fixes anchoring of one of two test
annotations on that page. The other fails due to differences in the
extracted text between the HTML and PDF versions of the article.

Internet Archive details pages may include params in the query string
as well as "start" and "end" params in the path. In that case invalid
URLs were being generated.

Use a more robust approach to generating embed URLs and add some missing
test cases. Any unrecognized query params are ignored when generating
the embed URLs.