Pull the identity service out of the auth module so that it can be
used separately. Wrap the service in a provider with properties
that applications can configure to adapt to different authentication
environments. These properties provide a way to configure injected
functions that the identity service can invoke in order to fulfill
requests from client applications for authorization grants without
tying the identity service itself to particular implementations of
sessions or authentication.

These resources are one resource on the backend. The pattern of
preserving object identity for the session response is unnecessary.
The identity module now listens for events on the root scope instead
of watching the session. The auth controller publishes the session
change directly and the auth directive is completely removed. Timeout
is handled in the controller.

Include the account and auth forms via a macro in the blocks template
so that all the dialogs can be overridden together and get rid of the
``show-account`` directive.

@pkra informs us that since we're "only support TeX-like input" we
should use this URL instead:

  https://github.com/hypothesis/h/pull/1532/files#r18140614

Besides potentially delaying the websocket connection unnecessarily,
this was causing a subtle race condition wherein the stream would
miss a digest and appear blank. Reasons are unclear, and may hide
dragons.

Close #1213

Close #867

Add math support

Multiple instances of Math in one annotation weren't rendering well. Put return in front of renderMath() recursive call.

Kill if !MathJax?

Remove unneeded math variable

Fix typo in forgetting to remove an instance of MathJaxFallback from the scope

Delete console.log error

Incorporates changes to the PDF plugin to support more recent PDF.js.

Updates PDF plugin and stops creating excess quote properties.

Now when we track down where the quote property on the target is
coming from (#1207) our search will still work.

Now there should be no code in the application that assumes the
existence of either of these.

Clean up unused code for bridge race conditions

If KaTex math rendering throws an error, load MathJax from the CDN and render
the math with MathJax.

Add KaTex javascript, CSS, and fonts to vendor folder.

Create a renderMath() function that parses sanitized markdown for math as denoted by '$$'

Modify ctrl.$render to first sanitize the markdown and then renderMath. Newly rendered
math is then trusted as HTML becuase otherwise ngSanatize removes crucial style attributes
that leave the math unreadable.

That syntax was not what I thought it was and had nasty issues when
there were no panes.

Hypothes.is 0.3.2

Conflicts:
	CHANGES.txt

@aron if those tooltip attributes are used somewhere I can't find
them so please correct me, sorry.

Fix #1490

Add an (optional) third argument to the method
`formHelpers#applyValidationErrors()` that can take an error string,
``reason``, to set on the form itself, rather than any particular
field. Remove the duplicate code in the auth directive to reset
the response errors on each field, which is handled already in the
``form-input`` directive.

Rework application bootstrap.

The embed code has for some time been the place where our application
is bootstrapped. When we did the epub.js integration, we added query
parameters to the embed.js view to control which plugins were loaded
by each instance of the application (a widget host for the reader frame
and a slimmer guest annotator for the chapter frames).

Change the injection bundle to instead include a separate bootstrap
script. This has the nice benefit of ensuring that while we still use
yepnope or a similar technique for script injection that our bootstrap
code runs in the same global context as the application dependencies
whether or not the embed script is run in a normal context or a Chrome
extension content script context. The need for an inline script created
by the embed code is no longer, since it is a separate script fetched
from the server (it's bundled in production, inside the monolithic
hypothesis-assets.js).

Instead of passing the URI of the sidebar iframe by templating the
bootstrap script, the embed script adds a link tag to the page with
``rel=sidebar`` and ``type=application/annotator+html``, which the
bootstrap script looks for. This pattern fits nicely with the existing
role of ``rel=sidebar`` in Firefox and Opera and nicely decouples the
embeding and the bootstrapping.

Further customization that used to take place in the query parameters
is now done through ``window.hypothesisRole``, which can specify an
alternate constructor, and ``window.hypothesisConfig``, which can be
a function to configure the options passed to the constructor. This
function will be useful for Single Sign On options, too, as laid out
in #1437.

The destroy script from the Chrome extension is put alongside the new
bootstrap script, as they complement one another and are not extension
specific.