This adopts usage of the WebCrypto Api based connect-js library
as tracked on
anvilresearch/connect-js#7 (comment)
With this most API methods are now returning promises.

Summary of other  changes:

* Use npm and browserify to consume connect-js
* Adopt latest anvil cli

The changes were made over a period of time. Here are some of the more
notable original commits with comments:

COMMIT: callback_popup to check whether opener is available
COMMIT: index.html shows userInfo.name may not be available
COMMIT: add APP_AUTH_CALLBACK variable
COMMIT: establish scope.session in SigninCtrl and MainCtrl
COMMIT: scope to requireScope profile instead of realm
COMMIT: adopt new cli
COMMIT: Handle disconnected popup in passwordless login.

The passwordless login method sends the user a link in an email. When
the user follows this link a new browser window opens.

However the original popup window will not redirect and remains open
with a page allowing to resend the link.

The connect-js library was changed to handle this case so that it would
expect the page which is opened when the email link is followed
to handle the callback so that the session is populated appropriately
in localStorage.

connect-js now listens for that and then closes the popup window.
It also expect the email page to close itself.

This may not work for all browsers.  I did see this work in Chrome and Safari
but fail in Firefox.
Note that the popup Callback should behave in the same way it it is
redirected by the server, which happens when other authentication
methods are used.

This also adds the newer dependencies and improves logging similar to
how it was done in connect-js.

COMMIT: refresh angular app on passwordless login
COMMIT: adding jspm bundle-sfx for demo

COMMIT: Manual angular bootstrap

This was to avoid issue systemjs/systemjs#1032

COMMIT: Switch to using npm and browserify

This now requires anvil-connect-js ^0.2

bower is still used for shims and bootstrap.

Some bugs were addressed found during manual testing.
Also added more logging using bows.

COMMIT: Added section Get connect-js client libraries

I am uncertain about the remainder of the doc, but it looked OK to me at
first glance although I have not done a client registration for quite some
time.

Reverses usage of location.href in app.js in favor of $location.url.

Also fixes refresh problem when the destination was not visited.

Previously for example after signin the callback url would remain
the browsers location. Now angular properly takes the changes made
to the Url into account.

Files in /app.config/ are now generated on grunt config
based on the templates in /app.config.templ/* and the
corresponding variables in /authconfig.json
authconfig.json contains variables describing the
issuer (connect server) and the server the app will run
on as wells as other registration information.

After `grunt config` there are 2 files in /app.config:

1. /app.config/anvil-config.js which is used by app/scripts/*.js files
to configure the Anvil client library.

2. /app.config/register_with_anvil_connect.sh is a shell
script which registers this client with the server using the `nvl`
command line.

This change allows to to have to eliminate intermediate copies
of all app files which where previously in app.browser.

Now /app.browser is used primarily to save dev-bundles generated
by browserify. See npm run watchify to keep these up to date.
In addition index.html still uses config values for declaring the
session management iframes in particular for the op
iframe.

Forked webcrypto-shim to add  package.json so it can be consumed:
`npm  install --save-dev henrjk/webcrypto-shim#add-package-json`

Remove no longer used script replace-client-id

The script issues a lengthy nvl client:register command.
Before when errors occurred one could not see the nvl output.

Changed the script to write stdout and stderr of the
nvl client:register command to file `nvl.log`.

One can see further details in that file which should
help quite a bit although relevant messages might be
quite buried. Anyways this should be good enough!

Fixed issues:
* npm run watchify would not provide source maps in bundles
* live reload not working when config changed

This requires popup anvil-connect-js version 0.2.4 for refresh to
work.

The changes here use the 'not-authenticated' event introduced in
anvil-connect-js 0.2.5 as well as the 'authenticated' event.

Also added some rp logging and calling Anvil#checkSession every 5 seconds.

1. npm run clean-all was missing rimraf
2. npm run config can now be used to