This moves the assignment of params.email from the primary-controlled
URL hash (#CREATE_EMAIL= and #ADD_EMAIL=) into the verification block,
and adds bid.verifyEmail() to check them. Closes bug 758449.

* Add the startExternalDependencies option when initializing the dialog controller, if set to false, no external dependencies are loaded.  Used for testing.
* Add a new test to check for script containing emails.
* Add unit tests for tosURL and privacyURL.
* Add a testHelpers.testErrorNotVisible
* Removed the actions.js->doError and its tests, it is no longer used.

Since validation is done earlier, invalid addresses are reported as with
renderError() instead of startAction("doError"). So the tests which
watch for doError are now failing (the frontend tests named
"resources/state: start with invalid requiredEmail - print error screen"
and "resources/state: start with empty requiredEmail - prints error
screen". I don't know how to make them watch for renderError() instead.

One upside of this patch is that @stomlinson told me the three-argument
to startAction("doError"..) in state.js was a bug, as it only accepts
two real arguments. Removing it is even easier than fixing it.

Generalize fix by adding to fixupURL.  fixupURL is used to clean all URLs that come from outside the dialog.

* Remove checks, tests and strings.

issue #1188

Fixing up a bunch of cancel primary verification flows. This is when a user is verifying with a primary and they hit ccancel and are redirected back to BrowserID.

Flows:

* Required email cancel.
* Cancel add user to current account.
* Cancel create new user.

Others Items added.

* Add a "cancel" button to the sample RP.
* Defer how state should be handled for primary user verification from dialog to state.

issue #983
issue #1036

* Pull out core state machine code from the original state_machine.js.
* Update code and tests for use in new state machine.
* Add new state_machine core.
* Add history.
* Add command.
* Update tests.
* Rename resources/state_machine to resources/state

This should simplify a lot of these "cancel email verification" problems.

* Pull out core state machine code from the original state_machine.js.
* Update code and tests for use in new state machine.
* Add new state_machine core.
* Add history.
* Add command.
* Update tests.
* Rename resources/state_machine to resources/state

This should simplify a lot of these "cancel email verification" problems.

disable 'online' check.  too many false positives to be useful.  closes #719 (@shane-tomlinson - I went for a minimal fix given we're branching the beta train right after this commit.  feel free to clean up)

disable 'online' check.  too many false positives to be useful.  closes #719 (@shane-tomlinson - I went for a minimal fix given we're branching the beta train right after this commit.  feel free to clean up)

* Added a new controller, primary_user_provisioned.
* Slimmed down user.provisionPrimaryUser so that it does not authenticate users.
* Using ADD_EMAIL and CREATE_EMAIL as the hash when redirecting back from an IdP as bits of state.

fix issue where when allowPersistent is true, and the user is not authenticated to browserid, they wouldn't be shown the 'keep me signed in' checkbox - closes #776 (presumably a regression introduce in f9ab1ba9 ?)

* Renaming a bunch of the templates to use _ instead of camelCase.

* A lot of cleanup and test adding for handling primary users.
* Trying to genericize a lot of the message names and leave the state machine decide on state.
* Simplifying the ActionsMock in state_machine_unit_test.
* Loads of file renames to make easier to read.

* Hacktastic and minimal tests - loads of tests needed.
* Assume if the #EMAIL=<email> hash is specified on the URL, then try provisioning the user.
* Fixed all previously broken, non-completing tests.
* Added several new controllers - email_chosen, provision_primary_user, verify_primary_user.

* Before redirecting to the IdP, shut down all modules, close the channel.
* Update tests to pass from breakages.

* Adding a window Mock.
* Adding a new template for the "you've gotta verify" screen.
* Hooking up the logic to redirect - which closes the window.

* Add network.authenticateWithAssertion and related tests.
* On signup page, start the redirection code to verify with primary in new tab.
* in network.js, rename all the onSuccess to onComplete for clarity.
* Simplify tests for primary user provisioning while "not authenticated".
* Generate fake keys/certs in the provisioning mock.
* Save off the keypair/cert given to us by the provisioning frame before getting an assertion.
* Generate an assertion and log the user in on primary provisioning success.

revived the navigator.id.channel, as well as the #NATIVE and #INTERNAL indications that internal APIs are about to be called

* Adding getCodeVersion to network.
* Adding error messages for if session_context fails during getCodeVersion.
* Adding a code check module.
* Updating start so that most modules are only registered whenever code is up to date.
* If the scripts are out of date, append a new script to the head.
* Cleaning up the dialog module's interface with the channel.
* Updating the compression script.
* Splitting off the actions into its own page module/controller for easier testing.

issue #226
issue #687

close #754.

* Remove the state machine from the dialog module.
* Add unit tests for the state machine.
* The state machine has the ability to cancel any stage and go to the previous stage.
* All cancel_* messages are now "cancel_stage" for uniformity.
* Update all unit tests to create then start their modules.

* StealJS is still the script loader.
* Putting OpenAjax.hub into lib.
* Adding a Class/SubClass mechanism.
* Converting all controllers to be Subclassed from Modules.PageModule.
* All Modules are registered first, then created/started on demand.\

* Added forgotpassword_controller, forgotpassword.ejs, and forgotpassword_controller_unit_test.
* Updated the authenticate controller/template/tests to remove the forgotpassword stuff.
* Added several more tests to the authenticate suite.
* Hooking up the expanded forgot password flow for "required email".
* Unifying the styles between the "required email" screen and the normal flow.

issue #608

* Creating addemail_controller, addemail_controller_unit_tests, and addemail.ejs.
* Shrink down pickemail_controller, and pickemail.ejs.
* Update a lot of the pickemail_controller unit tests to be more complete.
* Account consolidation is again possible.

close #607
close #612

* Instead of using the JSMVC DOM binding methods, use ones defined in page_controller.
* On stop, auto remove all DOM events.
* Simplifying the creation of the pickemail controllers.

issue #609

unregister the dialog callbacks from relay frame so that on second click we wait for the new callbacks to be registered, fixes #589

* Cancel causes the user to go back to the previous screen.
* Cancel causes the network polling to stop.

close #587