[PERF-303] Integer XBlocks/XModules into the static asset pipeline.

This PR, based on hackathon work from Christina/Andy, implements a way to discover all installed XBlocks and XModules and to enumerate their public assets, then pulling them in during the collectstatic phase and hashing them.  In turn, the methods for generating URLs to resources will then returned the hashed name for assets, allowing them to be served from nginx/CDNs, and cached heavily.

This supports a number of their new Error features.

- Using jwt_decode_handler from edx-drf-extensions
- Updated djangorestframework-jwt
- Removed feature flag around JWT auth

ECOM-4221

- Updated django-oauth2-provider libraries
- Added test ensuring issued access tokens have the basic scopes needed to get user info

ECOM-4197

This reverts commit a796b563.

Conflicts:
	lms/envs/common.py
	openedx/core/djangoapps/theming/models.py
	pavelib/assets.py
	pavelib/paver_tests/test_assets.py

We use S3 for a number of uploads. Boto, by default, includes a auth querystring on the returned URLs. Since these uploads are public, there is no need for this querystring. Additionally, the long length URLs cause problems when API consumers need to store the URLs. This commit resolves this problem by removing the auth querystring.

- Updated to latest versions of boto and django-storages-redux packages
- Added AWS_QUERYSTRING_AUTH setting to remove the querystring values

ECOM-4081

We use S3 for a number of uploads. Boto, by default, includes a auth querystring on the returned URLs. Since these uploads are public, there is no need for this querystring. Additionally, the long length URLs cause problems when API consumers need to store the URLs. This commit resolves this problem by removing the auth querystring.

- Updated to latest versions of boto and django-storages-redux packages
- Added AWS_QUERYSTRING_AUTH setting to remove the querystring values

ECOM-4081

TNL-4296

- Update to latest version of watchdog.
- inotify doesn't work on nfs share in devstack. Use polling instead.
- Some editors (vim) do not trigger modify events in their default
  configuration. Rebuild assets on all filesystem changes, and debounce
  when changes happen too quickly.

ECOM-4016

Available backends:

* django-oauth-toolkit (DOT)
* django-oauth2-provider (DOP)

* Use provided client ID to select backend for
  * AccessToken requests
  * third party auth-token exchange
* Create adapters to isolate library-dependent functionality
* Handle django-oauth-toolkit tokens in edX DRF authenticator class

MA-1998
MA-2000

ziafazal: improvements need for multi-tenancy
ziafazal: fixed broken tests
ziafazal: no need to add setting in test.py
ziafazal: added hostname validation
ziafazal: changes after feedback from mattdrayer
ziafazal: fixed branding and microsite broken tests
ziafazal: make STATICFILES_DIRS to list
ziafazal: added theme directory to mako lookup for tests
ziafazal: added more protection in test_util
saleem-latif: Enable SCSS Overrides for Comprehensive Theming
saleem-latif: Incoporate feedback changes, Correct test failures, add tests and enable theming for django templates
saleem-latif: Correct errors in python tests
mattdrayer: Fix invalid release reference
mattdrayer: Update django-wiki reference to latest release
saleem-latif: Update Theme storages to work with Caching, Pipeline and collectstatic
saleem-latif: Incorporate feedback changes
mattdrayer: Pylint violation fix
mattdrayer: Fix broken pavelib test

The fork actually does include a commit that is not in the PyPI version.

ECOM-3833

Each of the replaced commits can be sourced from PyPI rather than Git. Also, django-pipeline does not need to be editable.

ECOM-3833

Also install djangorestframework-oauth 1.1.0 from PyPI

New package includes support for client credentials grant.

ECOM-3419

ccx-keys has been updated to use the edx-opaque-keys library from PyPI, rather than simply expect the package to be pre-installed. The edx-opaque-keys version has been bumped as it was updated to export test packages needed by ccx-keys.

The package formerly known as opaque-keys now lives on PyPI as edx-opaque-keys. Additionally, the zendesk requirement has been moved to the correct location.

This reverts commit 46df4545, reversing
changes made to 039e6cdf.

When creating profile images from an uploaded file, ensure that EXIF
orientation information is preserved, so profile images appear
right-side-up.

https://openedx.atlassian.net/browse/MA-1559

ECOM-3419