Upgrade edx-oauth2-provider to v1.1.3

Convert to tag syntax for version

Grading uses Block Transformers

AC-484 changing aria- to data-, a to button

Fixed test default sort preference failing on chrome

Use SVG cert icon for program detail page certificate section

Allows staff using "view as specific student" mode to bypass edx-proctoring
hiding special exams from students, to allow for more useful debugging.

Includes "shim" pattern library implementation of alerts, and a bokchoy
test for this functionality.

Part of ECOM-4224.

Add back and fix missing discussion Jasmine tests

Edited docstring to have URL match urls.py

[PERF-341] Don't rewrite XBlock resource URLs.

For XBlocks that used their static.public resources in the rendered
output -- for example, a link to a bundled image -- those URLs would be
treated as course assets using the '/static/' prefix trick, and thus,
rewritten.  These rewritten URLs don't work because they aren't course
assets.

When course content authors are creating their courses, we provide them
a special shorthand way of writing URLs that reference assets they have
uploaded to the course. If they uploaded a file called my-lil-pony.mp4,
and they wanted to provide a link to it when users view the course, they
would use /static/my-lil-pony.mp4. This special prefix -- /static/ --
signals to the static_replace middleware that it's a course asset and we
should write /static/my-lil-pony.mp4 to a URL that properly references
the asset based on the course ID, and things like the configured asset
CDN, etc.

Thus, the URL /static/my-lil-pony.mp4 gets turned into something like:

/assets/courseware/<md5hash>/asset-v1:edX+Demo+2016T1+type@asset+block/my-lil-pony.mp4

when viewed in the courseware.

Now, we also serve actual static assets from a prefix of /static/. This
is stuff like our JavaScript and CSS, and the JS/CSS/etc of
XBlocks/XModules. These paths look like:

/static/js/lms-main_vendor.46d6a8c02600.js

or

/static/xblock/resources/xmodule.vertical_block/public/js/vertical_student_view.43727a907769.js

Normally, these paths are caught by nginx, before they reach the LMS,
and are served straight from the filesystem. However, if you were to
have one of these paths in your course content, the static_replace
middleware would see the /static/ at the front and immediately think
it's a course asset, and would dutifully rewrite the URL to something
like:

/assets/courseware/<md5hash>/asset-v1:edX+Demo+2016T1+type@asset+block/static_xblock_resources_xmodule.vertical_block_public_js_vertical_student_view.43727a907769.js

which is not a course asset, and so it will always fail to load.

Long story short, I changed the static_replace middleware to
specifically check to see if the path being matched starts with
/static/xblock/, and if so, it keeps the original instead of rewriting
it.

Fixed-up versioned assets implementation.

This reverts commit 9967b6fd.

Hackathon project: burn coffee

Revert "Upgrade edx-oauth2-provider to v1.1.2"

Upgrade edx-oauth2-provider to v1.1.2