Replace all Client oAuth providers

[cKellyDesign]

For step 2 and 3 of resolving this fire: https://onaio.slack.com/archives/C0FTTFHB2/p1580492134007900

• [x] :eyes: globalcommunities (PR)
• [x] :hammer: 🛑 idairecovery-zimbabwe (PR)
• [x] :lock: cpims-cambodia (PR)
• [x] :lock: dppsomalia (PR)
• [x] :lock: hpm-tonga

🛑 = Blocked for some reason (see link) :lock: = Old provider is deleted and new provider is created :hammer: = In progress of switching to new provider :eyes: = Needs QA :bow_and_arrow: = Ready to deploy :rocket: = Deployed

[cKellyDesign]

The Problem

The oAuth2 Client ID has been exposed publicly because we pasted an ID directly into our code instead of pulling the sensitive information from process.env.

The Solution

1. Install dotenv-webpack into the client repository with yarn add dotenv-webpack -D

2. Update the client webpack.config.js to use dotenv-webpack

3. Add .env to the .gitignore file (DO NOT FORGET THIS STEP)

4. Add an .env file to the root directory of the client repo with a single variable: REACT_APP_GISIDA_CANOPY_CLIENT_ID=<[client_id](https://docs.google.com/spreadsheets/d/1io7LFhQj9kAJitLsjRNL2ae3pVIwezrHQnvhEBtdouk/edit?usp=sharing)>

5. Add an .env.sample file because it's best practice

6. Make sure the client's gisida-react-private branch is up-to-date with master

7. Run yarn start and QA the log-in process using the appropriate credentials

8. If the API request for the authConfig fails to load it means the current account does not have access to the config CSV and the form/group needs to be shared with the current account

9. QA layers pulling data from data Onadata and Superset

10. If the API requests for Onadata fail to load it means the current account does not have access to the client forms/groups associated with the layer

11. Once everything works, merge and deploy to all client instances (beta, dev, prod)

[cKellyDesign]

@kahummer @ciremusyoka @kelvin-muchiri - Can we close this? Did we need to also do hpm-tonga?