Update GitHub authentication to remove URL query parameters

[vaidehijoshi]

Describe the bug

While authenticating with GitHub in my local environment, I got an email that alerted me to a deprecation in how we auth with the GitHub API.

As it turns out, we use a query parameter to access the /user endpoint in a few places (for example, when we do something like client = Octokit::Client.new(access_token: token).

This has been deprecated, and GitHub's email to me suggests that we change it to avoid getting email reminders every time we auth with them: "Please use the Authorization HTTP header instead as using the access_token query parameter is deprecated."

We need to go through and update all our uses of the access_token query param, since it is now deprecated. See the related documentation here.

To Reproduce

You should get an email from GitHub (provided you have your ENV vars set) that indicates this deprecation if you auth locally, just like I did!

Expected behavior

Kind of goes without saying, but probably we want our auth flow to be updated 😸

[rhymes]

I wonder if this has any impact in the integration between Devise and omniauth/omniauth-github, which is largely transparent for us but we use for login

(omniauth-github is an abandoned project: https://github.com/omniauth/omniauth-github)