Support for SHA256 signature method

[madalinoprea]

Hey,

Is there a reason why SHA256 is not registered as an accepted signature method?

When I'm trying to authenticate a LTI launch request signed with SHA256 I'm getting an error from \IMSGlobal\LTI\OAuth\OAuthServer::get_signature_method that only SHA1 can be used.

If we add this line to https://github.com/IMSGlobal/LTI-Tool-Provider-Library-PHP/blob/master/src/ToolProvider/ToolProvider.php#L772 everything works as expected:

$server->add_signature_method(new OAuth\OAuthSignatureMethod_HMAC_SHA256());

Is there a way to configure ToolProvider to accept this signature method?

Thanks,
Mario