LtiOauthSigner does not include oauth_body_hash #20
Description
When signing a request, LtiOauthSigner does not add oauth_body_hash to the Authorization header.
Some Lti Consumers require the oauth_body_hash in order to validate an Lti request.
LtiOauthSigner should have an option to include oauth_body_hash, and it should be on by default.
Side note:
I have no idea what purpose it serves. Further, since GET requests have an empty body, the oauth_body_hash will always have the same hash: 2jmj7l5rSw0yVb%2FvlWAYkK%2FYBwk%3D