Update request.py to solely support SHA384 and update CHANGELOG.md

CHANGELOG.md

@@ -1,8 +1,5 @@
-### 0.3.0 / 2023-27-03 ###
-- Change the way the `transloadit` client is initialized. Now it is possible to pass the `sha_384` boolean parameter to the `Transloadit` class to enable the `sha_384` hash algorithm for the signature. The default value is `True` and the `sha_384` algorithm is used. The `sha_384` algorithm is recommended for new integrations and it is required for the new Transloadit accounts. The `sha_1` algorithm is deprecated and it will be removed in the future. For compatibility reasons it is possible to use `sha_1` with the `sha_384` parameter set to `False`. 
+### 0.2.2 / 2023-27-03 ###
 - Added `sha_384` as hash algorithm for the signature authentication.
-
-### Unreleased
 - Drop Python 3.6 from CI. It has been unsupported since December 2021 and github actions runner don't support anymore (https://github.com/actions/setup-python/issues/544)
 
 ### 0.2.1/ 2022-29-08 ###

transloadit/request.py

@@ -123,12 +123,8 @@ def _to_payload(self, data):
         return {"params": json_data, "signature": self._sign_data(json_data)}
 
     def _sign_data(self, message):
-        if not self.transloadit.sha_384:
-            return hmac.new(b(self.transloadit.auth_secret), message.encode("utf-8"), hashlib.sha1).hexdigest()
-
-        else:
-            hash_string = hmac.new(b(self.transloadit.auth_secret), message.encode("utf-8"), hashlib.sha384).hexdigest()
-            return f"sha384:{hash_string}"
+        hash_string = hmac.new(b(self.transloadit.auth_secret), message.encode("utf-8"), hashlib.sha384).hexdigest()
+        return f"sha384:{hash_string}"
 
     def _get_full_url(self, url):
         if url.startswith(("http://", "https://")):