JSON: include another signature header
If a "secret" has been set, compute and include an additional
signature header with the JSON POST push notification.
The signature is not complicated, it's simply the lowercase
hexadecimal representation of the HMAC as described in RFC 2104
<https://tools.ietf.org/html/rfc2104> where the "secret" provides
the "secret key K" and the body of the POST provides the "data
'text'" for the computation.
With this addition the original SHA1-based HMAC signature continues
to be included but now too an additional SHA256-based HMAC signature.
Signed-off-by: Kyle J. McKay <mackyle@gmail.com>