From c5163f89529b794c69b636e23faad5fdd20f5087 Mon Sep 17 00:00:00 2001
From: fulder <misad90@gmail.com>
Date: Wed, 26 Aug 2020 16:45:29 +0200
Subject: [PATCH] Throw exception on algorithm signature parameter and dervice
 algorithm mismatch

---
 httpsig/verify.py | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/httpsig/verify.py b/httpsig/verify.py
index 055a74a..7158c7b 100644
--- a/httpsig/verify.py
+++ b/httpsig/verify.py
@@ -90,6 +90,11 @@ def __init__(self, headers, secret, required_headers=None, method=None,
         self.path = path
         self.host = host
 
+        if 'algorithm' in self.auth_dict and self.auth_dict['algorithm'] != self.algorithm:
+            raise HttpSigException(
+                "Algorithm mismath, signature parameter algorithm was: {}, but algorithm dervice from key is: {}".format(
+                    self.auth_dict['algorithm'], self.algorithm))
+
         if self.auth_dict['algorithm'] != DEFAULT_ALGORITHM:
             print("Algorithm: {} is deprecated please update to {}".format(self.auth_dict['algorithm'], DEFAULT_ALGORITHM))
         elif self.auth_dict['algorithm'] == DEFAULT_ALGORITHM and sign_algorithm is None: