Support multiple signing secrets

[rmm5t]

What does it do?

• Adds StripeEvent.signing_secrets as a config option
• Adds support for multiple signing secrets
• Adds docs to README for multiple signing secret support (including possible use-case)

What else do you need to know?

• When multiple signing secrets are enabled, the webhook iterates over each of them looking for one that yields a matching signature for the body payload. Once a match is found, that secret is used for the subsequent verification check while constructing the new event object.
• When only one signing secret is enabled, the header verification is short-circuited (skipped) and the secret is passed directly to verification check that's done automatically when constructing a new event object.

Related Issues

• Closes #98

[coveralls]

Coverage remained the same at 100.0% when pulling 0c4063f87af69f52458a907b744572eac3549a9a on rmm5t:98-support-multiple-signing-secrets into ed518fa7adfaf822979ea720f7a6348e43bea372 on integrallis:master.

[coveralls]

Coverage remained the same at 100.0% when pulling 0c4063f87af69f52458a907b744572eac3549a9a on rmm5t:98-support-multiple-signing-secrets into ed518fa7adfaf822979ea720f7a6348e43bea372 on integrallis:master.

[coveralls]

Coverage remained the same at 100.0% when pulling 0c4063f87af69f52458a907b744572eac3549a9a on rmm5t:98-support-multiple-signing-secrets into ed518fa7adfaf822979ea720f7a6348e43bea372 on integrallis:master.

[coveralls]

Coverage remained the same at 100.0% when pulling 6997993246de90f30ee95b20a3dbfd42b19a79c6 on rmm5t:98-support-multiple-signing-secrets into ed518fa7adfaf822979ea720f7a6348e43bea372 on integrallis:master.