Use fixed list of ciphers

[KapJI]

Compare to DEFAULT_CIPHERS I removed ECDH+AESGCM and DH+AESGCM, they don't seem to be required. My tests show that all other ciphers are required.

We've got many people who are unable to authorize and get master token: leikoilja/ha-google-home#95

It turns out that other libraries may alter DEFAULT_CIPHERS: example. This has already been fixed but I think gpsoauth shouldn't depend on DEFAULT_CIPHERS which may also change in the new releases of urllib3.

This will make gpsoauth more robust.

[simon-weber]

Interesting. When this got merged my original motivation was to try and avoid maintaining a copy of DEFAULT_CIPHERS, since I figured the urllib3 people are more likely to be on top of what's secure than we are. Mostly, I didn't want to be responsible for people's Google accounts getting hacked 😬

Thinking about it again, Google can change what they accept at any point, and will probably be on top of blocking anything that's insecure. So, I think I'm ok with keeping our own list. Maybe I'll make a note to check it against urllib3's list every now and then.

[KapJI]

@simon-weber Thanks for reviewing all my PRs! I think this is all I wanted to do here, can you release the new version please? 🙂