(develop) Added User-Agent in graph.py to prevent server blocking

[jeroenlicht]

Many websites are configured to block requests with a missing User-Agent
For me this was causing an error for FETCH_HTTP_NODE on validating my assertion json url:
"Unknown Content-Type (Not image/png or image/svg+xml)"

It was solved after adding
'User-Agent': 'Open Badges Validator Core'
to the headers on line 40 of verifier/tasks/graph.py

[ottonomy]

Thanks, @jeroenlicht. CC: @mumitr0ll I'm not against these suggested changes, though it is probably something worth of a spec errata discussion in the workgroup (and ideally somebody could do the work to merge together all the suggested changes into one combined PR for discussion, though I suspect @jeroenlicht you used the github in-browser UI to create these, and multi-file edits would have been more difficult). The spec and its conformance requirements do not mention any option for Open Badges issuer role applications to not serve requests that do not have a user agent header. In fact, because the conformance suite includes the unpatched validator, such an issuer implementation would not currently pass IMS conformance tests, so it's up to the workgroup as to whether the described server feature that it could be "configured to block requests with a missing User-Agent" header would be compatible with the spec. To my reading, the Accept header is the only header specifically mentioned by the spec that the validation request SHOULD include.

(if we go forward with this, I suggest we follow the recommended User-Agent string formatting suggested at MDN, which is User-Agent: <product> / <product-version> <comment>)

[jeroenlicht]

Thank you for the quick response @ottonomy , as well as for the suggestion for a better agent name.
Indeed I've been using the browser UI for these changes after a weekend of searching for why my assertions were not validating. Initially just this one, but then while I was at it anyway, I decided to also included commits for the other get requests I could find in the code.
I can understand that it might be better for Open Badges service providers if all Open Badges issuers can be assumed to handle requests without the user-agent header, and I will contact my hosting provider to ask whether and how we could add exceptions for the Open Badges endpoints.
However, if it is decided that the issuer should be forced to accept request without a user-agent header, may I suggest adding an extra check for this in the validor to give a more informative feedback about this to other Open Badges issuers who might run into the same problem?