Replace the `Meteor._insecureExceptions` flag with
`Meteor._printDecryptionFailure` to more closely match livedata's
`Meteor._printSentDDP` and `Meteor._printReceivedDDP`. This also has
the advantage of not changing the behavior of the `open` function when
additional debugging is needed in development.
Have `OAuthEncryption.open` throw "decryption unsuccessful" on any
error to avoid allowing an attacker to break the encryption key by
observing the result of sending manipulated ciphertexts.
Add oauth-encryption and the oauthSecretKey config options to the docs
page.
Update history.
More documentation on functions.
Use `OAuth.sealSecret(...)` instead of `{seal: ...}`.
Rename OAuth._openSecret(s) to OAuth.openSecret(s).
In the readme describing how to generate a key, just use Node instead
of going through the hassle of creating a Meteor application.
Have the `oauth` package weakly depend on `oauth-encryption` for when
it's being used without accounts.
Add tips on using oauth-encryption without accounts to the readme.
database.
"Oauth" is renamed to "OAuth". "Oauth" is kept as an alias for
backwards compatibility.
README.md contains a sample description of how to generate and use the
oauthSecretKey, which might be incorporated into the wiki
documentation page.
