On Wednesday, 23 September 2015 at 13:01:54 UTC, Rory McGuire wrote:
I think this should be on reddit either way. Perhaps someone will suggest a
way around the oauth2 limitation.
Having to generate new client secrets just to use an app that already exists seems like a mission, so providing a default set that work and the user can just make sure they get the original app seems more practical. i.e. download binary from a reputable place i.e. your distributions repos.


Also you are doing the same way everyone else does it; by prompting at the command line sooo....



I don't know to much about oauth2, but could we in theory add a layer of security by only allowing some client id that has a sort of checksum based on the source code of the application? I don't know how client ids are generated, but its just a thought.

Reply via email to