Andrew, The Consumer Secret is the key that has to be associated with my application so that it can authenticate to Twitter. Regardless of how I distribute it, I still have to distribute it with the source code in order for the source code to work.
No amount of abstraction will prevent someone from analyzing the source and being able to retrieve the Consumer Secret. In a closed-source project, this is less of an issue. For open-source projects, this is a pretty big problem. Regards, Duane On Jul 1, 9:32 am, Andrew Badera <[email protected]> wrote: > The secret should not reside in code. The secret should reside in a > config file, or maybe even a machine datastore. Abstract it out, no > one ever needs to see anything secret in your code.
