I'm not talking about a -library-.  I'm talking about a -client-.  If
I want to produce a Twitter client, it needs its own Consumer Key and
Consumer Key Secret.  If want to share the source code for that
client, I will also have to share it's Consumer Key and Consumer Key

You seem to know what you're talking about; perhaps you have a
solution.  I have written a Twitter client.  This client is registered
with Twitter for OAuth.  How do I share the source code without
exposing the Consumer Key Secret and still allow the end users to


On Jul 1, 10:48 am, Andrew Badera <> wrote:
> Yes, but don't distribute it. Obviously config files are human
> readable, but you blank out secrets before publishing them.
> People using open source libraries will have to get their own keys.
> So, either you really are contributing in the spirit of open source,
> and you don't care about getting credit, or you're doing it for self
> promotional purposes, and the conversation is moot anyhow.
> "You" being any person worried about keys and open sourcing their libraries.
> On Wed, Jul 1, 2009 at 10:39 AM, Cameron Kaiser<> wrote:
> >> The secret should not reside in code. The secret should reside in a
> >> config file, or maybe even a machine datastore. Abstract it out, no
> >> one ever needs to see anything secret in your code.
> > That's not workable. It has to be publicly accessible somehow.
> > --
> > ------------------------------------ 
> > personal:
> >  Cameron Kaiser * Floodgap Systems **
> > -- He hadn't a single redeeming vice. -- Oscar Wilde 
> > --------------------------

Reply via email to