That's certainly a technical possibility. But I've got to create an authentication scheme for the users to log into my proxy. Then I have to set up hosting. Then I have to write a second application to handle the requests from my client and send the responses back. So "simply" is not an accurate characterization of what's required.
Furthermore, it burdens the users with additional steps (authenticating to the proxy) that users of closed-source applications don't have to do. For my project, individual developers will simply have to register for their own tokens with Twitter. When I package binaries for end-user distribution, I'll compile the "official" keys into the app. It's not a great solution, but it will have to do. On Sat, Jul 4, 2009 at 5:30 AM, Andrew Badera <and...@badera.us> wrote: > > I haven't done much "real" desktop OAuth, mostly web ... but can't you > simply proxy the request through your own server, and keep the secret > on your server, serving client requests centrally? > > > > >