I have the same question. I need to add Twitter OAuth to my widely distributed PHP based open-source CMS add-on. All the documentation says never ever distribute your consumer secret, which I understand why this would be a bad idea. Yet all of the documentation/examples I have found require that the consumer secret be hard-coded into the source.
The closes thing I have found, that doesn't require the consumer secret embedded in the source, is a description of how it might work, http://groups.google.com/group/twitter-development-talk/browse_thread/thread/c18ade9d86c8b239 But, I cannot find any docs/examples where this scenario has actually been implemented. On Jul 23, 6:06 am, MindcrimeNL <hostmas...@gab-ev.de> wrote: > I'm sorry if this has been asked before: > > I've written a twitter module for ClanSphere Clan CMS and I'm now > converting it to use OAuth. > I finally got it working, but I have question about theConsumerSecret. > > I registered the application under my twitter account and obtained > aConsumerKey andConsumerSecret. > > The module is (will be) publicly available for download and webmasters > just have to install the module in their own ClanSphere Clan CMS to be > able to use it and make it possible for all users on their website to > post tweets via that module. > > But, to prevent the hassle of all these webmasters, so that they not > need to register an application on their own and install their ownConsumerKey > andConsumerSecret. How do I make it possible that every > can make use of my registered application? As I understand from the > name, theConsumerSecretis "secret", so I should not distribute it > to the community... > > Every user should (as access tokens currently don't expire) only need > to allow my application only once, in order to be able to use the > twitter module: > "An application would like to connect to your account > The application ClanSphere Module by Mindcrime, Geh aB Clan would like > the ability to access and update your data on Twitter. Not using > Twitter? Sign up and Join the Conversation! > > ALLOW | DENY" > > Sorry, but a lot of the webmasters, using CMS systems, don't know > anything about code/PHPand are just capable of uploading some > files... I would not like to think that I have to explain to them how > to register the application in Twitter and change the code in the > correct place... > > How can anyone make a public module that way? > > Thanks for the help...
