I have the same question. I need to add Twitter OAuth to my widely
distributed PHP based open-source CMS add-on. All the documentation
says never ever distribute your consumer secret, which I understand
why this would be a bad idea. Yet all of the documentation/examples I
have found require that the consumer secret be hard-coded into the

The closes thing I have found, that doesn't require the consumer
secret embedded in the source, is a description of how it might work,
But, I cannot find any docs/examples where this scenario has actually
been implemented.

On Jul 23, 6:06 am, MindcrimeNL <hostmas...@gab-ev.de> wrote:
> I'm sorry if this has been asked before:
> I've written a twitter module for ClanSphere Clan CMS and I'm now
> converting it to use OAuth.
> I finally got it working, but I have question about theConsumerSecret.
> I registered the application under my twitter account and obtained 
> aConsumerKey andConsumerSecret.
> The module is (will be) publicly available for download and webmasters
> just have to install the module in their own ClanSphere Clan CMS to be
> able to use it and make it possible for all users on their website to
> post tweets via that module.
> But, to prevent the hassle of all these webmasters, so that they not
> need to register an application on their own and install their ownConsumerKey 
> andConsumerSecret. How do I make it possible that every
> can make use of my registered application? As I understand from the
> name, theConsumerSecretis "secret", so I should not distribute it
> to the community...
> Every user should (as access tokens currently don't expire) only need
> to allow my application only once, in order to be able to use the
> twitter module:
> "An application would like to connect to your account
> The application ClanSphere Module by Mindcrime, Geh aB Clan would like
> the ability to access and update your data on Twitter. Not using
> Twitter? Sign up and Join the Conversation!
> Sorry, but a lot of the webmasters, using CMS systems, don't know
> anything about code/PHPand are just capable of uploading some
> files... I would not like to think that I have to explain to them how
> to register the application in Twitter and change the code in the
> correct place...
> How can anyone make a public module that way?
> Thanks for the help...

Reply via email to