> I have the same question. I need to add Twitter OAuth to my widely > distributed PHP based open-source CMS add-on. All the documentation > says never ever distribute your consumer secret, which I understand > why this would be a bad idea. Yet all of the documentation/examples I > have found require that the consumer secret be hard-coded into the > source. > > The closes thing I have found, that doesn't require the consumer > secret embedded in the source, is a description of how it might work, > http://groups.google.com/group/twitter-development-talk/browse_thread/thread/c18ade9d86c8b239 > But, I cannot find any docs/examples where this scenario has actually > been implemented.
It does exist. While I can't speak for Twitter and whatever internal issues are slowing up its rollout, TTYtter has been a test bed for the key exchange for some time now. Most of the users have found the process painless. You can see how a sample workflow works in the documentation, or try it yourself. The app itself is open Perl. http://www.floodgap.com/software/ttytter/ I'm sure Taylor will comment on what will be happening to roll it out to more potential consumers. -- ------------------------------------ personal: http://www.cameronkaiser.com/ -- Cameron Kaiser * Floodgap Systems * www.floodgap.com * ckai...@floodgap.com -- People are weird. -- Law & Order SVU ---------------------------------------