Say if I wanted to implement some service which requires OAuth2 authentication, how would I go about hiding the secret? The client ID, afaik, is not too important.
For example in the LastFM plugin, I require people to submit their own, but that isn’t good practice. I can’t write C++, so writing code that isn’t easily decompiled is difficult.
Or maybe a single binary can be written with all client ID’s and secrets, just for authenticating services for Volumio. That way plugin makers only need to reference that binary and call it’s public functions (with credentials); whereas that binary will make the call to the API providing the plugin with the token.
Thanks and happy Easter all!