OAuth - embedding client secret in your application?

Question

I\'m looking at the oauth implementation twitter proposes here:

https://dev.twitter.com/docs/auth/oauth

and oauth libraries like signpost:

Answer 1

There are no ways of storing client credentials in a native or JavaScript application without making them practically public. Also, putting those credentials on a proxy server and having the client talk to the server (so that the credentials are not exposed) doesn't really solve anything either. Now you have a problem of authenticating the client to the proxy.

The right solution is to have special support for native applications provided by the OAuth service. OAuth 2.0 uses pre-registered redirection URIs and other techniques to accomplish a reasonable client identity verification for such clients.