kajje - 7:18 am on Sep 24, 2010 (gmt 0)
Oauth gives far more security than the older traditional way.
Being afraid that consumer keys and secrets would be embedded (as in hardcoded) into applications is plain old bulx. Applications would not be too versatile when embedding keys.
Embedding keys will allow the application to post Twitter updates to the application writer's own Twitter account, and not in the account of the enduser. Why on earth he would want to do that anyway.
I digged into Oauth a couple weeks ago, as the Twitter integration in my website was - of course - not working anymore.
After 2 weeks of testing, my application easily integrates into Twitter, Foursquare and LinkedIN. Oauth initially gave me headaches, after you write a decent frontend for it, it works fine and opens a lot more doors!
I now use 1 single script to add applications, generate/get/store consumer/access/token keys/secrets and post to Twitter/Foursquare.
Great cool extra functionality to show your own Application Name as well as the possibility to add geolocation to your tweets. I love it!
I added LinkedIN functionality just this morning in less than 5 minutes. I'm not going to use it probably, but it was worth the effort.
Seems that Facebook integration will take another approach for me as they use Oauth V2 instead of V1.
Once you go Oauth, you stay there!
A good tip for people starting with Oauth, watch out for your variable names. I cannot count how many times I wrongly typed 'oath' in my scripts rather than 'oauth'