I'm using Dropbox OAuth in my desktop application for uploading files. However, my app is open-source, so I have no idea how to store the app secret. If I don't hide it, any other program will be able to use my app identity.
I could include the separate header file (C++) with secret keys and don't distribute this header in my sources, but, in my opinion, such repository will look a bit inadequate (correct me if I'm wrong).
Any suggestions?
I think the typical thing to do here is to omit the app key and secret from your source and give people instructions for how to create their own app key and secret via the Dropbox website.