the concept of 'client secrets' for desktop apps (anything that uses the named pipe) is pretty nonsensical; it's easy to impersonate any of these - if it's absolutely necessary, there are better ways to do it.
For example, Logitech hides the app secret by having an AWS lambda that takes a code, talks to Discord's API, and returns an access token. I could trivially impersonate logitech's app by calling their AWS endpoint. This is not an implementation problem, this architecture is inappropriate for desktop apps.
(1) ideally remove the whole concept of client secrets from IPC. AUTHORIZE could return a directly usable token
(2) if you absolutely want this for some reason, you could identify the program on the other end of the pipe (e.g. via GetNamedPipeClientProcessId on Windows, getsockopt with SO_PEERCRED on linux, and LOCAL_PEERCRED on macos), and require that it be signed with a public key listed on the developer portal.
(2) doesn't help against actively malicious programs, given that they could interfere with the main discord process instead of using the API
U moet u aanmelden om een opmerking te plaatsen.