I want to do Linkedin Auth in my app. But all libs or sample codes requires a client secret like this: https://gist.github.com/manoj-nama/bb27ac7d22a4ad242022f1ef210b412b
Isn't this dangerous? People can just decode the app, get js bundle and grab the secret.
Yes, keeping secrets within a mobile application is not a good idea. Such information can be easily extracted from the application. To accomplish such tasks, you need to use a back-end.