Let’s say, one day, you become insane and want to authorize your application to access a user’s data on Twitter. WITH OAUTH!
Twist!
A brief recap: OAuth authenticates an application. It ensures that a sequence of HTTP requests belong to exactly one person, which is hugely important if you’re providing a service API like Twitter is. Here we’ll present the OAuth with signed callback URLs, which is how Twitter provides OAuth for desktop applications—applications that might not have web browsers but nevertheless need to get the Special OAuth Pat on the Back and let the user allow it to access his data. And to do so, you do this:
You’ll grab a request token. With it, you’ll ask the user to log into Twitter and get a special PIN. This PIN is pasted into your application. You then trade your request token for an access token, with which you can perform unspeakable evil.
A first attempt at precisely this:
Jump.