Okay, if I omit the callback when making my request to https://api.twitter.com/oauth/request_token, I get back the token that I can apply to https://api.twitter.com/oauth/authenticate?oauth_token=. There I am presented with the authorization login screen, which, after logging in, presents me with the pin page.
However, this is not what I want. If I understand the directions correctly, if I supply an oauth_callback argument to the initial request, the user would be directed to that callback url after the login. But, simply by adding the callback to the first request, I get a 401 error.
OAuth oauth_callback=“http%3A%2F%2Fwww.mydomain.com%2F129095.html”, oauth_consumer_key=“6EyXRg4MkbSfewAb9obLJQ”, oauth_nonce=“9l291p5k”, oauth_signature=“JYWxJiQDDBTbHmM7t%2B7H%2FO6Rqlk%3D”, oauth_signature_method=“HMAC-SHA1”, oauth_timestamp=“1365571211”, oauth_version=“1.0”
Now, I’ve been screwed up before because the twitter application wasn’t set up to allow read/write on the access level. Right now I have “Callback URL” set to “None” and “Sign in with Twitter” set to “No” (those were the defaults) for the application. Are these supposed to be something else to allow the callback parameter? I couldn’t find anything in the documentation that says they need to be.