Depending on your needs and whether you plan to open this up to additional users or not, you may find it easier to just use your own access token for your app which you can get from dev.twitter.com/apps – then you can skip the obtaining an access token process entirely.
Otherwise, set your application to having no registered callback URL.
When issuing the request to oauth/request_token, set your oauth_callback parameter value to “oob”
You’ll then need to generate a authorization URL, same as the typical OAuth flow, and send the user there in a web browser. Once they enter their credentials and approve the flow, they’ll be presented with the PIN code on their screen.
Your application should at that point be prompting for this PIN code to be entered in by the user. Once entered, you then complete the oauth/access_token step, just like normalOAuth, but instead of using an oauth_verifier value we sent you in a callback, you use the PIN code as the oauth_verifier instead.
