I have two users for testing purposes, one is the owner of the application and the other is my personal one.
My personal account is able to login perfectly fine however the owner account follows all the same steps and seems to validate the user at https://api.twitter.com/oauth/authenticate, but rather than say it will redirect back to the application and do so a few moments latter when you login, it stays on the:
“Authorize AppName to use your account?
(Only this time without the login details to be filled out and without the oauth_token in the URL).
Once here, no matter how many times I click on Signin, it does not redirect, however the cancel button does work correctly.