It is quite a complicated procedure, but I just implemented it manually.
1) request a request token
2) use this request token to log the user in
3) after user logged in, user has to authorise the app
4) after authorisation, exchange the request token for an access token (this stage isn't documented well / at all)
5) use your access oauth token and oauth_secret to perform twitter actions.
@ #5 it doesn't help a lot of places refer to this as either the same terms as in #1 (request oauth != access oauth) or as something different altogether
1) request a request token
2) use this request token to log the user in
3) after user logged in, user has to authorise the app
4) after authorisation, exchange the request token for an access token (this stage isn't documented well / at all)
5) use your access oauth token and oauth_secret to perform twitter actions.
@ #5 it doesn't help a lot of places refer to this as either the same terms as in #1 (request oauth != access oauth) or as something different altogether