For a web application, if you redirect the user to Twitter for authorization, and the user clicks Refuse , he has the opportunity to return to your application or not.
If the user has not logged in with his Twitter account or closed the tab or switched to another URL. You will not know if you are not tracking users and not checking if it has passed longer than the specified time.
In this case, if the user clicks on uBlogThis! link, it will be redirected back to the application via callbackURL, which you specified when receiving the request token, and! the HTTP GET variable is enabled denied:
http://domain.com/twitterapp/callback.php?denied=8L74Y149FtnZi1M3IDstring
So you need to search $_GET['denied']if you are using PHP, for example.
If instead you open a popup to show the user a Twitter authorization page via javascript, you can check if the popup was closed without initiating a callback. You can also add a timer to judge if the user went differently.