--- a/twitter_client.py	Sat Jun 12 18:28:46 2010 -0700
+++ b/twitter_client.py	Sat Jun 12 19:12:31 2010 -0700
@@ -33,6 +33,10 @@
 
             request_token = dict(urlparse.parse_qsl(content))
 
+            if ('oauth_callback_confirmed' not in request_token or
+                request_token['oauth_callback_confirmed'] != 'true'):
+                raise Exception("Oauth callback must be confirmed.")
+
             self.request_tokens[request_token['oauth_token']] = request_token
 
             # Step 2: Redirect to the provider.