before you redirect the user, you need to POST to twitter to get an oauth request token.
> Somehow I store those credentials (username, possibly email and profile image) so the user doesn’t have to accept access every time…or something like that.
Twitter returns a userID and a screen name. You’d typically store them in the session.
You might be interested in [Andy Smith’s OAuth class](http://oauth.googlecode.com/svn/code/php/). I’ve never done this myself, but [this seems to be a good tutorial](http://www.jondev.net/articles/Using_OAuth_with_Twitter_-_PHP_Example).