What is the best way to do Twitter OAuth authentication safely in JavaScript?

I am trying to write a program to let the user analyze his Twitter usage and followers / friends. I’ve written a server side version which works using the python tweepy module.

I would like to share it with people, but I would like it to run in the browser to be scalable vs. running on my small server.

I see another question where the upshot is that it’s not recommended and not safe:
JavaScript OAuth sign in with Twitter

Which makes sense if one were sending the consumer (app) secret or access (user) secret in the app’s JavaScript.

But why couldn’t I build the URL on the server side like here –
http://djangosnippets.org/snippets/1353/

Then send the authentication URL back to the browser, something like this from the OAuth Tool on Twitter’s My Applications page (not valid credentials)

GET&https%3A%2F%2Fapi.twitter.com%2F1%2F&get%252Faccount%252Fverify_credentials_json%3D%26oauth_consumer_key%GD0bgcgMU4MDwNfKQpLFQS3%26oauth_nonce%3D24ad5049501dee1292afd8cf22307d68%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1329173626%26oauth_token%uPUpxsBc3D283768289LtQ6R1Ez1KeD8DOSsm5XpqJaKI28ysYh%26oauth_version%3D1.0

Then have jQuery use that to authenticate with the user’s credentials and run the analysis.

It’s a significant piece of work, I’d hate to do that and then find out it doesn’t work or is an unsafe approach. (or it’s already been done)

Is that safe? It doesn’t seem to expose any secrets.

Will that work?

Any pointers/examples on the right way to do the authentication for a jQuery noob, with the necessary Authorization: header and cookie/redirect processing?

I feel like I’m missing something and either there’s a reason this won’t work, or it should already exist somewhere, but haven’t found it. Many thanks!