I'm having the same problem as Jochen - always getting a 401 Unauthorized error on the callback.
I had the initial problem with the PIN response, but got around it by explicitly passing the callback into the initial get_request_token call but now have run into this 401 problem. I haven't got the github gist but have the same code as Jochen above.
