Hi Arthur,
Indeed it is a Quest.
You don't need to do this entire round trip every single time. In Twitter's OAuth implementation, when we respond with the access token to you in the access token step, we also include the screen_name and id of the user. You in turn should store the id, screen_name, oauth_token, and oauth_token_secret for the user in whatever representation you like.
Then, you use the access token to perform your resource-based API calls from that point forward.
You only need to do the whole OAuth song & dance once for each user (or until the access token is revoked by the user, or if you otherwise want to validate identity for some reason).
Some OAuth libraries make it difficult to consume the additional query parameters returned to you in the access token step. If this is the case, you can make your first API call to
http://api.twitter.com/1/account/verify_credentials.json or .xml, which will return information you need about the user in a format you can easily consume.
Taylor