The thread can be closed now, since I’ve reimplemented the authentication based on a local http server that’s being started for the purpose of receiving the oauth redirect.
I had written my application in a way so that all cookies set by Twitch were being removed after a successful authentication. That was definitely not the issue here. Redirects to the app:// protocol had also been enabled in NWjs. And as I’ve said, the authentication stopped working without me making any changes to the previously working implementation. The issue was clearly on Twitch’s end, disabling redirects which did not match URIs in the /^https?://.+/ format…