If your app has a server-side component, try using the “OAuth Authorization Code Flow” documented here (https://dev.twitch.tv/docs/authentication/getting-tokens-oauth/). I get non-expiring tokens using this, but I don’t believe that this situation will last forever and that Twitch will start issuing expiring tokens for this authentication flow, though I suspect the expiry time will be longer than tokens that are issued using the implicit code flow.
Also, the “dance” is not needlessly complicated. Sure, it is complicated, but not needlessly so. It is a standard documented here (https://oauth.net/2/) and it is designed to give you access to a user’s account securely. The OAuth standard docs links to a RFC that outlines the threat model and it is worth a read (https://tools.ietf.org/html/rfc6819).