By literally doing the worst thing that you can do that is also prohibited under the Twitch API Developer Agreement, that you agreed to by creating a ClientID?
YOU MUST NOT LEAK YOUR CLIENT SECRET
https://www.twitch.tv/p/en-gb/legal/developer-agreement/
You are literally violating your agreement with Twitch. And putting your users of your application at risk
In addition every, single, API that uses secrets will say the same thing here. You cannot and shouldn’t be leaking your Client Secret via this sort of call.
If you must do this sort of call client side. Then you should be using implicit auth and not regular oAuth. Implicit auth’s cannot be renewed/refreshed by design. (Other than sending the user round the oAuth dance again)