Twitch doesn’t deauthorize tokens until the app is disconnected for the user. You cannot delete an auth token (from twitch) from the applications side. Generating a new token only creates a second available token to use to authenticate to the app.
If the (twitch) token were somehow compromised at any point, it would remain compromised until the user disconnects the app from their twitch settings page, under connections.