The oAuth loop for an extension would be handled via your EBS.
So the redirect URI would be to your EBS, not to the extension frontend.
(This might work with implicit auth if you are talking viewer auth not broadcaster auth)
Additionally this wouldn’t work since you have no idea the URL that your extension will be on release. (The URL of hosted test will in most cases not be the same as release)
So you would have to route oAuth loops via your EBS for both viewer and broadcaster authentication. You know what the URI will be for your EBS.