mirror of
https://github.com/AgentSeal/codeburn.git
synced 2026-07-10 01:29:41 +00:00
The menubar kept its own copy of each provider's OAuth grant and refreshed it on a timer, racing the CLI. Both Claude and Codex use single-use refresh tokens that rotate on every refresh, so the menubar's self-rotation could invalidate the user's own CLI login and surfaced as "disconnected" after a long idle period. Codex: read ~/.codex/auth.json fresh each cycle; only self-refresh when last_refresh is older than 8 days; on 401 re-read the source before spending our token; write rotated tokens back to auth.json (atomic, preserving other keys); recover from reuse/invalid_grant by re-reading instead of going terminal. Claude: never HTTP-refresh the CLI-owned token. On expiry/401 re-read the keychain with a no-UI query (LAContext.interactionNotAllowed) to adopt a token the CLI already rotated; when none is available yet, report a transient sourceTokenStale rather than a terminal disconnect. |
||
|---|---|---|
| .. | ||
| Data | ||
| Security | ||
| Theme | ||
| Views | ||
| AppStore.swift | ||
| AppVersion.swift | ||
| CodeBurnApp.swift | ||
| CurrencyState.swift | ||