mirror of
https://github.com/AgentSeal/codeburn.git
synced 2026-07-10 01:29:41 +00:00
The menubar kept its own copy of each provider's OAuth grant and refreshed it on a timer, racing the CLI. Both Claude and Codex use single-use refresh tokens that rotate on every refresh, so the menubar's self-rotation could invalidate the user's own CLI login and surfaced as "disconnected" after a long idle period. Codex: read ~/.codex/auth.json fresh each cycle; only self-refresh when last_refresh is older than 8 days; on 401 re-read the source before spending our token; write rotated tokens back to auth.json (atomic, preserving other keys); recover from reuse/invalid_grant by re-reading instead of going terminal. Claude: never HTTP-refresh the CLI-owned token. On expiry/401 re-read the keychain with a no-UI query (LAContext.interactionNotAllowed) to adopt a token the CLI already rotated; when none is available yet, report a transient sourceTokenStale rather than a terminal disconnect. |
||
|---|---|---|
| .. | ||
| CapacityEstimator.swift | ||
| ClaudeCredentialStore.swift | ||
| ClaudeSubscriptionService.swift | ||
| CodexCredentialStore.swift | ||
| CodexSubscriptionService.swift | ||
| CodexUsage.swift | ||
| DataClient.swift | ||
| MenubarPayload.swift | ||
| MenubarStatusCache.swift | ||
| QuotaSummary.swift | ||
| SubscriptionRefreshCadence.swift | ||
| SubscriptionSnapshotStore.swift | ||
| SubscriptionUsage.swift | ||
| UpdateChecker.swift | ||