Show HN: Hora – A Native SwiftUI Google Calendar Client for macOS

Posted by szamski 16 hours ago

Counter4Comment2OpenOriginal

Comments

Comment by paolatauru 15 hours ago

curious how you handle the google calendar API auth flow. did you go with the native aswebauthenticationsession or store tokens in keychain

Comment by szamski 5 hours ago

Native ASWebAuthenticationSession for the OAuth flow with PKCE (SHA-256 challenge). Refresh tokens are stored in macOS Keychain (kSecAttrAccessibleWhenUnlocked), access tokens are never persisted — refreshed on demand. No custom WebView, no embedded browser, no token stored in UserDefaults or on disk. The only things in UserDefaults are the account email list and display names.

Comment by szamski 16 hours ago

[dead]