Share credentials via the data-protection keychain so the File Provider extension can authenticate

[alexmodrono]

Summary

After updating to the fixed 0.2.0, the app signs in and syncs, but Finder shows the domain as "signed out" and Open in Finder does nothing.

Root cause: the auth token lived in the file-based login keychain with no access group (confirmed on disk via security find-generic-password). The app can read it, but the File Provider extension is a separate binary whose code signature changes when Sparkle replaces the bundle — and file-based keychain access is bound to specific code, not to an entitlement. So the extension's isAuthenticated check (which requires reading the token) fails and the domain reports not-authenticated, which also leaves getUserVisibleURL (Open in Finder) unable to resolve.

The DB side is already correct: the container holds the site, a connected account, and 177 items — databaseIsReady passes. The only failing gate is the keychain read.

Fix

Store credentials in the data-protection keychain, where the app and extension share items through their common keychain-access-group entitlement. Access is granted by entitlement, so it survives re-signing. retrieveToken transparently migrates any token still in the legacy file-based keychain forward, so existing users don't have to sign in again.

Notes

• MCP helper doesn't use the keychain (verified) — unaffected.
• Builds clean (app + extension + MCP).
• Ships as another 0.2.0 re-cut; the CI build number increments so Sparkle still offers it.

[github-actions]

Nightly Build

Download Findle Nightly (unsigned)

Built from 5c3c4cf.

Important

This build is unsigned. macOS will block it on first launch. To open it:

1. Try to open the app normally — macOS will show a warning and refuse.
2. Go to System Settings → Privacy & Security, scroll down, and click Open Anyway.
3. The File Provider extension requires code signing and won't work in this build.