Hello Michael,
Going through the link you sent me I saw my comments from last July. Unfortunately, the resolution of this long known keychain issue hasn't progressed much. Besides with the limitation of closed source lib :( it is difficult to know the details of the issue. Even in the cookbook demo app I had to backup and use UntrustedMemoryOAuth2Session [1].
What I would recommend is going another route and implement you own secure OAuth2Session storage[2] using encryption lib [3]. The problem is that when you encrypt you need ti input a password which a usability trade-off to have tokens stored in a secure encrypted version. You could use TouchID [4] to make it easy.
++
Corinne