Update repos for async-auth

[AdamWozniewski]

Updating dependency packages for internal async-auth examples

[priley86]

I was able to validate the asynchronous-authorization/langchain-next-js example to be working inside of #11 yesterday.

I think we should possibly rebase it here after. A couple more things:

• would be nice to ensure that all bun.lock / package-lock.json's are updated. I think repo has primarily used bun.lock.
• would be nice to reflect async auth style params introduced in: https://github.com/auth0-lab/auth0-ai-js/pull/270/files (JS examples). Not sure if we had these w/ python examples?
• maybe we want to add a comment or something indicating about requestedExpiry setting coming soon (and now supported)?

[pmalouin]

Why was this file added to .gitignore (but the package-lock.json file is still under version control)?

[priley86]

tested a few changes today locally for the asychronous-authorization/langchain-next-js example, and pushed a sample commit after here:
33f16fe

quick summary of changes made:

• downgraded tailwind 4 back to tailwind 3 after noting rendering/next build issues
• added FGA env to .env.example, as i was seeing it referenced in the example within asynchronous-authorization/langchain-next-js/src/lib/fga/fga.ts
• updated prompt to force json when passing tool args
• adopted sample nextjs-sdk middleware.ts
• added comment about requestedExpiry. Note that if you do not provide this param w/ >=301 (s), you will have to have Guardian enrolled for your user. If provided as 301 (or greater), you will see email notifications by default (as long as the CIBA w/ Email feature is enabled on your tenant).

screenshots:

(working after using CIBA + Email approval)

(failure if user is not enrolled in Guardian, and requestedExpiry is not >= 301)

[priley86]

• per slack, please see additional updates made in:
  Auth0 samples update node next langchain #17

• please rebase latest main branch

should be rdy to go after...

[AdamWozniewski]

@priley86 @deepu105 Updated according to your instructions

[priley86]

👍

[priley86]

all user.sub references can be reverted in this file (please just inspect diff here when applying)

[priley86]

user.email

[priley86]

can remain can_view it seems

[AdamWozniewski]

@priley86 Thanks for your comments, especially at this late hour.
I've made the corrections you suggested.

[priley86]

.where(or(eq(documentsTable.userId, user.sub), arrayContains(documentsTable.sharedWith, [user.email])))

[AdamWozniewski]

@priley86 I think that was last thing to change

[deepu105]

Not having this should not cause startup failures, atleast has never caused any startup failures for me so far. We probably should just remove the FGA stuff from this sample. when I did the sample originally I wasnt planning on these becoming the core of the quickstart and in tended this as ajusta reference app thats why I didnt remove those

[deepu105]

why make this file less readable? I don't see wht this reformatting was needed?

[deepu105]

I think we should keep npm install as thats more widely used and available by default

[AdamWozniewski]

@deepu105 Hi. I changed the README and .env.example files as per your suggestion regarding the file:
asynchronous-authorization/vercel-ai-next-js/src/lib/tools/shop-online.ts
Personally, I really like using template strings, but I have no objection to bringing back string concatenation.

[deepu105]

My comment wasn't about that; it was about reformatting the file in a way that a lot of stuff became single-line, etc. The use of single line conditions in JS were discouraged in most popular formatting tools.