feat: update examples with latest auth0-ai sdks #11
Conversation
priley86
force-pushed
the
auth0-ai-sdk-updates
branch
from
5fcf940 to
fff1044
Compare
ts-langchain/package.json
Outdated
| "resolutions": { | ||
| "@auth0/ai": "file:auth0-ai-0.0.0.tgz" | ||
| } |
There was a problem hiding this comment.
reminder to myself to:
- remove the @auth0/ai package reference after release/publish of those packages
- remove the resolutions reference
- (and upgrade the @auth0/ai-langchain refernce)
These are temporary while testing w/ the local pnpm packages to test that nested dependency.
| @@ -1,34 +1,148 @@ | |||
| import { type Message } from "@langchain/langgraph-sdk"; | |||
| import { type Message, type AIMessage } from '@langchain/langgraph-sdk'; | |||
There was a problem hiding this comment.
added similar chat message bubble / tool call display that we've added recently in:
auth0-samples/auth0-ai-samples#7
see changes here and in chat-window.tsx.
| export const withGoogleConnection = auth0AICustomAPI.withTokenVault({ | ||
| connection: 'google-oauth2', | ||
| scopes: [ | ||
| 'https://www.googleapis.com/auth/gmail.readonly', | ||
| 'https://www.googleapis.com/auth/gmail.compose', | ||
| 'https://www.googleapis.com/auth/calendar.events', | ||
| ], | ||
| accessToken: async (_, config) => { | ||
| return config.configurable?.langgraph_auth_user?.getRawAccessToken(); | ||
| }, | ||
| subjectTokenType: SUBJECT_TOKEN_TYPES.SUBJECT_TYPE_ACCESS_TOKEN, | ||
| }); | ||
|
|
||
| // CIBA flow for user confirmation | ||
| export const withAsyncAuthorization = auth0AI.withAsyncUserConfirmation({ | ||
| // Async Authorization flow for user confirmation | ||
| // Note: you must use a client application that has the CIBA grant type enabled | ||
| // in this case, we can use auth0 regular web app client | ||
| const auth0AI = new Auth0AI(); |
There was a problem hiding this comment.
needed to use separate clients here in this example (authAI vs auth0AICustomAPI), b/c the Resource Server Client/Custom API Client currently does not support CIBA grant types.
There was a problem hiding this comment.
per discussion today, we can expect that Custom API Client should support CIBA in the future, but opting to use the Regular Web App client's credentials for now (so we do not need to introduce another client w/ this example). In the long run, we should be able to simply use the same Custom API Client.
ts-langchain/src/lib/auth0-ai.ts
Outdated
| }, | ||
| bindingMessage: async ({ product, qty }) => `Do you want to buy ${qty} ${product}`, | ||
| scopes: ['openid', 'product:buy'], | ||
| scopes: ['openid', 'buy:product'], |
There was a problem hiding this comment.
just wanted to call out that, regarding the scope conventions used in these examples, the default consent screen currently renders "{noun}: {verb} your {noun}" with respect to the scope used. So you can't really change this at the moment unless you use a custom prompt template. We do also allow custom scope descriptions though, but this is an additional setting, and prefer to use this sort of convention moving forward w/ the scope names by default "{verb}:{noun}".
https://auth0.com/docs/customize/login-pages/customize-consent-prompts
There was a problem hiding this comment.
we've opted to defer this update till' future (to reduce further headache w/ these SDK updates)
e4b0ac7
pmalouin
left a comment
pmalouin
left a comment
There was a problem hiding this comment.
all LGTM (except the references that will need to be updated once we have the packages)
| "@langchain/community": "0.3.49", | ||
| "@langchain/core": "0.3.63", | ||
| "@langchain/langgraph": "0.3.8", | ||
| "@langchain/community": "^0.3.53", |
There was a problem hiding this comment.
tested the Gmail and Google Cal tools still work here, although i prefer to no longer use this dependency if we can avoid it in the future. The zod versions are poorly maintained right now in those @langchain/community tool schemas, and this usage of these tools seems to be just a convenience (where we could provide a simple inline tool also).
There was a problem hiding this comment.
it also has the dated transitive dotenvdependency it seems.
There was a problem hiding this comment.
ya lets drop these tools, they are often broken
| npm install # or bun install | ||
| npm run dev # or bun run dev |
There was a problem hiding this comment.
non-blocking: we can stick with npm instructions only
Co-authored-by: Deepu K Sasidharan <d4udts@gmail.com>
3 participants
Updates all examples with latest auth0-ai python and auth0-ai-js packages.
note: currently awaiting release/publish of these package updates being made in:
auth0/auth0-ai-python#51
auth0/auth0-ai-js#285
Planning to update all packages after release, but going ahead w/ review requests.
cc: @pmalouin