auth0-ai-langchain 0.2.0__tar.gz → 1.0.0b1__tar.gz

{auth0_ai_langchain-0.2.0 → auth0_ai_langchain-1.0.0b1}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.3
 Name: auth0-ai-langchain
-Version: 0.2.0
+Version: 1.0.0b1
 Summary: This package is an SDK for building secure AI-powered applications using Auth0, Okta FGA and LangChain.
 License: Apache-2.0
 Author: Auth0
@@ -11,12 +11,12 @@ Classifier: Programming Language :: Python :: 3
 Classifier: Programming Language :: Python :: 3.11
 Classifier: Programming Language :: Python :: 3.12
 Classifier: Programming Language :: Python :: 3.13
-Requires-Dist: auth0-ai (>=0.2.0,<0.3.0)
-Requires-Dist: langchain (>=0.3.20,<0.4.0)
-Requires-Dist: langchain-core (>=0.3.43,<0.4.0)
-Requires-Dist: langgraph (>=0.3.25,<0.4.0)
-Requires-Dist: langgraph-sdk (>=0.1.55,<0.2.0)
-Requires-Dist: openfga-sdk (>=0.9.0,<0.10.0)
+Requires-Dist: auth0-ai (>=1.0.0b1,<2.0.0)
+Requires-Dist: langchain (>=0.3.25,<0.4.0)
+Requires-Dist: langchain-core (>=0.3.59,<0.4.0)
+Requires-Dist: langgraph (>=0.4.3,<0.5.0)
+Requires-Dist: langgraph-sdk (>=0.1.66,<0.2.0)
+Requires-Dist: openfga-sdk (>=0.9.4,<0.10.0)
 Project-URL: Homepage, https://auth0.com
 Description-Content-Type: text/markdown
 
@@ -34,6 +34,52 @@ Description-Content-Type: text/markdown
 pip install auth0-ai-langchain
 ```
 
+## Async User Confirmation
+
+`Auth0AI` uses CIBA (Client-Initiated Backchannel Authentication) to handle user confirmation asynchronously. This is useful when you need to confirm a user action before proceeding with a tool execution.
+
+Full Example of [Async User Confirmation](https://github.com/auth0-lab/auth0-ai-python/tree/main/examples/async-user-confirmation/langchain-examples).
+
+1. Define a tool with the proper authorizer specifying a function to resolve the user id:
+
+```python
+from auth0_ai_langchain.auth0_ai import Auth0AI
+from auth0_ai_langchain.ciba import get_ciba_credentials
+from langchain_core.runnables import ensure_config
+from langchain_core.tools import StructuredTool
+
+# If not provided, Auth0 settings will be read from env variables: `AUTH0_DOMAIN`, `AUTH0_CLIENT_ID`, and `AUTH0_CLIENT_SECRET`
+auth0_ai = Auth0AI()
+
+with_async_user_confirmation = auth0_ai.with_async_user_confirmation(
+    scope="stock:trade",
+    audience=os.getenv("AUDIENCE"),
+    binding_message=lambda ticker, qty: f"Authorize the purchase of {qty} {ticker}",
+    user_id=lambda *_, **__: ensure_config().get("configurable", {}).get("user_id"),
+    # Optional:
+    # store=InMemoryStore()
+)
+
+def tool_function(ticker: str, qty: int) -> str:
+    credentials = get_ciba_credentials()
+    headers = {
+        "Authorization": f"{credentials["token_type"]} {credentials["access_token"]}",
+        # ...
+    }
+    # Call API
+
+trade_tool = with_async_user_confirmation(
+    StructuredTool(
+        name="trade_tool",
+        description="Use this function to trade a stock",
+        func=trade_tool_function,
+        # ...
+    )
+)
+```
+
+2. Handle interruptions properly. For example, if user is not enrolled to MFA, it will throw an interruption. See [Handling Interrupts](#handling-interrupts) section.
+
 ## Authorization for Tools
 
 The `FGAAuthorizer` can leverage Okta FGA to authorize tools executions. The `FGAAuthorizer.create` function can be used to create an authorizer that checks permissions before executing the tool.
@@ -43,19 +89,12 @@ Full example of [Authorization for Tools](https://github.com/auth0-lab/auth0-ai-
 1. Create an instance of FGA Authorizer:
 
 ```python
-from auth0_ai_langchain.fga.fga_authorizer import FGAAuthorizer, FGAAuthorizerOptions
+from auth0_ai_langchain.fga import FGAAuthorizer
 
+# If not provided, FGA settings will be read from env variables: `FGA_STORE_ID`, `FGA_CLIENT_ID`, `FGA_CLIENT_SECRET`, etc.
 fga = FGAAuthorizer.create()
 ```
 
-**Note**: Here, you can configure and specify your FGA credentials. By `default`, they are read from environment variables:
-
-```sh
-FGA_STORE_ID="<fga-store-id>"
-FGA_CLIENT_ID="<fga-client-id>"
-FGA_CLIENT_SECRET="<fga-client-secret>"
-```
-
 2. Define the FGA query (`build_query`) and, optionally, the `on_unauthorized` handler:
 
 ```python
@@ -73,10 +112,10 @@ async def build_fga_query(tool_input):
 def on_unauthorized(tool_input):
     return f"The user is not allowed to buy {tool_input["qty"]} shares of {tool_input["ticker"]}."
 
-use_fga = fga(FGAAuthorizerOptions(
+use_fga = fga(
     build_query=build_fga_query,
     on_unauthorized=on_unauthorized,
-))
+)
 ```
 
 **Note**: The parameters given to the `build_query` and `on_unauthorized` functions are the same as those provided to the tool function.
@@ -102,7 +141,7 @@ buy_tool = StructuredTool(
 
 ## Calling APIs On User's Behalf
 
-The `Auth0AI.with_federated_connection` function exchanges user's refresh token taken from the runnable configuration (`config.configurable._credentials.refresh_token`) for a Federated Connection API token.
+The `Auth0AI.with_federated_connection` function exchanges user's refresh token taken, by default, from the runnable configuration (`config.configurable._credentials.refresh_token`) for a Federated Connection API token.
 
 Full Example of [Calling APIs On User's Behalf](https://github.com/auth0-lab/auth0-ai-python/tree/main/examples/calling-apis/langchain-examples).
 
@@ -110,19 +149,23 @@ Full Example of [Calling APIs On User's Behalf](https://github.com/auth0-lab/aut
 
 ```python
 from auth0_ai_langchain.auth0_ai import Auth0AI
-from auth0_ai_langchain.federated_connections import get_access_token_for_connection
+from auth0_ai_langchain.federated_connections import get_credentials_for_connection
 from langchain_core.tools import StructuredTool
 
+# If not provided, Auth0 settings will be read from env variables: `AUTH0_DOMAIN`, `AUTH0_CLIENT_ID`, and `AUTH0_CLIENT_SECRET`
 auth0_ai = Auth0AI()
 
 with_google_calendar_access = auth0_ai.with_federated_connection(
     connection="google-oauth2",
-    scopes=["https://www.googleapis.com/auth/calendar.freebusy"]
+    scopes=["https://www.googleapis.com/auth/calendar.freebusy"],
+    # Optional:
+    # refresh_token=lambda *_, **__: ensure_config().get("configurable", {}).get("_credentials", {}).get("refresh_token"),
+    # store=InMemoryStore(),
 )
 
 def tool_function(date: datetime):
-    access_token = get_access_token_for_connection()
-    # Call Google API
+    credentials = get_credentials_for_connection()
+    # Call Google API using credentials["access_token"]
 
 check_calendar_tool = with_google_calendar_access(
     StructuredTool(
@@ -154,7 +197,7 @@ workflow = (
 )
 ```
 
-3. Handle interruptions properly. If the tool does not have access to user's Google Calendar, it will throw an interruption.
+3. Handle interruptions properly. For example, if the tool does not have access to user's Google Calendar, it will throw an interruption. See [Handling Interrupts](#handling-interrupts) section.
 
 ## RAG with FGA
 
@@ -184,7 +227,8 @@ vector_store = VectorStoreIndex.from_documents(documents)
 # Create a retriever:
 base_retriever = vector_store.as_retriever()
 
-# Create the FGA retriever wrapper:
+# Create the FGA retriever wrapper.
+# If not provided, FGA settings will be read from env variables: `FGA_STORE_ID`, `FGA_CLIENT_ID`, `FGA_CLIENT_SECRET`, etc.
 retriever = FGARetriever(
     base_retriever,
     build_query=lambda node: ClientCheckRequest(
@@ -206,6 +250,63 @@ response = query_engine.query("What is the forecast for ZEKO?")
 print(response)
 ```
 
+## Handling Interrupts
+
+`Auth0AI` uses interrupts extensively and will never block a graph. Whenever an authorizer requires user interaction, the graph throws a `GraphInterrupt` exception with data that allows the client to resume the flow.
+
+It is important to disable error handling in your tools node as follows:
+
+```python
+    .add_node(
+        "tools",
+        ToolNode(
+            [
+                # your authorizer-wrapped tools
+            ],
+            # Error handler should be disabled in order to trigger interruptions from within tools.
+            handle_tool_errors=False
+        )
+    )
+```
+
+From the client side of the graph you get the interrupts:
+
+```python
+from auth0_ai_langchain.utils.interrupt import get_auth0_interrupts
+
+# Get the langgraph thread:
+thread = await client.threads.get(thread_id)
+
+# Filter the auth0 interrupts:
+auth0_interrupts = get_auth0_interrupts(thread)
+```
+
+Then you can resume the thread by doing this:
+
+```python
+await client.runs.wait(thread_id, assistant_id)
+```
+
+For the specific case of **CIBA (Client-Initiated Backchannel Authorization)** you might attach a `GraphResumer` instance that watches for interrupted threads in the `"Authorization Pending"` state and attempts to resume them automatically, respecting Auth0's polling interval.
+
+```python
+import os
+from auth0_ai_langchain.ciba import GraphResumer
+from langgraph_sdk import get_client
+
+resumer = GraphResumer(
+    lang_graph=get_client(url=os.getenv("LANGGRAPH_API_URL")),
+    # optionally, you can filter by a specific graph:
+    filters={"graph_id": "conditional-trade"},
+)
+
+resumer \
+    .on_resume(lambda thread: print(f"Attempting to resume thread {thread['thread_id']} from interruption {thread['interruption_id']}")) \
+    .on_error(lambda err: print(f"Error in GraphResumer: {str(err)}"))
+
+resumer.start()
+```
+
 ---
 
 <p align="center">

{auth0_ai_langchain-0.2.0 → auth0_ai_langchain-1.0.0b1}/README.md

@@ -12,6 +12,52 @@
 pip install auth0-ai-langchain
 ```
 
+## Async User Confirmation
+
+`Auth0AI` uses CIBA (Client-Initiated Backchannel Authentication) to handle user confirmation asynchronously. This is useful when you need to confirm a user action before proceeding with a tool execution.
+
+Full Example of [Async User Confirmation](https://github.com/auth0-lab/auth0-ai-python/tree/main/examples/async-user-confirmation/langchain-examples).
+
+1. Define a tool with the proper authorizer specifying a function to resolve the user id:
+
+```python
+from auth0_ai_langchain.auth0_ai import Auth0AI
+from auth0_ai_langchain.ciba import get_ciba_credentials
+from langchain_core.runnables import ensure_config
+from langchain_core.tools import StructuredTool
+
+# If not provided, Auth0 settings will be read from env variables: `AUTH0_DOMAIN`, `AUTH0_CLIENT_ID`, and `AUTH0_CLIENT_SECRET`
+auth0_ai = Auth0AI()
+
+with_async_user_confirmation = auth0_ai.with_async_user_confirmation(
+    scope="stock:trade",
+    audience=os.getenv("AUDIENCE"),
+    binding_message=lambda ticker, qty: f"Authorize the purchase of {qty} {ticker}",
+    user_id=lambda *_, **__: ensure_config().get("configurable", {}).get("user_id"),
+    # Optional:
+    # store=InMemoryStore()
+)
+
+def tool_function(ticker: str, qty: int) -> str:
+    credentials = get_ciba_credentials()
+    headers = {
+        "Authorization": f"{credentials["token_type"]} {credentials["access_token"]}",
+        # ...
+    }
+    # Call API
+
+trade_tool = with_async_user_confirmation(
+    StructuredTool(
+        name="trade_tool",
+        description="Use this function to trade a stock",
+        func=trade_tool_function,
+        # ...
+    )
+)
+```
+
+2. Handle interruptions properly. For example, if user is not enrolled to MFA, it will throw an interruption. See [Handling Interrupts](#handling-interrupts) section.
+
 ## Authorization for Tools
 
 The `FGAAuthorizer` can leverage Okta FGA to authorize tools executions. The `FGAAuthorizer.create` function can be used to create an authorizer that checks permissions before executing the tool.
@@ -21,19 +67,12 @@ Full example of [Authorization for Tools](https://github.com/auth0-lab/auth0-ai-
 1. Create an instance of FGA Authorizer:
 
 ```python
-from auth0_ai_langchain.fga.fga_authorizer import FGAAuthorizer, FGAAuthorizerOptions
+from auth0_ai_langchain.fga import FGAAuthorizer
 
+# If not provided, FGA settings will be read from env variables: `FGA_STORE_ID`, `FGA_CLIENT_ID`, `FGA_CLIENT_SECRET`, etc.
 fga = FGAAuthorizer.create()
 ```
 
-**Note**: Here, you can configure and specify your FGA credentials. By `default`, they are read from environment variables:
-
-```sh
-FGA_STORE_ID="<fga-store-id>"
-FGA_CLIENT_ID="<fga-client-id>"
-FGA_CLIENT_SECRET="<fga-client-secret>"
-```
-
 2. Define the FGA query (`build_query`) and, optionally, the `on_unauthorized` handler:
 
 ```python
@@ -51,10 +90,10 @@ async def build_fga_query(tool_input):
 def on_unauthorized(tool_input):
     return f"The user is not allowed to buy {tool_input["qty"]} shares of {tool_input["ticker"]}."
 
-use_fga = fga(FGAAuthorizerOptions(
+use_fga = fga(
     build_query=build_fga_query,
     on_unauthorized=on_unauthorized,
-))
+)
 ```
 
 **Note**: The parameters given to the `build_query` and `on_unauthorized` functions are the same as those provided to the tool function.
@@ -80,7 +119,7 @@ buy_tool = StructuredTool(
 
 ## Calling APIs On User's Behalf
 
-The `Auth0AI.with_federated_connection` function exchanges user's refresh token taken from the runnable configuration (`config.configurable._credentials.refresh_token`) for a Federated Connection API token.
+The `Auth0AI.with_federated_connection` function exchanges user's refresh token taken, by default, from the runnable configuration (`config.configurable._credentials.refresh_token`) for a Federated Connection API token.
 
 Full Example of [Calling APIs On User's Behalf](https://github.com/auth0-lab/auth0-ai-python/tree/main/examples/calling-apis/langchain-examples).
 
@@ -88,19 +127,23 @@ Full Example of [Calling APIs On User's Behalf](https://github.com/auth0-lab/aut
 
 ```python
 from auth0_ai_langchain.auth0_ai import Auth0AI
-from auth0_ai_langchain.federated_connections import get_access_token_for_connection
+from auth0_ai_langchain.federated_connections import get_credentials_for_connection
 from langchain_core.tools import StructuredTool
 
+# If not provided, Auth0 settings will be read from env variables: `AUTH0_DOMAIN`, `AUTH0_CLIENT_ID`, and `AUTH0_CLIENT_SECRET`
 auth0_ai = Auth0AI()
 
 with_google_calendar_access = auth0_ai.with_federated_connection(
     connection="google-oauth2",
-    scopes=["https://www.googleapis.com/auth/calendar.freebusy"]
+    scopes=["https://www.googleapis.com/auth/calendar.freebusy"],
+    # Optional:
+    # refresh_token=lambda *_, **__: ensure_config().get("configurable", {}).get("_credentials", {}).get("refresh_token"),
+    # store=InMemoryStore(),
 )
 
 def tool_function(date: datetime):
-    access_token = get_access_token_for_connection()
-    # Call Google API
+    credentials = get_credentials_for_connection()
+    # Call Google API using credentials["access_token"]
 
 check_calendar_tool = with_google_calendar_access(
     StructuredTool(
@@ -132,7 +175,7 @@ workflow = (
 )
 ```
 
-3. Handle interruptions properly. If the tool does not have access to user's Google Calendar, it will throw an interruption.
+3. Handle interruptions properly. For example, if the tool does not have access to user's Google Calendar, it will throw an interruption. See [Handling Interrupts](#handling-interrupts) section.
 
 ## RAG with FGA
 
@@ -162,7 +205,8 @@ vector_store = VectorStoreIndex.from_documents(documents)
 # Create a retriever:
 base_retriever = vector_store.as_retriever()
 
-# Create the FGA retriever wrapper:
+# Create the FGA retriever wrapper.
+# If not provided, FGA settings will be read from env variables: `FGA_STORE_ID`, `FGA_CLIENT_ID`, `FGA_CLIENT_SECRET`, etc.
 retriever = FGARetriever(
     base_retriever,
     build_query=lambda node: ClientCheckRequest(
@@ -184,6 +228,63 @@ response = query_engine.query("What is the forecast for ZEKO?")
 print(response)
 ```
 
+## Handling Interrupts
+
+`Auth0AI` uses interrupts extensively and will never block a graph. Whenever an authorizer requires user interaction, the graph throws a `GraphInterrupt` exception with data that allows the client to resume the flow.
+
+It is important to disable error handling in your tools node as follows:
+
+```python
+    .add_node(
+        "tools",
+        ToolNode(
+            [
+                # your authorizer-wrapped tools
+            ],
+            # Error handler should be disabled in order to trigger interruptions from within tools.
+            handle_tool_errors=False
+        )
+    )
+```
+
+From the client side of the graph you get the interrupts:
+
+```python
+from auth0_ai_langchain.utils.interrupt import get_auth0_interrupts
+
+# Get the langgraph thread:
+thread = await client.threads.get(thread_id)
+
+# Filter the auth0 interrupts:
+auth0_interrupts = get_auth0_interrupts(thread)
+```
+
+Then you can resume the thread by doing this:
+
+```python
+await client.runs.wait(thread_id, assistant_id)
+```
+
+For the specific case of **CIBA (Client-Initiated Backchannel Authorization)** you might attach a `GraphResumer` instance that watches for interrupted threads in the `"Authorization Pending"` state and attempts to resume them automatically, respecting Auth0's polling interval.
+
+```python
+import os
+from auth0_ai_langchain.ciba import GraphResumer
+from langgraph_sdk import get_client
+
+resumer = GraphResumer(
+    lang_graph=get_client(url=os.getenv("LANGGRAPH_API_URL")),
+    # optionally, you can filter by a specific graph:
+    filters={"graph_id": "conditional-trade"},
+)
+
+resumer \
+    .on_resume(lambda thread: print(f"Attempting to resume thread {thread['thread_id']} from interruption {thread['interruption_id']}")) \
+    .on_error(lambda err: print(f"Error in GraphResumer: {str(err)}"))
+
+resumer.start()
+```
+
 ---
 
 <p align="center">

{auth0_ai_langchain-0.2.0 → auth0_ai_langchain-1.0.0b1}/auth0_ai_langchain/FGARetriever.py

@@ -32,7 +32,7 @@ class FGARetriever(BaseRetriever):
         Args:
             retriever (BaseRetriever): The retriever used to fetch documents.
             build_query (Callable[[Document], ClientBatchCheckItem]): Function to convert documents into FGA queries.
-            fga_configuration (Optional[ClientConfiguration]): Configuration for the OpenFGA client. If not provided, defaults to environment variables.
+            fga_configuration (ClientConfiguration, optional): Configuration for the OpenFGA client. If not provided, defaults to environment variables.
         """
         super().__init__()
         self._retriever = retriever
@@ -95,7 +95,7 @@ class FGARetriever(BaseRetriever):
 
         Args:
             query (str): The query for retrieving documents.
-            run_manager (Optional[object]): Optional manager for tracking runs.
+            run_manager (object, optional): Optional manager for tracking runs.
 
         Returns:
             List[Document]: Filtered and relevant documents.
@@ -148,7 +148,7 @@ class FGARetriever(BaseRetriever):
 
         Args:
             query (str): The query for retrieving documents.
-            run_manager (Optional[object]): Optional manager for tracking runs.
+            run_manager (object, optional): Optional manager for tracking runs.
 
         Returns:
             List[Document]: Filtered and relevant documents.

auth0_ai_langchain-1.0.0b1/auth0_ai_langchain/auth0_ai.py

@@ -0,0 +1,112 @@
+from typing import Callable, Optional
+from langchain_core.tools import BaseTool
+from auth0_ai.authorizers.ciba import CIBAAuthorizerParams
+from auth0_ai.authorizers.federated_connection_authorizer import FederatedConnectionAuthorizerParams
+from auth0_ai.authorizers.types import Auth0ClientParams
+from auth0_ai_langchain.ciba.ciba_authorizer import CIBAAuthorizer
+from auth0_ai_langchain.federated_connections.federated_connection_authorizer import FederatedConnectionAuthorizer
+
+
+class Auth0AI:
+    """Provides decorators to secure LangChain tools using Auth0 authorization flows.
+    """
+
+    def __init__(self, auth0: Optional[Auth0ClientParams] = None):
+        """Initializes the Auth0AI instance.
+
+        Args:
+            auth0 (Optional[Auth0ClientParams]): Parameters for the Auth0 client.
+                If not provided, values will be automatically read from environment
+                variables: `AUTH0_DOMAIN`, `AUTH0_CLIENT_ID`, and `AUTH0_CLIENT_SECRET`.
+        """
+        self.auth0 = auth0
+
+    def with_async_user_confirmation(self, **params: CIBAAuthorizerParams) -> Callable[[BaseTool], BaseTool]:
+        """Protects a tool with the CIBA (Client-Initiated Backchannel Authentication) flow.
+
+        Requires user confirmation via a second device (e.g., phone)
+        before allowing the tool to execute.
+
+        Args:
+            **params: Parameters defined in `CIBAAuthorizerParams`.
+
+        Returns:
+            Callable[[BaseTool], BaseTool]: A decorator to wrap a LangChain tool.
+
+        Example:
+            ```python
+            import os
+            from auth0_ai_langchain.auth0_ai import Auth0AI
+            from auth0_ai_langchain.ciba import get_ciba_credentials
+            from langchain_core.runnables import ensure_config
+            from langchain_core.tools import StructuredTool
+
+            auth0_ai = Auth0AI()
+
+            with_async_user_confirmation = auth0_ai.with_async_user_confirmation(
+                scope="stock:trade",
+                audience=os.getenv("AUDIENCE"),
+                binding_message=lambda ticker, qty: f"Authorize the purchase of {qty} {ticker}",
+                user_id=lambda *_, **__: ensure_config().get("configurable", {}).get("user_id")
+            )
+
+            def tool_function(ticker: str, qty: int) -> str:
+                credentials = get_ciba_credentials()
+                headers = {
+                    "Authorization": f"{credentials['token_type']} {credentials['access_token']}",
+                    # ...
+                }
+                # Call API
+
+            trade_tool = with_async_user_confirmation(
+                StructuredTool(
+                    name="trade_tool",
+                    description="Use this function to trade a stock",
+                    func=tool_function,
+                )
+            )
+            ```
+        """
+        authorizer = CIBAAuthorizer(CIBAAuthorizerParams(**params), self.auth0)
+        return authorizer.authorizer()
+
+    def with_federated_connection(self, **params: FederatedConnectionAuthorizerParams) -> Callable[[BaseTool], BaseTool]:
+        """Enables a tool to obtain an access token from a federated identity provider (e.g., Google, Azure AD).
+
+        The token can then be used within the tool to call third-party APIs on behalf of the user.
+
+        Args:
+            **params: Parameters defined in `FederatedConnectionAuthorizerParams`.
+
+        Returns:
+            Callable[[BaseTool], BaseTool]: A decorator to wrap a LangChain tool.
+
+        Example:
+            ```python
+            from auth0_ai_langchain.auth0_ai import Auth0AI
+            from auth0_ai_langchain.federated_connections import get_credentials_for_connection
+            from langchain_core.tools import StructuredTool
+            from datetime import datetime
+
+            auth0_ai = Auth0AI()
+
+            with_google_calendar_access = auth0_ai.with_federated_connection(
+                connection="google-oauth2",
+                scopes=["https://www.googleapis.com/auth/calendar.freebusy"]
+            )
+
+            def tool_function(date: datetime):
+                credentials = get_credentials_for_connection()
+                # Call Google API using credentials["access_token"]
+
+            check_calendar_tool = with_google_calendar_access(
+                StructuredTool(
+                    name="check_user_calendar",
+                    description="Use this function to check if the user is available on a certain date and time",
+                    func=tool_function,
+                )
+            )
+            ```
+        """
+        authorizer = FederatedConnectionAuthorizer(FederatedConnectionAuthorizerParams(**params), self.auth0)
+        return authorizer.authorizer()

auth0_ai_langchain-1.0.0b1/auth0_ai_langchain/ciba/__init__.py

@@ -0,0 +1,3 @@
+from auth0_ai.authorizers.ciba.ciba_authorizer_base import get_ciba_credentials as get_ciba_credentials
+from auth0_ai_langchain.ciba.ciba_authorizer import CIBAAuthorizer as CIBAAuthorizer
+from auth0_ai_langchain.ciba.graph_resumer import GraphResumer as GraphResumer

auth0_ai_langchain-1.0.0b1/auth0_ai_langchain/ciba/ciba_authorizer.py

@@ -0,0 +1,17 @@
+from abc import ABC
+from typing import Union
+from auth0_ai.authorizers.ciba import CIBAAuthorizerBase
+from auth0_ai.interrupts.ciba_interrupts import AuthorizationPendingInterrupt, AuthorizationPollingInterrupt
+from auth0_ai_langchain.utils.interrupt import to_graph_interrupt
+from auth0_ai_langchain.utils.tool_wrapper import tool_wrapper
+from langchain_core.tools import BaseTool
+
+class CIBAAuthorizer(CIBAAuthorizerBase, ABC):
+    def _handle_authorization_interrupts(self, err: Union[AuthorizationPendingInterrupt, AuthorizationPollingInterrupt]) -> None:
+        raise to_graph_interrupt(err)
+    
+    def authorizer(self):
+        def wrap_tool(tool: BaseTool) -> BaseTool:
+            return tool_wrapper(tool, self.protect)
+        
+        return wrap_tool