Add comprehensive demo applications showcasing OpenFGA operator capabilities

[Copilot]

This PR implements two comprehensive demo applications that showcase the OpenFGA operator's capabilities for different use cases, addressing the requirements to enhance the repository for demoing purposes.

Banking Application Demo

A complete Node.js/TypeScript microservice demonstrating fine-grained authorization for financial operations:

• Comprehensive Banking Domain Model: Implements a realistic banking authorization model with entities for banks, branches, accounts, transactions, and loans
• Role-Based Access Control: Supports customer, teller, manager, loan officer, and admin roles with appropriate permissions
• RESTful API: Full CRUD operations for accounts, transactions, and loans with OpenFGA authorization middleware
• Real-world Scenarios: Account ownership, co-ownership, authorized users, transaction approvals, and loan processing workflows

GenAI RAG Agent Demo

A sophisticated Python/FastAPI application implementing a Retrieval Augmented Generation agent with OpenFGA authorization, inspired by the Auth0 GenAI blog post:

• Document-Level Authorization: Fine-grained access controls for knowledge base documents and collections
• AI Model Permissions: Role-based access to different AI models (GPT-3.5, GPT-4, Claude, etc.)
• Secure RAG Pipeline: Query processing that filters retrieved content based on user permissions
• Session Management: Secure chat sessions with participant controls and audit logging
• Multiple AI Provider Support: Integration with OpenAI, with extensible architecture for other providers

Key Features

Both demos include:

• Production-Ready Code: TypeScript/Node.js and Python/FastAPI with proper error handling, logging, and security
• OpenFGA Integration: Custom authorization models tailored for each domain with relationship-based access control
• Kubernetes Deployment: Complete deployment manifests with security configurations and secrets management
• Docker Support: Multi-stage builds with security best practices and health checks
• Comprehensive Documentation: Detailed setup instructions, API examples, and authorization scenarios
• Demo Data Setup: Automated scripts to initialize OpenFGA stores, models, and sample data

Authorization Models

Banking Model

• Hierarchical Structure: Bank → Branch → Account relationships with inherited permissions
• Multi-ownership Support: Joint accounts, co-borrowers, and authorized users
• Transaction Controls: Owner/editor permissions for money transfers with proper approval workflows

GenAI Model

• Knowledge Management: Organizations → Knowledge Bases → Documents with curator/contributor/reader roles
• AI Resource Control: Model usage permissions and session-based access controls
• Content Filtering: RAG responses filtered by document-level permissions

Usage Examples

# Banking Demo - Create account and transfer money
curl -X POST http://localhost:3000/api/accounts \
  -H "x-user-id: alice" \
  -d '{"accountNumber": "12345", "accountType": "checking", "initialBalance": 1000}'

curl -X POST http://localhost:3000/api/transactions \
  -H "x-user-id: alice" \
  -d '{"fromAccountId": "acc_12345", "toAccountId": "acc_67890", "amount": 100}'

# GenAI Demo - Query knowledge base with authorization
curl -X POST http://localhost:8000/api/chat/sessions \
  -H "x-user-id: alice" \
  -d '{"name": "AI Chat", "knowledge_base_ids": ["kb_demo"], "model_id": "gpt-3.5-turbo"}'

curl -X POST http://localhost:8000/api/chat/sessions/SESSION_ID/query \
  -H "x-user-id: alice" \
  -d '{"question": "What is OpenFGA and how does it work?"}'

These demos provide concrete examples of how to implement OpenFGA in real-world applications, making it easier for developers to understand and adopt fine-grained authorization patterns.

---

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.