Replace locking dependency with natively supported Web Locks API

[fermentfan]

Checklist

• [x] I have looked into the Readme, Examples, and FAQ and have not found a suitable solution or answer.
• [x] I have looked into the documentation and API documentation, and have not found a suitable solution or answer.
• [x] I have searched the issues and have not found a suitable solution or answer.
• [x] I have searched the Auth0 Community forums and have not found a suitable solution or answer.
• [x] I agree to the terms within the Auth0 Code of Conduct.

Describe the problem you'd like to have solved

Using refresh tokens doesn't use a true locking mechanism. It can run into problems when multiple processes try to use it to get a new access token, because a refresh token can only be used once.

Describe the ideal solution

Replace the browser-tabs-lock dependency with the official natively supported Web Locks API.

Alternatives and current workarounds

No response

Additional context

I found out about the relatively new Web Locks API and researched how Auth0 SPA JS handles locking for refresh tokens. I was baffled to find out that it's using a 2 year old dependency version. Please replace it with the native browse API as it also finally has true locking capabilities!

https://developer.mozilla.org/en-US/docs/Web/API/Web_Locks_API

The current dependency also recommended using this API in 2023 (when it was only available to Google Chrome).

[gyaneshgouraw-okta]

Hey @fermentfan thanks for raising request and concern. We'll evaluate it against our browser compatibility requirements and explore implementation. We'll update this thread once we have progress.