Move oauthTokens out of Session and make available via a new onSuccess option

[mthadley]

This follows the pattern that was recently introduced in workos/authkit-remix#33:

Instead of storing these tokens in the session, this branch proposes making them only available as part of the initial > callback. Developers who need access to the underlying OAuth provider's tokens and API will be responsible for persisting them in their own data store for later usage.

The equivalent usage with workos/authkit-next looks like this:

import { handleAuth } from '@workos-inc/authkit-nextjs';

export const GET = handleAuth({
  onSuccess: async ({ oauthTokens }) => {
    await saveTokens(oauthTokens);
  },
});

[linear]

AUTH-4012 Move `oauthTokens` out of `authkit-next` session cookie

[PaulAsjes]

Looks good, just some wordsmithing.