diff --git a/codex-rs/Cargo.lock b/codex-rs/Cargo.lock index 5453111e6a95..488844274d8a 100644 --- a/codex-rs/Cargo.lock +++ b/codex-rs/Cargo.lock @@ -2864,7 +2864,6 @@ dependencies = [ "codex-protocol", "http 1.4.0", "pretty_assertions", - "tokio", ] [[package]] diff --git a/codex-rs/model-provider/Cargo.toml b/codex-rs/model-provider/Cargo.toml index ad8cad4e81f5..72fee813547e 100644 --- a/codex-rs/model-provider/Cargo.toml +++ b/codex-rs/model-provider/Cargo.toml @@ -21,7 +21,6 @@ codex-login = { workspace = true } codex-model-provider-info = { workspace = true } codex-protocol = { workspace = true } http = { workspace = true } -tokio = { workspace = true, features = ["sync"] } [dev-dependencies] pretty_assertions = { workspace = true } diff --git a/codex-rs/model-provider/src/amazon_bedrock/auth.rs b/codex-rs/model-provider/src/amazon_bedrock/auth.rs index 7b6eb36b2e90..b6fcfdc1195b 100644 --- a/codex-rs/model-provider/src/amazon_bedrock/auth.rs +++ b/codex-rs/model-provider/src/amazon_bedrock/auth.rs @@ -3,7 +3,6 @@ use std::sync::Arc; use codex_api::AuthError; use codex_api::AuthProvider; use codex_api::SharedAuthProvider; -use codex_aws_auth::AwsAuthConfig; use codex_aws_auth::AwsAuthContext; use codex_aws_auth::AwsAuthError; use codex_aws_auth::AwsRequestToSign; @@ -14,7 +13,6 @@ use codex_model_provider_info::ModelProviderAwsAuthInfo; use codex_protocol::error::CodexErr; use codex_protocol::error::Result; use http::HeaderMap; -use tokio::sync::OnceCell; use crate::BearerAuthProvider; @@ -25,14 +23,8 @@ const AWS_BEARER_TOKEN_BEDROCK_ENV_VAR: &str = "AWS_BEARER_TOKEN_BEDROCK"; const LEGACY_SESSION_ID_HEADER: &str = "session_id"; enum BedrockAuthMethod { - EnvBearerToken { - token: String, - region: String, - }, - AwsSdkAuth { - config: AwsAuthConfig, - context: AwsAuthContext, - }, + EnvBearerToken { token: String, region: String }, + AwsSdkAuth { context: AwsAuthContext }, } async fn resolve_auth_method(aws: &ModelProviderAwsAuthInfo) -> Result { @@ -42,10 +34,10 @@ async fn resolve_auth_method(aws: &ModelProviderAwsAuthInfo) -> Result Ok(Arc::new( - BedrockMantleSigV4AuthProvider::with_context(config, context), - )), + BedrockAuthMethod::AwsSdkAuth { context } => { + Ok(Arc::new(BedrockMantleSigV4AuthProvider::new(context))) + } } } @@ -109,25 +101,12 @@ fn remove_headers_not_preserved_by_bedrock_mantle(headers: &mut HeaderMap) { /// AWS SigV4 auth provider for Bedrock Mantle OpenAI-compatible requests. #[derive(Debug)] struct BedrockMantleSigV4AuthProvider { - config: AwsAuthConfig, - context: OnceCell, + context: AwsAuthContext, } impl BedrockMantleSigV4AuthProvider { - fn with_context(config: AwsAuthConfig, context: AwsAuthContext) -> Self { - let cell = OnceCell::new(); - let _ = cell.set(context); - Self { - config, - context: cell, - } - } - - async fn context(&self) -> std::result::Result<&AwsAuthContext, AuthError> { - self.context - .get_or_try_init(|| AwsAuthContext::load(self.config.clone())) - .await - .map_err(aws_auth_error_to_auth_error) + fn new(context: AwsAuthContext) -> Self { + Self { context } } } @@ -139,8 +118,8 @@ impl AuthProvider for BedrockMantleSigV4AuthProvider { let mut request = request; remove_headers_not_preserved_by_bedrock_mantle(&mut request.headers); let prepared = request.prepare_body_for_send().map_err(AuthError::Build)?; - let context = self.context().await?; - let signed = context + let signed = self + .context .sign(AwsRequestToSign { method: request.method.clone(), url: request.url.clone(),