Skip to content

changes #25174

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
celia-oai wants to merge 4 commits into
base: main
Choose a base branch
from
Draft

changes #25174

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
d230360
changes
celia-oai May 30, 2026
944d7e0
changes
celia-oai May 30, 2026
bd898ba
changes
celia-oai May 30, 2026
9bc7520
changes
celia-oai May 30, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions codex-rs/Cargo.lock
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

24 changes: 24 additions & 0 deletions codex-rs/app-server-protocol/schema/json/ClientRequest.json
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

40 changes: 40 additions & 0 deletions codex-rs/app-server-protocol/schema/json/codex_app_server_protocol.schemas.json
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

40 changes: 40 additions & 0 deletions codex-rs/app-server-protocol/schema/json/codex_app_server_protocol.v2.schemas.json
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

24 changes: 24 additions & 0 deletions codex-rs/app-server-protocol/schema/json/v2/LoginAccountParams.json
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

16 changes: 16 additions & 0 deletions codex-rs/app-server-protocol/schema/json/v2/LoginAccountResponse.json
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion codex-rs/app-server-protocol/schema/typescript/v2/LoginAccountParams.ts
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion codex-rs/app-server-protocol/schema/typescript/v2/LoginAccountResponse.ts
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

6 changes: 6 additions & 0 deletions codex-rs/app-server-protocol/src/protocol/v2/account.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -79,6 +79,9 @@ pub enum LoginAccountParams {
#[ts(optional = nullable)]
chatgpt_plan_type: Option<String>,
},
#[serde(rename = "amazonBedrock", rename_all = "camelCase")]
#[ts(rename = "amazonBedrock", rename_all = "camelCase")]
AmazonBedrock { key: String, region: String },
}

#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
Expand Down Expand Up @@ -112,6 +115,9 @@ pub enum LoginAccountResponse {
#[serde(rename = "chatgptAuthTokens", rename_all = "camelCase")]
#[ts(rename = "chatgptAuthTokens", rename_all = "camelCase")]
ChatgptAuthTokens {},
#[serde(rename = "amazonBedrock", rename_all = "camelCase")]
#[ts(rename = "amazonBedrock", rename_all = "camelCase")]
AmazonBedrock {},
}

#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
Expand Down
82 changes: 82 additions & 0 deletions codex-rs/app-server/src/config_manager.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,8 @@ use codex_exec_server::LOCAL_FS;
use codex_features::feature_for_key;
use codex_login::AuthManager;
use codex_login::default_client::set_default_client_residency_requirement;
use codex_model_provider::AMAZON_BEDROCK_PROVIDER_ID;
use codex_model_provider::load_amazon_bedrock_auth;
use codex_utils_absolute_path::AbsolutePathBuf;
use codex_utils_json_to_toml::json_to_toml;
use std::collections::BTreeMap;
Expand Down Expand Up @@ -147,6 +149,86 @@ impl ConfigManager {
.await
}

pub(crate) async fn load_latest_effective_config(
&self,
fallback_cwd: Option<PathBuf>,
) -> std::io::Result<Config> {
let config = self.load_latest_config(fallback_cwd).await?;
self.apply_managed_provider_auth(config)
}

pub(crate) async fn load_effective_with_overrides(
&self,
request_overrides: Option<HashMap<String, serde_json::Value>>,
typesafe_overrides: ConfigOverrides,
) -> std::io::Result<Config> {
let apply_managed_provider_auth = Self::should_apply_managed_provider_auth(
request_overrides.as_ref(),
&typesafe_overrides,
);
let config = self
.load_with_overrides(request_overrides, typesafe_overrides)
.await?;
if apply_managed_provider_auth {
self.apply_managed_provider_auth(config)
} else {
Ok(config)
}
}

pub(crate) async fn load_effective_for_cwd(
&self,
request_overrides: Option<HashMap<String, serde_json::Value>>,
typesafe_overrides: ConfigOverrides,
cwd: Option<PathBuf>,
) -> std::io::Result<Config> {
let apply_managed_provider_auth = Self::should_apply_managed_provider_auth(
request_overrides.as_ref(),
&typesafe_overrides,
);
let config = self
.load_for_cwd(request_overrides, typesafe_overrides, cwd)
.await?;
if apply_managed_provider_auth {
self.apply_managed_provider_auth(config)
} else {
Ok(config)
}
}

fn apply_managed_provider_auth(&self, mut config: Config) -> std::io::Result<Config> {
let Some(auth) = load_amazon_bedrock_auth(&config.codex_home)? else {
return Ok(config);
};
let Some(mut provider) = config
.model_providers
.get(AMAZON_BEDROCK_PROVIDER_ID)
.cloned()
else {
warn!("managed Amazon Bedrock auth found, but provider is not configured");
return Ok(config);
};
let Some(aws) = provider.aws.as_mut() else {
warn!("managed Amazon Bedrock auth found, but provider has no AWS configuration");
return Ok(config);
};
aws.region = Some(auth.region);
config.model_provider_id = AMAZON_BEDROCK_PROVIDER_ID.to_string();
config.model_provider = provider.clone();
config
.model_providers
.insert(AMAZON_BEDROCK_PROVIDER_ID.to_string(), provider);
Ok(config)
}

fn should_apply_managed_provider_auth(
request_overrides: Option<&HashMap<String, serde_json::Value>>,
typesafe_overrides: &ConfigOverrides,
) -> bool {
typesafe_overrides.model_provider.is_none()
&& !request_overrides.is_some_and(|overrides| overrides.contains_key("model_provider"))
}

pub(crate) async fn load_latest_config_for_thread(
&self,
thread_config: &Config,
Expand Down
3 changes: 3 additions & 0 deletions codex-rs/app-server/src/request_processors.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -358,6 +358,9 @@ use codex_mcp::resolve_oauth_scopes;
use codex_memories_write::clear_memory_roots_contents;
use codex_model_provider::ProviderAccountError;
use codex_model_provider::create_model_provider;
use codex_model_provider::delete_amazon_bedrock_auth;
use codex_model_provider::is_supported_amazon_bedrock_region;
use codex_model_provider::save_amazon_bedrock_auth;
use codex_models_manager::collaboration_mode_presets::builtin_collaboration_mode_presets;
use codex_protocol::ThreadId;
use codex_protocol::config_types::CollaborationMode;
Expand Down
Loading
Loading