feat: add AWS SigV4 auth for OpenAI-compatible model providers

[celia-oai]

Summary

Add first-class Amazon Bedrock Mantle provider support so Codex can keep using its existing Responses API transport with OpenAI-compatible AWS-hosted endpoints such as AOA/Mantle.

This is needed for the AWS launch path, where provider traffic should authenticate with AWS credentials instead of OpenAI bearer credentials. Requests are authenticated immediately before transport send, so SigV4 signs the final method, URL, headers, and body bytes that reqwest will send.

What Changed

• Added a new codex-aws-auth crate for loading AWS SDK config, resolving credentials, and signing finalized HTTP requests with AWS SigV4.
• Added a built-in amazon-bedrock provider that targets Bedrock Mantle Responses endpoints, defaults to us-east-1, supports region/profile overrides, disables WebSockets, and does not require OpenAI auth.
• Added Amazon Bedrock auth resolution in codex-model-provider: prefer AWS_BEARER_TOKEN_BEDROCK when set, otherwise use AWS SDK credentials and SigV4 signing.
• Added AuthProvider::apply_auth and Request::prepare_body_for_send so request-signing providers can sign the exact outbound request after JSON serialization/compression.
• Determine the region by taking the aws.region config first (required for bearer token codepath), and fallback to SDK default region.

Testing

Amazon Bedrock Mantle Responses paths:

• Built the local Codex binary with cargo build.
• Verified the custom proxy-backed aws provider using env_key = "AWS_BEARER_TOKEN_BEDROCK" streamed raw responses output with response.output_text.delta, response.completed, and mantle-env-ok.
• Verified a full codex exec --profile aws turn returned mantle-env-ok.
• Confirmed the custom provider used the bearer env var, not AWS profile auth: bogus AWS_PROFILE still passed, empty env var failed locally, and malformed env var reached Mantle and failed with 401 invalid_api_key.
• Verified built-in amazon-bedrock with AWS_BEARER_TOKEN_BEDROCK set passed despite bogus AWS profiles, returning amazon-bedrock-env-ok.
• Verified built-in amazon-bedrock SDK/SigV4 auth passed with AWS_BEARER_TOKEN_BEDROCK unset and temporary AWS session env credentials, returning amazon-bedrock-sdk-env-ok.

[celia-oai]

not a huge fan of this code that reads region from api key, feels very error prone. so I changed the logic back to reading from config. I can add this back as a fallback if needed.

pub fn region_from_bedrock_bearer_token(token: &str) -> Result<String, AwsAuthError> {
    const PREFIX: &str = "bedrock-api-key-";

    let token_body = token
        .trim()
        .strip_prefix(PREFIX)
        .ok_or_else(|| invalid_bedrock_bearer_token("missing bedrock-api-key prefix"))?;
    let encoded_token = token_body
        .split_once("&Version=")
        .map_or(token_body, |(encoded, _)| encoded);
    let decoded = general_purpose::STANDARD
        .decode(encoded_token)
        .map_err(|_| invalid_bedrock_bearer_token("base64 payload could not be decoded"))?;
    let decoded = String::from_utf8(decoded)
        .map_err(|_| invalid_bedrock_bearer_token("decoded payload is not UTF-8"))?;
    let decoded_url = if decoded.starts_with("http://") || decoded.starts_with("https://") {
        decoded
    } else {
        format!("https://{decoded}")
    };
    let url = Url::parse(&decoded_url)
        .map_err(|_| invalid_bedrock_bearer_token("decoded payload is not a URL"))?;
    let credential = url
        .query_pairs()
        .find_map(|(key, value)| (key == "X-Amz-Credential").then_some(value.into_owned()))
        .ok_or_else(|| invalid_bedrock_bearer_token("missing X-Amz-Credential"))?;
    let mut parts = credential.split('/');
    let _access_key = parts.next();
    let _date = parts.next();
    let region = parts
        .next()
        .filter(|region| !region.trim().is_empty())
        .ok_or_else(|| invalid_bedrock_bearer_token("credential scope is missing region"))?;

    Ok(region.to_string())
}

[pakrym-oai]

a bit funky to pull out aws from provider_info that already carries it. non blocking

[celia-oai]

I think the goal is to eventually pull out provider info so I left this shape, but happy to collapse if you think it's better

[pakrym-oai]

does amazon sdk not resolve this?

[celia-oai]

nope, this is the only one outside of sdk path because it's bearer token based

[pakrym-oai]

do we ever create without context?

[pakrym-oai]

Seems like with_context always sets a value.

[celia-oai]

I think there's some benefit of lazy-loading, so I kept this logic. lmk what you think

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 98df4aab9d

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".