diff --git a/package-lock.json b/package-lock.json index 6ad2c7516f9..c800e154854 100644 --- a/package-lock.json +++ b/package-lock.json @@ -18,6 +18,7 @@ "@playwright/browser-chromium": "^1.43.1", "@resvg/resvg-js": "^2.6.2", "autoprefixer": "^10.4.14", + "aws-sigv4-fetch": "^4.0.1", "aws4": "^1.13.0", "browser-image-resizer": "^2.4.1", "date-fns": "^2.29.3", @@ -5316,6 +5317,38 @@ "postcss": "^8.1.0" } }, + "node_modules/aws-sigv4-fetch": { + "version": "4.0.1", + "resolved": "https://registry.npmjs.org/aws-sigv4-fetch/-/aws-sigv4-fetch-4.0.1.tgz", + "integrity": "sha512-sd5TbxbOB82Y3mFoux6XbRn/QbNR9hTO7Dv+y8Y0G4+xlS6rP8OJCJwtgANnB4yYAshVqvLbTo6aqTrQUpthvA==", + "dependencies": { + "@aws-crypto/sha256-js": "^5.2.0", + "@aws-sdk/credential-provider-node": "^3.609.0", + "@aws-sdk/types": "^3.609.0", + "@smithy/protocol-http": "^4.0.3", + "@smithy/signature-v4": "^3.1.2" + }, + "engines": { + "node": ">=18" + } + }, + "node_modules/aws-sigv4-fetch/node_modules/@smithy/signature-v4": { + "version": "3.1.2", + "resolved": "https://registry.npmjs.org/@smithy/signature-v4/-/signature-v4-3.1.2.tgz", + "integrity": "sha512-3BcPylEsYtD0esM4Hoyml/+s7WP2LFhcM3J2AGdcL2vx9O60TtfpDOL72gjb4lU8NeRPeKAwR77YNyyGvMbuEA==", + "dependencies": { + "@smithy/is-array-buffer": "^3.0.0", + "@smithy/types": "^3.3.0", + "@smithy/util-hex-encoding": "^3.0.0", + "@smithy/util-middleware": "^3.0.3", + "@smithy/util-uri-escape": "^3.0.0", + "@smithy/util-utf8": "^3.0.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=16.0.0" + } + }, "node_modules/aws4": { "version": "1.13.1", "resolved": "https://registry.npmjs.org/aws4/-/aws4-1.13.1.tgz", diff --git a/package.json b/package.json index e7a3b568ed6..c4bf62efa81 100644 --- a/package.json +++ b/package.json @@ -69,6 +69,7 @@ "@resvg/resvg-js": "^2.6.2", "autoprefixer": "^10.4.14", "aws4": "^1.13.0", + "aws-sigv4-fetch": "^4.0.1", "browser-image-resizer": "^2.4.1", "date-fns": "^2.29.3", "dotenv": "^16.0.3", diff --git a/src/lib/server/endpoints/aws/endpointAws.ts b/src/lib/server/endpoints/aws/endpointAws.ts index e821b6ccf0f..f9e3752c2bb 100644 --- a/src/lib/server/endpoints/aws/endpointAws.ts +++ b/src/lib/server/endpoints/aws/endpointAws.ts @@ -8,8 +8,20 @@ export const endpointAwsParametersSchema = z.object({ model: z.any(), type: z.literal("aws"), url: z.string().url(), - accessKey: z.string().min(1), - secretKey: z.string().min(1), + accessKey: z + .string({ + description: + "An AWS Access Key ID. If not provided, the default AWS identity resolution will be used", + }) + .min(1) + .optional(), + secretKey: z + .string({ + description: + "An AWS Access Key Secret. If not provided, the default AWS identity resolution will be used", + }) + .min(1) + .optional(), sessionToken: z.string().optional(), service: z.union([z.literal("sagemaker"), z.literal("lambda")]).default("sagemaker"), region: z.string().optional(), @@ -18,22 +30,23 @@ export const endpointAwsParametersSchema = z.object({ export async function endpointAws( input: z.input ): Promise { - let AwsClient; + let createSignedFetcher; try { - AwsClient = (await import("aws4fetch")).AwsClient; + createSignedFetcher = (await import("aws-sigv4-fetch")).createSignedFetcher; } catch (e) { - throw new Error("Failed to import aws4fetch"); + throw new Error("Failed to import aws-sigv4-fetch"); } const { url, accessKey, secretKey, sessionToken, model, region, service } = endpointAwsParametersSchema.parse(input); - const aws = new AwsClient({ - accessKeyId: accessKey, - secretAccessKey: secretKey, - sessionToken, + const signedFetch = createSignedFetcher({ service, region, + credentials: + accessKey && secretKey + ? { accessKeyId: accessKey, secretAccessKey: secretKey, sessionToken } + : undefined, }); return async ({ messages, preprompt, continueMessage, generateSettings }) => { @@ -52,7 +65,7 @@ export async function endpointAws( }, { use_cache: false, - fetch: aws.fetch.bind(aws) as typeof fetch, + fetch: signedFetch, } ); };