DavidMuller · Envek · Feb 2, 2021
diff --git a/aws_requests_auth/aws_auth.py b/aws_requests_auth/aws_auth.py
@@ -129,6 +129,10 @@ def get_aws_request_headers(self, r, aws_access_key, aws_secret_access_key, aws_
         if aws_token:
             signed_headers += ';x-amz-security-token'
 
+        # Materialize body if it is a generator (e.g. toolbelt's MultipartEncoder instance)
+        if r.body and hasattr(r.body, 'to_string'):
+            r.body = r.body.to_string()
+
         # Create payload hash (hash of the request body content). For GET
         # requests, the payload is an empty string ('').
         body = r.body if r.body else bytes()

diff --git a/aws_requests_auth/tests/test_aws_auth.py b/aws_requests_auth/tests/test_aws_auth.py
@@ -5,6 +5,7 @@
 import unittest
 
 from aws_requests_auth.aws_auth import AWSRequestsAuth
+from requests_toolbelt.multipart.encoder import MultipartEncoder
 
 
 class TestAWSRequestsAuth(unittest.TestCase):
@@ -153,6 +154,35 @@ def test_auth_for_post_with_str_body(self):
 
         }, mock_request.headers)
 
+    def test_auth_for_post_with_multipart_body(self):
+        auth = AWSRequestsAuth(aws_access_key='YOURKEY',
+                               aws_secret_access_key='YOURSECRET',
+                               aws_host='search-foo.us-east-1.es.amazonaws.com',
+                               aws_region='us-east-1',
+                               aws_service='es')
+        url = 'http://search-foo.us-east-1.es.amazonaws.com:80/'
+        mock_request = mock.Mock()
+        mock_request.url = url
+        mock_request.method = "POST"
+        mock_request.body = MultipartEncoder(fields={'foo': 'bar'}, boundary='test')
+        mock_request.headers = {
+            'Content-Type': 'multipart/form-data; boundary=test',
+        }
+
+        frozen_datetime = datetime.datetime(2016, 6, 18, 22, 4, 5)
+        with mock.patch('datetime.datetime') as mock_datetime:
+            mock_datetime.utcnow.return_value = frozen_datetime
+            auth(mock_request)
+        self.assertEqual({
+            'Authorization': 'AWS4-HMAC-SHA256 Credential=YOURKEY/20160618/us-east-1/es/aws4_request, '
+                             'SignedHeaders=host;x-amz-date, '
+                             'Signature=3a49a96a093e8ae5a9c59827117741d1627d8462eac7542220dabc317e92b1f7',
+            'Content-Type': 'multipart/form-data; boundary=test',
+            'x-amz-date': '20160618T220405Z',
+            'x-amz-content-sha256': hashlib.sha256(mock_request.body).hexdigest(),
+
+        }, mock_request.headers)
+
     @unittest.skipIf(
         int(sys.version[0]) > 2,
         'python3 produces a different hash that we\'re comparing.',