Skip to content

Commit

Permalink
fix: bail out of experimental request signing early if api key is ove…
Browse files Browse the repository at this point in the history 
…rridden (#1122)

* fix: bail out of experimental request signing early if api key is overridden

* typo
  • Loading branch information
@charliecruzan-stripe
charliecruzan-stripe committed Oct 4, 2023
1 parent 9f3b3ba commit 574d595
Show file tree
Hide file tree
Showing 2 changed files with 43 additions and 1 deletion.
3 changes: 2 additions & 1 deletion pkg/config/profile.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -498,8 +498,9 @@ const (
)

// GetExperimentalFields returns a struct of the profile's experimental fields. These fields are only ever additive in functionality.
// If the API key is being overridden, via the --api-key flag or STRIPE_API_KEY env variable, this returns an empty struct.
func (p *Profile) GetExperimentalFields() ExperimentalFields {
if err := viper.ReadInConfig(); err == nil {
if err := viper.ReadInConfig(); err == nil && os.Getenv("STRIPE_API_KEY") == "" && p.APIKey == "" {
name := viper.GetString(p.GetConfigField(experimentalContextualName))
privKey := viper.GetString(p.GetConfigField(experimentalPrivateKey))
headers := viper.GetString(p.GetConfigField(experimentalStripeHeaders))
Expand Down
41 changes: 41 additions & 0 deletions pkg/config/profile_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -202,6 +202,47 @@ func TestOldProfileDeleted(t *testing.T) {
cleanUp(c.ProfilesFile)
}

func TestExperimentalFieldsEmptyWhenAPIKeyIsOverridden(t *testing.T) {
profilesFile := filepath.Join(os.TempDir(), "stripe", "config.toml")
p := Profile{
ProfileName: "tests",
DeviceName: "st-testing",
TestModeAPIKey: "sk_test_123",
DisplayName: "test-account-display-name",
}
c := &Config{
Color: "auto",
LogLevel: "info",
Profile: p,
ProfilesFile: profilesFile,
}
c.InitConfig()

v := viper.New()

v.SetConfigFile(profilesFile)
err := p.writeProfile(v)
require.NoError(t, err)

require.FileExists(t, c.ProfilesFile)

require.NoError(t, err)

p.WriteConfigField("experimental.stripe_headers", "test-headers")
p.WriteConfigField("experimental.contextual_name", "test-name")
p.WriteConfigField("experimental.private_key", "test-key")

os.Setenv("STRIPE_API_KEY", "from-env")
defer os.Unsetenv("STRIPE_API_KEY")

experimentalFields := p.GetExperimentalFields()
require.Equal(t, "", experimentalFields.ContextualName)
require.Equal(t, "", experimentalFields.StripeHeaders)
require.Equal(t, "", experimentalFields.PrivateKey)

cleanUp(c.ProfilesFile)
}

func helperLoadBytes(t *testing.T, name string) []byte {
bytes, err := os.ReadFile(name)
if err != nil {
Expand Down

0 comments on commit 574d595

Please sign in to comment.