From a46b67031f15d3b0a20e96a1c52028e76d0b1adb Mon Sep 17 00:00:00 2001
From: Olivier Bellone <ob@stripe.com>
Date: Thu, 17 Oct 2019 22:59:12 -0700
Subject: [PATCH] Redact API key in RequestOpts debug info

---
 lib/Util/RequestOptions.php              | 15 +++++++++++++++
 tests/Stripe/Util/RequestOptionsTest.php |  7 +++++++
 2 files changed, 22 insertions(+)

diff --git a/lib/Util/RequestOptions.php b/lib/Util/RequestOptions.php
index 711632909c..4b33c60132 100644
--- a/lib/Util/RequestOptions.php
+++ b/lib/Util/RequestOptions.php
@@ -25,6 +25,21 @@ public function __construct($key = null, $headers = [], $base = null)
         $this->apiBase = $base;
     }
 
+    public function __debugInfo()
+    {
+        $redactedApiKey = strlen($this->apiKey) >= 12
+            ? (substr($this->apiKey, 0, 8)
+                . str_repeat('*', strlen($this->apiKey) - 12)
+                . substr($this->apiKey, -4))
+            : $this->apiKey;
+
+        return [
+            'apiKey' => $redactedApiKey,
+            'headers' => $this->headers,
+            'apiBase' => $this->apiBase,
+        ];
+    }
+
     /**
      * Unpacks an options array and merges it into the existing RequestOptions
      * object.
diff --git a/tests/Stripe/Util/RequestOptionsTest.php b/tests/Stripe/Util/RequestOptionsTest.php
index 4175b05457..fb9f39b7f1 100644
--- a/tests/Stripe/Util/RequestOptionsTest.php
+++ b/tests/Stripe/Util/RequestOptionsTest.php
@@ -78,4 +78,11 @@ public function testDiscardNonPersistentHeaders()
         $opts->discardNonPersistentHeaders();
         $this->assertSame(['Stripe-Account' => 'foo'], $opts->headers);
     }
+
+    public function testDebugInfo()
+    {
+        $opts = Util\RequestOptions::parse(['api_key' => 'sk_test_1234567890abcdefghijklmn']);
+        $debugInfo = print_r($opts, true);
+        $this->assertContains("sk_test_********************klmn", $debugInfo);
+    }
 }