Merge branch 'master' into chore/try-builder

c12i · Nov 13, 2023 · 074a629 · 074a629
2 parents e74579c + e373905
commit 074a629
Showing 1 changed file with 10 additions and 7 deletions.
diff --git a/src/client.rs b/src/client.rs
@@ -10,6 +10,7 @@ use openssl::base64;
 use openssl::rsa::Padding;
 use openssl::x509::X509;
 use reqwest::Client as HttpClient;
+use secrecy::{ExposeSecret, Secret};
 use serde_json::Value;
 use std::cell::RefCell;
 
@@ -25,8 +26,8 @@ pub type MpesaResult<T> = Result<T, MpesaError>;
 #[derive(Clone, Debug)]
 pub struct Mpesa<Env: ApiEnvironment> {
     client_key: String,
-    client_secret: String,
-    initiator_password: RefCell<Option<String>>,
+    client_secret: Secret<String>,
+    initiator_password: RefCell<Option<Secret<String>>>,
     pub(crate) environment: Env,
     pub(crate) http_client: HttpClient,
 }
@@ -42,6 +43,9 @@ impl<'mpesa, Env: ApiEnvironment> Mpesa<Env> {
     ///     Environment::Sandbox,
     /// );
     /// ```
+    ///
+    /// # Panics
+    /// This method can panic if a TLS backend cannot be initialized for the internal http_client
     pub fn new<S: Into<String>>(client_key: S, client_secret: S, environment: Env) -> Self {
         let http_client = HttpClient::builder()
             .connect_timeout(std::time::Duration::from_millis(10_000))
@@ -52,7 +56,7 @@ impl<'mpesa, Env: ApiEnvironment> Mpesa<Env> {
             .expect("Error building http client");
         Self {
             client_key: client_key.into(),
-            client_secret: client_secret.into(),
+            client_secret: Secret::new(client_secret.into()),
             initiator_password: RefCell::new(None),
             environment,
             http_client,
@@ -65,7 +69,7 @@ impl<'mpesa, Env: ApiEnvironment> Mpesa<Env> {
         let Some(p) = &*self.initiator_password.borrow() else {
             return DEFAULT_INITIATOR_PASSWORD.to_owned();
         };
-        p.to_owned()
+        p.expose_secret().into()
     }
 
     /// Optional in development but required for production, you will need to call this method and set your production initiator password.
@@ -82,7 +86,7 @@ impl<'mpesa, Env: ApiEnvironment> Mpesa<Env> {
     /// client.set_initiator_password("your_initiator_password");
     /// ```
     pub fn set_initiator_password<S: Into<String>>(&self, initiator_password: S) {
-        *self.initiator_password.borrow_mut() = Some(initiator_password.into());
+        *self.initiator_password.borrow_mut() = Some(Secret::new(initiator_password.into()));
     }
 
     /// Checks if the client can be authenticated
@@ -102,7 +106,6 @@ impl<'mpesa, Env: ApiEnvironment> Mpesa<Env> {
     ///
     /// # Errors
     /// Returns a `MpesaError` on failure
-    #[allow(clippy::single_char_pattern)]
     pub(crate) async fn auth(&self) -> MpesaResult<String> {
         let url = format!(
             "{}/oauth/v1/generate?grant_type=client_credentials",
@@ -111,7 +114,7 @@ impl<'mpesa, Env: ApiEnvironment> Mpesa<Env> {
         let response = self
             .http_client
             .get(&url)
-            .basic_auth(&self.client_key, Some(&self.client_secret))
+            .basic_auth(&self.client_key, Some(&self.client_secret.expose_secret()))
             .send()
             .await?;
         if response.status().is_success() {