From e62d0a997089ee324fe1190db694aa26b8dba557 Mon Sep 17 00:00:00 2001
From: Collins Muriuki <hello@collinsmuriuki.xyz>
Date: Thu, 9 Nov 2023 16:22:44 +0300
Subject: [PATCH] Additionally mask initiator password'

---
 src/client.rs | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/client.rs b/src/client.rs
index 8a734677e..a2ae488f5 100644
--- a/src/client.rs
+++ b/src/client.rs
@@ -26,7 +26,7 @@ pub type MpesaResult<T> = Result<T, MpesaError>;
 pub struct Mpesa<Env: ApiEnvironment> {
     client_key: String,
     client_secret: Secret<String>,
-    initiator_password: RefCell<Option<String>>,
+    initiator_password: RefCell<Option<Secret<String>>>,
     pub(crate) environment: Env,
     pub(crate) http_client: HttpClient,
 }
@@ -65,7 +65,7 @@ impl<'mpesa, Env: ApiEnvironment> Mpesa<Env> {
         let Some(p) = &*self.initiator_password.borrow() else {
             return DEFAULT_INITIATOR_PASSWORD.to_owned();
         };
-        p.to_owned()
+        p.expose_secret().into()
     }
 
     /// Optional in development but required for production, you will need to call this method and set your production initiator password.
@@ -82,7 +82,7 @@ impl<'mpesa, Env: ApiEnvironment> Mpesa<Env> {
     /// client.set_initiator_password("your_initiator_password");
     /// ```
     pub fn set_initiator_password<S: Into<String>>(&self, initiator_password: S) {
-        *self.initiator_password.borrow_mut() = Some(initiator_password.into());
+        *self.initiator_password.borrow_mut() = Some(Secret::new(initiator_password.into()));
     }
 
     /// Checks if the client can be authenticated