Merge pull request alexrudall#517 from samwaree/hide-sensitive-info-inspect

alexrudall · web-flow · commit 3c9411f3f72b · 2024-09-13T18:01:24.000+01:00
Hide sensitive info when inspecting client
diff --git a/lib/openai/client.rb b/lib/openai/client.rb
@@ -2,6 +2,7 @@ module OpenAI
   class Client
     include OpenAI::HTTP
 
+    SENSITIVE_ATTRIBUTES = %i[@access_token @organization_id @extra_headers].freeze
     CONFIG_KEYS = %i[
       api_type
       api_version
@@ -107,5 +108,15 @@ def beta(apis)
         client.add_headers("OpenAI-Beta": apis.map { |k, v| "#{k}=#{v}" }.join(";"))
       end
     end
+
+    def inspect
+      vars = instance_variables.map do |var|
+        value = instance_variable_get(var)
+
+        SENSITIVE_ATTRIBUTES.include?(var) ? "#{var}=[REDACTED]" : "#{var}=#{value.inspect}"
+      end
+
+      "#<#{self.class}:#{object_id} #{vars.join(', ')}>"
+    end
   end
 end
diff --git a/spec/openai/client/client_spec.rb b/spec/openai/client/client_spec.rb
@@ -133,4 +133,34 @@
       expect(connection.builder.handlers).to include Faraday::Response::Logger
     end
   end
+
+  context "when calling inspect" do
+    let(:api_key) { "sk-123456789" }
+    let(:organization_id) { "org-123456789" }
+    let(:extra_headers) { { "Other-Auth": "key-123456789" } }
+    let(:uri_base) { "https://example.com/" }
+    let(:request_timeout) { 500 }
+    let(:client) do
+      OpenAI::Client.new(
+        uri_base: uri_base,
+        request_timeout: request_timeout,
+        access_token: api_key,
+        organization_id: organization_id,
+        extra_headers: extra_headers
+      )
+    end
+
+    it "does not expose sensitive information" do
+      expect(client.inspect).not_to include(api_key)
+      expect(client.inspect).not_to include(organization_id)
+      expect(client.inspect).not_to include(extra_headers[:"Other-Auth"])
+    end
+
+    it "does expose non-sensitive information" do
+      expect(client.inspect).to include(uri_base.inspect)
+      expect(client.inspect).to include(request_timeout.inspect)
+      expect(client.inspect).to include(client.object_id.to_s)
+      expect(client.inspect).to include(client.class.to_s)
+    end
+  end
 end
