From 574d595ffc4eaa37666dff3c5df956132b57797b Mon Sep 17 00:00:00 2001
From: charliecruzan-stripe
 <97612659+charliecruzan-stripe@users.noreply.github.com>
Date: Wed, 4 Oct 2023 18:56:22 -0400
Subject: [PATCH] fix: bail out of experimental request signing early if api
 key is overridden (#1122)

* fix: bail out of experimental request signing early if api key is overridden

* typo
---
 pkg/config/profile.go      |  3 ++-
 pkg/config/profile_test.go | 41 ++++++++++++++++++++++++++++++++++++++
 2 files changed, 43 insertions(+), 1 deletion(-)

diff --git a/pkg/config/profile.go b/pkg/config/profile.go
index 923a5de0..62aa28c3 100644
--- a/pkg/config/profile.go
+++ b/pkg/config/profile.go
@@ -498,8 +498,9 @@ const (
 )
 
 // GetExperimentalFields returns a struct of the profile's experimental fields. These fields are only ever additive in functionality.
+// If the API key is being overridden, via the --api-key flag or STRIPE_API_KEY env variable, this returns an empty struct.
 func (p *Profile) GetExperimentalFields() ExperimentalFields {
-	if err := viper.ReadInConfig(); err == nil {
+	if err := viper.ReadInConfig(); err == nil && os.Getenv("STRIPE_API_KEY") == "" && p.APIKey == "" {
 		name := viper.GetString(p.GetConfigField(experimentalContextualName))
 		privKey := viper.GetString(p.GetConfigField(experimentalPrivateKey))
 		headers := viper.GetString(p.GetConfigField(experimentalStripeHeaders))
diff --git a/pkg/config/profile_test.go b/pkg/config/profile_test.go
index da890f9b..46ecb5bf 100644
--- a/pkg/config/profile_test.go
+++ b/pkg/config/profile_test.go
@@ -202,6 +202,47 @@ func TestOldProfileDeleted(t *testing.T) {
 	cleanUp(c.ProfilesFile)
 }
 
+func TestExperimentalFieldsEmptyWhenAPIKeyIsOverridden(t *testing.T) {
+	profilesFile := filepath.Join(os.TempDir(), "stripe", "config.toml")
+	p := Profile{
+		ProfileName:    "tests",
+		DeviceName:     "st-testing",
+		TestModeAPIKey: "sk_test_123",
+		DisplayName:    "test-account-display-name",
+	}
+	c := &Config{
+		Color:        "auto",
+		LogLevel:     "info",
+		Profile:      p,
+		ProfilesFile: profilesFile,
+	}
+	c.InitConfig()
+
+	v := viper.New()
+
+	v.SetConfigFile(profilesFile)
+	err := p.writeProfile(v)
+	require.NoError(t, err)
+
+	require.FileExists(t, c.ProfilesFile)
+
+	require.NoError(t, err)
+
+	p.WriteConfigField("experimental.stripe_headers", "test-headers")
+	p.WriteConfigField("experimental.contextual_name", "test-name")
+	p.WriteConfigField("experimental.private_key", "test-key")
+
+	os.Setenv("STRIPE_API_KEY", "from-env")
+	defer os.Unsetenv("STRIPE_API_KEY")
+
+	experimentalFields := p.GetExperimentalFields()
+	require.Equal(t, "", experimentalFields.ContextualName)
+	require.Equal(t, "", experimentalFields.StripeHeaders)
+	require.Equal(t, "", experimentalFields.PrivateKey)
+
+	cleanUp(c.ProfilesFile)
+}
+
 func helperLoadBytes(t *testing.T, name string) []byte {
 	bytes, err := os.ReadFile(name)
 	if err != nil {