3 files changed, 28 insertions, 1 deletions

diff --git a/src/DotNetOpenAuth.Core/Messaging/MessagePartAttribute.cs b/src/DotNetOpenAuth.Core/Messaging/MessagePartAttribute.cs
index 6fd95ee..8ef9b7e 100644
--- a/src/DotNetOpenAuth.Core/Messaging/MessagePartAttribute.cs
+++ b/src/DotNetOpenAuth.Core/Messaging/MessagePartAttribute.cs
@@ -101,6 +101,15 @@ namespace DotNetOpenAuth.Messaging {
 		}
 
 		/// <summary>
+		/// Gets or sets a value indicating whether the value contained by this property contains
+		/// sensitive information that should generally not be logged.
+		/// </summary>
+		/// <value>
+		/// <c>true</c> if this instance is security sensitive; otherwise, <c>false</c>.
+		/// </value>
+		public bool IsSecuritySensitive { get; set; }
+
+		/// <summary>
 		/// Gets or sets the minimum version of the protocol this attribute applies to
 		/// and overrides any attributes with lower values for this property.
 		/// </summary>
diff --git a/src/DotNetOpenAuth.Core/Messaging/Reflection/MessagePart.cs b/src/DotNetOpenAuth.Core/Messaging/Reflection/MessagePart.cs
index b2c4664..0f140d6 100644
--- a/src/DotNetOpenAuth.Core/Messaging/Reflection/MessagePart.cs
+++ b/src/DotNetOpenAuth.Core/Messaging/Reflection/MessagePart.cs
@@ -115,6 +115,7 @@ namespace DotNetOpenAuth.Messaging.Reflection {
 			this.RequiredProtection = attribute.RequiredProtection;
 			this.IsRequired = attribute.IsRequired;
 			this.AllowEmpty = attribute.AllowEmpty;
+			this.IsSecuritySensitive = attribute.IsSecuritySensitive;
 			this.memberDeclaredType = (this.field != null) ? this.field.FieldType : this.property.PropertyType;
 			this.defaultMemberValue = DeriveDefaultValue(this.memberDeclaredType);
 
@@ -189,6 +190,15 @@ namespace DotNetOpenAuth.Messaging.Reflection {
 		internal bool IsConstantValueAvailableStatically { get; set; }
 
 		/// <summary>
+		/// Gets or sets a value indicating whether the value contained by this property contains
+		/// sensitive information that should generally not be logged.
+		/// </summary>
+		/// <value>
+		/// <c>true</c> if this instance is security sensitive; otherwise, <c>false</c>.
+		/// </value>
+		internal bool IsSecuritySensitive { get; set; }
+
+		/// <summary>
 		/// Gets the static constant value for this message part without a message instance.
 		/// </summary>
 		internal string StaticConstantValue {
diff --git a/src/DotNetOpenAuth.Core/Util.cs b/src/DotNetOpenAuth.Core/Util.cs
index e9d617a..3babba5 100644
--- a/src/DotNetOpenAuth.Core/Util.cs
+++ b/src/DotNetOpenAuth.Core/Util.cs
@@ -16,6 +16,7 @@ namespace DotNetOpenAuth {
 
 	using DotNetOpenAuth.Configuration;
 	using DotNetOpenAuth.Messaging;
+	using DotNetOpenAuth.Messaging.Reflection;
 
 	/// <summary>
 	/// A grab-bag utility class.
@@ -105,9 +106,16 @@ namespace DotNetOpenAuth {
 					////Contract.Requires(pairs != null); // CC: anonymous method can't handle it
 					ErrorUtilities.VerifyArgumentNotNull(pairs, "pairs");
 					var dictionary = pairs as IDictionary<K, V>;
+					var messageDictionary = pairs as MessageDictionary;
 					StringBuilder sb = new StringBuilder(dictionary != null ? dictionary.Count * 40 : 200);
 					foreach (var pair in pairs) {
-						sb.AppendFormat("\t{0}: {1}{2}", pair.Key, pair.Value, Environment.NewLine);
+						var key = pair.Key.ToString();
+						string value = pair.Value.ToString();
+						if (messageDictionary != null && messageDictionary.Description.Mapping[key].IsSecuritySensitive) {
+							value = "********";
+						}
+
+						sb.AppendFormat("\t{0}: {1}{2}", key, value, Environment.NewLine);
 					}
 					return sb.ToString();
 				});