Skip to content

Conversation

@fmenezes
Copy link
Collaborator

@fmenezes fmenezes commented Apr 11, 2025

fixes #39

@fmenezes fmenezes marked this pull request as ready for review April 11, 2025 10:30
Copy link
Collaborator

@blva blva left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

README.md Outdated
| ------------------ | --------------------------------------------------------------------------- |
| `apiClientId` | Atlas API client ID for authentication |
| `apiClientSecret` | Atlas API client secret for authentication |
| `stateFile` | Path to store application state (default ~/.mongodb/mongodb-mcp/state.json) |
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We can drop this now - I forgot to remove it as part of #48 😅

README.md Outdated
| `apiClientId` | Atlas API client ID for authentication |
| `apiClientSecret` | Atlas API client secret for authentication |
| `stateFile` | Path to store application state (default ~/.mongodb/mongodb-mcp/state.json) |
| `connectionString` | MongoDB connection string for direct database connections |
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should probably indicate this is optional and if not provided, the connect tool should be used.

code?: OauthDeviceCode;
token?: OAuthToken;
};
connectionString?: string;
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Per slack discussion, let's drop the connection string storage and rely on users either providing it every time or supplying it as env variable. I know this will turn the credentials field to an empty object, but we could keep it around for persisting sensitive data after we go through security review. It will also allow the security team to review the mechanisms we intend to use for secure storage.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

will do that on a follow up PR

super(state);
}

protected async ensureAuthenticated(): Promise<void> {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
protected async ensureAuthenticated(): Promise<void> {
protected ensureAuthenticated(): void {

super(state);
}

protected async ensureAuthenticated(): Promise<void> {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
protected async ensureAuthenticated(): Promise<void> {
protected ensureAuthenticated(): asserts this is { apiClient: ApiClient } {

should let you get rid of all ! if you remove the await-s

@fmenezes fmenezes merged commit 9e09c1e into main Apr 11, 2025
2 checks passed
@fmenezes fmenezes deleted the fmenezes/serviceAccounts branch April 11, 2025 10:55
nirinchev added a commit that referenced this pull request Apr 11, 2025
* main:
  feat: change Atlas API auth to service accounts (#59)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

[Atlas] Use service accounts for auth

4 participants