CLOUDP-180059: Service Accounts Example (#465)

Author: wtrocki

examples/auth/basic_client.go

@@ -3,9 +3,10 @@ package main
 import (
 	"context"
 	"fmt"
-	"go.mongodb.org/atlas-sdk/v20241023001/admin"
 	"log"
 	"os"
+
+	"go.mongodb.org/atlas-sdk/v20241023001/admin"
 )
 
 // Basic example for Service Account OAuth Authentication
@@ -33,17 +34,7 @@ func main() {
 		log.Fatalf("Error: %v", err)
 	}
 
-	request := sdk.ProjectsApi.ListProjectsWithParams(ctx,
-		&admin.ListProjectsApiParams{
-			ItemsPerPage: admin.PtrInt(1),
-			IncludeCount: admin.PtrBool(true),
-			PageNum:      admin.PtrInt(1),
-		})
-
-	if err != nil {
-		log.Fatalf("Error making request: %v", err)
-	}
-	projects, _, err := request.IncludeCount(true).PageNum(1).Execute()
+	projects, _, err := sdk.ProjectsApi.ListProjectsWithParams(ctx,&admin.ListProjectsApiParams{}).Execute()
 	if err != nil {
 		log.Fatalf("Error: %v", err)
 	}

examples/auth_advanced/advanced_client.go

@@ -63,21 +63,10 @@ func main() {
 		log.Fatalf("Error: %v", err)
 	}
 
-	request := sdk.ProjectsApi.ListProjectsWithParams(ctx,
-		&admin.ListProjectsApiParams{
-			ItemsPerPage: admin.PtrInt(1),
-			IncludeCount: admin.PtrBool(true),
-			PageNum:      admin.PtrInt(1),
-		})
-
+	projects, _, err := sdk.ProjectsApi.ListProjectsWithParams(ctx,&admin.ListProjectsApiParams{}).Execute()
 	if err != nil {
 		log.Fatalf("Error making request: %v", err)
 	}
-	projects, _, err := request.IncludeCount(true).PageNum(1).Execute()
-	if err != nil {
-		log.Fatalf("Error: %v", err)
-	}
-
 	if projects.Results == nil {
 		fmt.Printf("projects should not be empty:  %v", projects)
 	}

examples/service_account/sa_management.go

@@ -0,0 +1,85 @@
+package main
+
+import (
+	"context"
+	"fmt"
+	"log"
+	"os"
+
+	"go.mongodb.org/atlas-sdk/v20241023001/admin"
+)
+
+// Example for Service Account Management API
+// Example uses Service Account to create Service Account.
+// Please ensure that Service Account has organizational admin permission.
+
+// Required env variables to run example:
+// export MONGODB_ATLAS_CLIENT_ID="your_client_id"
+// export MONGODB_ATLAS_CLIENT_SECRET="your_client_secret"
+// export MONGODB_ATLAS_ORG="your_org_id"
+func main() {
+	host := os.Getenv("MONGODB_ATLAS_URL")
+	if host == "" {
+		host = "https://cloud.mongodb.com"
+	}
+
+	// Fetch clientID and clientSecret from environment variables
+	clientID := os.Getenv("MONGODB_ATLAS_CLIENT_ID")
+	clientSecret := os.Getenv("MONGODB_ATLAS_CLIENT_SECRET")
+	org := os.Getenv("MONGODB_ATLAS_ORG")
+
+	if clientID == "" || clientSecret == "" || org == "" {
+		log.Fatal("Missing required environment variables")
+	}
+
+	ctx := context.Background()
+	sdk, err := admin.NewClient(
+		admin.UseBaseURL(host),
+		admin.UseOAuthAuth(clientID, clientSecret, nil),
+	)
+	if err != nil {
+		log.Fatalf("Error: %v", err)
+	}
+
+	// 1. Create Service Account
+	request := sdk.ServiceAccountsApi.CreateServiceAccount(ctx, org, admin.NewOrgServiceAccountRequest("SA created by sdk-example",
+		"example", []string{"ORG_OWNER"}, 365*24))
+	sa, _, err := request.Execute()
+	if err != nil {
+		log.Fatalf("Error: %v", err)
+	}
+
+	// 2. Rotate secret
+	newSecret, _, err := sdk.ServiceAccountsApi.CreateServiceAccountSecret(ctx,  org, *sa.ClientId, &admin.ServiceAccountSecretRequest{
+		SecretExpiresAfterHours: 365*24,
+	}).Execute();
+	if err != nil {
+		log.Fatalf("Error: %v", err)
+	}
+
+	// 3. Delete rotated secret
+	_,  err = sdk.ServiceAccountsApi.DeleteServiceAccountSecret(ctx, *sa.ClientId, sa.GetSecrets()[0].Id, org).Execute();
+	if err != nil {
+		log.Fatalf("Error: %v", err)
+	}
+
+	// 4. Create new SDK client using New Service Account
+	newSDK, err := admin.NewClient(
+		admin.UseBaseURL(host),
+		// 4.1 Using ClientId and Secret returned by API
+		// API might have up to 2 secrets
+		admin.UseOAuthAuth(*sa.ClientId, *newSecret.Secret, nil),
+	)
+
+	// 5. Make request using new Service Account
+	projects, _, err := newSDK.ProjectsApi.ListProjectsWithParams(ctx,
+		&admin.ListProjectsApiParams{}).Execute()
+	if err != nil {
+		log.Fatalf("Error: %v", err)
+	}
+
+	fmt.Printf("Projects size: %v", *projects.TotalCount)
+
+	// 6. Remove created Service Account. We would not be able to use it afterwards without access to Secret value.
+	sdk.ServiceAccountsApi.DeleteServiceAccount(ctx, *sa.ClientId, org)
+}