coder · Emyrk · Jul 31, 2023 · Jul 26, 2023 · Jul 31, 2023
diff --git a/coderd/apidoc/docs.go b/coderd/apidoc/docs.go
diff --git a/coderd/apidoc/swagger.json b/coderd/apidoc/swagger.json
diff --git a/coderd/userauth.go b/coderd/userauth.go
@@ -64,13 +64,6 @@ type OAuthConvertStateClaims struct {
 // @Success 201 {object} codersdk.OAuthConversionResponse
 // @Router /users/{user}/convert-login [post]
 func (api *API) postConvertLoginType(rw http.ResponseWriter, r *http.Request) {
-	if !api.Experiments.Enabled(codersdk.ExperimentConvertToOIDC) {
-		httpapi.Write(r.Context(), rw, http.StatusForbidden, codersdk.Response{
-			Message: "Oauth conversion is not allowed, contact an administrator to turn on this feature.",
-		})
-		return
-	}
-
 	var (
 		user              = httpmw.UserParam(r)
 		ctx               = r.Context()
@@ -455,7 +448,6 @@ func (api *API) userAuthMethods(rw http.ResponseWriter, r *http.Request) {
 	}
 
 	httpapi.Write(r.Context(), rw, http.StatusOK, codersdk.AuthMethods{
-		ConvertToOIDCEnabled: api.Experiments.Enabled(codersdk.ExperimentConvertToOIDC),
 		Password: codersdk.AuthMethod{
 			Enabled: !api.DeploymentValues.DisablePasswordAuth.Value(),
 		},
@@ -1499,11 +1491,6 @@ func (api *API) convertUserToOauth(ctx context.Context, r *http.Request, db data
 	oauthConvertAudit.UserID = claims.UserID
 	oauthConvertAudit.Old = user
 
-	// If we do not allow converting to oauth, return an error.
-	if !api.Experiments.Enabled(codersdk.ExperimentConvertToOIDC) {
-		return database.User{}, wrongLoginTypeHTTPError(user.LoginType, params.LoginType)
-	}
-
 	if claims.RegisteredClaims.Issuer != api.DeploymentID {
 		return database.User{}, httpError{
 			code: http.StatusForbidden,

diff --git a/coderd/userauth_test.go b/coderd/userauth_test.go
@@ -20,7 +20,6 @@ import (
 	"golang.org/x/xerrors"
 
 	"cdr.dev/slog/sloggers/slogtest"
-	"github.com/coder/coder/cli/clibase"
 	"github.com/coder/coder/coderd"
 	"github.com/coder/coder/coderd/audit"
 	"github.com/coder/coder/coderd/coderdtest"
@@ -796,7 +795,6 @@ func TestUserOIDC(t *testing.T) {
 		config.AllowSignups = true
 
 		cfg := coderdtest.DeploymentValues(t)
-		cfg.Experiments = clibase.StringArray{string(codersdk.ExperimentConvertToOIDC)}
 		client := coderdtest.New(t, &coderdtest.Options{
 			Auditor:          auditor,
 			OIDCConfig:       config,

diff --git a/codersdk/deployment.go b/codersdk/deployment.go
@@ -1850,10 +1850,6 @@ const (
 	// only Coordinator
 	ExperimentTailnetPGCoordinator Experiment = "tailnet_pg_coordinator"
 
-	// ExperimentConvertToOIDC enables users to convert from password to
-	// oidc.
-	ExperimentConvertToOIDC Experiment = "convert-to-oidc"
-
 	// ExperimentSingleTailnet replaces workspace connections inside coderd to
 	// all use a single tailnet, instead of the previous behavior of creating a
 	// single tailnet for each agent.

diff --git a/codersdk/users.go b/codersdk/users.go
@@ -160,10 +160,9 @@ type CreateOrganizationRequest struct {
 
 // AuthMethods contains authentication method information like whether they are enabled or not or custom text, etc.
 type AuthMethods struct {
-	ConvertToOIDCEnabled bool           `json:"convert_to_oidc_enabled"`
-	Password             AuthMethod     `json:"password"`
-	Github               AuthMethod     `json:"github"`
-	OIDC                 OIDCAuthMethod `json:"oidc"`
+	Password AuthMethod     `json:"password"`
+	Github   AuthMethod     `json:"github"`
+	OIDC     OIDCAuthMethod `json:"oidc"`
 }
 
 type AuthMethod struct {

diff --git a/docs/api/schemas.md b/docs/api/schemas.md
diff --git a/docs/api/users.md b/docs/api/users.md
diff --git a/site/src/api/typesGenerated.ts b/site/src/api/typesGenerated.ts
diff --git a/site/src/components/SignInForm/SignInForm.stories.tsx b/site/src/components/SignInForm/SignInForm.stories.tsx
@@ -28,7 +28,6 @@ SigningIn.args = {
   ...SignedOut.args,
   isSigningIn: true,
   authMethods: {
-    convert_to_oidc_enabled: false,
     password: { enabled: true },
     github: { enabled: true },
     oidc: { enabled: false, signInText: "", iconUrl: "" },
@@ -56,7 +55,6 @@ export const WithGithub = Template.bind({})
 WithGithub.args = {
   ...SignedOut.args,
   authMethods: {
-    convert_to_oidc_enabled: false,
     password: { enabled: true },
     github: { enabled: true },
     oidc: { enabled: false, signInText: "", iconUrl: "" },
@@ -67,7 +65,6 @@ export const WithOIDC = Template.bind({})
 WithOIDC.args = {
   ...SignedOut.args,
   authMethods: {
-    convert_to_oidc_enabled: false,
     password: { enabled: true },
     github: { enabled: false },
     oidc: { enabled: true, signInText: "", iconUrl: "" },
@@ -78,7 +75,6 @@ export const WithOIDCWithoutPassword = Template.bind({})
 WithOIDCWithoutPassword.args = {
   ...SignedOut.args,
   authMethods: {
-    convert_to_oidc_enabled: false,
     password: { enabled: false },
     github: { enabled: false },
     oidc: { enabled: true, signInText: "", iconUrl: "" },
@@ -89,7 +85,6 @@ export const WithoutAny = Template.bind({})
 WithoutAny.args = {
   ...SignedOut.args,
   authMethods: {
-    convert_to_oidc_enabled: false,
     password: { enabled: false },
     github: { enabled: false },
     oidc: { enabled: false, signInText: "", iconUrl: "" },
@@ -100,7 +95,6 @@ export const WithGithubAndOIDC = Template.bind({})
 WithGithubAndOIDC.args = {
   ...SignedOut.args,
   authMethods: {
-    convert_to_oidc_enabled: false,
     password: { enabled: true },
     github: { enabled: true },
     oidc: { enabled: true, signInText: "", iconUrl: "" },

diff --git a/site/src/pages/LoginPage/LoginPage.test.tsx b/site/src/pages/LoginPage/LoginPage.test.tsx
@@ -61,7 +61,6 @@ describe("LoginPage", () => {
 
   it("shows github authentication when enabled", async () => {
     const authMethods: TypesGen.AuthMethods = {
-      convert_to_oidc_enabled: false,
       password: { enabled: true },
       github: { enabled: true },
       oidc: { enabled: true, signInText: "", iconUrl: "" },
@@ -113,7 +112,6 @@ describe("LoginPage", () => {
 
   it("hides password authentication if OIDC/GitHub is enabled and displays on click", async () => {
     const authMethods: TypesGen.AuthMethods = {
-      convert_to_oidc_enabled: false,
       password: { enabled: true },
       github: { enabled: true },
       oidc: { enabled: true, signInText: "", iconUrl: "" },

diff --git a/site/src/pages/UserSettingsPage/SecurityPage/SecurityPage.tsx b/site/src/pages/UserSettingsPage/SecurityPage/SecurityPage.tsx
@@ -53,17 +53,13 @@ export const SecurityPage: FC = () => {
           },
         },
       }}
-      oidc={
-        authMethods.convert_to_oidc_enabled
-          ? {
-              section: {
-                authMethods,
-                userLoginType,
-                ...singleSignOnSection,
-              },
-            }
-          : undefined
-      }
+      oidc={{
+        section: {
+          authMethods,
+          userLoginType,
+          ...singleSignOnSection,
+        },
+      }}
     />
   )
 }

diff --git a/site/src/testHelpers/entities.ts b/site/src/testHelpers/entities.ts
@@ -1113,7 +1113,6 @@ export const MockAuthMethods: TypesGen.AuthMethods = {
   password: { enabled: true },
   github: { enabled: false },
   oidc: { enabled: false, signInText: "", iconUrl: "" },
-  convert_to_oidc_enabled: true,
 }
 
 export const MockAuthMethodsWithPasswordType: TypesGen.AuthMethods = {