diff --git a/coderd/apidoc/docs.go b/coderd/apidoc/docs.go index 2be2602448169..d5ccfb06dfc47 100644 --- a/coderd/apidoc/docs.go +++ b/coderd/apidoc/docs.go @@ -7078,9 +7078,6 @@ const docTemplate = `{ "codersdk.AuthMethods": { "type": "object", "properties": { - "convert_to_oidc_enabled": { - "type": "boolean" - }, "github": { "$ref": "#/definitions/codersdk.AuthMethod" }, @@ -8022,7 +8019,6 @@ const docTemplate = `{ "moons", "workspace_actions", "tailnet_pg_coordinator", - "convert-to-oidc", "single_tailnet", "template_restart_requirement", "template_insights_page" @@ -8031,7 +8027,6 @@ const docTemplate = `{ "ExperimentMoons", "ExperimentWorkspaceActions", "ExperimentTailnetPGCoordinator", - "ExperimentConvertToOIDC", "ExperimentSingleTailnet", "ExperimentTemplateRestartRequirement", "ExperimentTemplateInsightsPage" diff --git a/coderd/apidoc/swagger.json b/coderd/apidoc/swagger.json index 6ed0d89c1fb65..69b3e1f6a5453 100644 --- a/coderd/apidoc/swagger.json +++ b/coderd/apidoc/swagger.json @@ -6302,9 +6302,6 @@ "codersdk.AuthMethods": { "type": "object", "properties": { - "convert_to_oidc_enabled": { - "type": "boolean" - }, "github": { "$ref": "#/definitions/codersdk.AuthMethod" }, @@ -7183,7 +7180,6 @@ "moons", "workspace_actions", "tailnet_pg_coordinator", - "convert-to-oidc", "single_tailnet", "template_restart_requirement", "template_insights_page" @@ -7192,7 +7188,6 @@ "ExperimentMoons", "ExperimentWorkspaceActions", "ExperimentTailnetPGCoordinator", - "ExperimentConvertToOIDC", "ExperimentSingleTailnet", "ExperimentTemplateRestartRequirement", "ExperimentTemplateInsightsPage" diff --git a/coderd/userauth.go b/coderd/userauth.go index a53127ee91fb0..dea87821a3444 100644 --- a/coderd/userauth.go +++ b/coderd/userauth.go @@ -64,13 +64,6 @@ type OAuthConvertStateClaims struct { // @Success 201 {object} codersdk.OAuthConversionResponse // @Router /users/{user}/convert-login [post] func (api *API) postConvertLoginType(rw http.ResponseWriter, r *http.Request) { - if !api.Experiments.Enabled(codersdk.ExperimentConvertToOIDC) { - httpapi.Write(r.Context(), rw, http.StatusForbidden, codersdk.Response{ - Message: "Oauth conversion is not allowed, contact an administrator to turn on this feature.", - }) - return - } - var ( user = httpmw.UserParam(r) ctx = r.Context() @@ -455,7 +448,6 @@ func (api *API) userAuthMethods(rw http.ResponseWriter, r *http.Request) { } httpapi.Write(r.Context(), rw, http.StatusOK, codersdk.AuthMethods{ - ConvertToOIDCEnabled: api.Experiments.Enabled(codersdk.ExperimentConvertToOIDC), Password: codersdk.AuthMethod{ Enabled: !api.DeploymentValues.DisablePasswordAuth.Value(), }, @@ -1499,11 +1491,6 @@ func (api *API) convertUserToOauth(ctx context.Context, r *http.Request, db data oauthConvertAudit.UserID = claims.UserID oauthConvertAudit.Old = user - // If we do not allow converting to oauth, return an error. - if !api.Experiments.Enabled(codersdk.ExperimentConvertToOIDC) { - return database.User{}, wrongLoginTypeHTTPError(user.LoginType, params.LoginType) - } - if claims.RegisteredClaims.Issuer != api.DeploymentID { return database.User{}, httpError{ code: http.StatusForbidden, diff --git a/coderd/userauth_test.go b/coderd/userauth_test.go index 3873ebdee807d..6f49222ff8764 100644 --- a/coderd/userauth_test.go +++ b/coderd/userauth_test.go @@ -20,7 +20,6 @@ import ( "golang.org/x/xerrors" "cdr.dev/slog/sloggers/slogtest" - "github.com/coder/coder/cli/clibase" "github.com/coder/coder/coderd" "github.com/coder/coder/coderd/audit" "github.com/coder/coder/coderd/coderdtest" @@ -796,7 +795,6 @@ func TestUserOIDC(t *testing.T) { config.AllowSignups = true cfg := coderdtest.DeploymentValues(t) - cfg.Experiments = clibase.StringArray{string(codersdk.ExperimentConvertToOIDC)} client := coderdtest.New(t, &coderdtest.Options{ Auditor: auditor, OIDCConfig: config, diff --git a/codersdk/deployment.go b/codersdk/deployment.go index de051256ec403..e27731b6aa6bf 100644 --- a/codersdk/deployment.go +++ b/codersdk/deployment.go @@ -1850,10 +1850,6 @@ const ( // only Coordinator ExperimentTailnetPGCoordinator Experiment = "tailnet_pg_coordinator" - // ExperimentConvertToOIDC enables users to convert from password to - // oidc. - ExperimentConvertToOIDC Experiment = "convert-to-oidc" - // ExperimentSingleTailnet replaces workspace connections inside coderd to // all use a single tailnet, instead of the previous behavior of creating a // single tailnet for each agent. diff --git a/codersdk/users.go b/codersdk/users.go index 913f5490584de..57d6162a2459a 100644 --- a/codersdk/users.go +++ b/codersdk/users.go @@ -160,10 +160,9 @@ type CreateOrganizationRequest struct { // AuthMethods contains authentication method information like whether they are enabled or not or custom text, etc. type AuthMethods struct { - ConvertToOIDCEnabled bool `json:"convert_to_oidc_enabled"` - Password AuthMethod `json:"password"` - Github AuthMethod `json:"github"` - OIDC OIDCAuthMethod `json:"oidc"` + Password AuthMethod `json:"password"` + Github AuthMethod `json:"github"` + OIDC OIDCAuthMethod `json:"oidc"` } type AuthMethod struct { diff --git a/docs/api/schemas.md b/docs/api/schemas.md index 03bf590df0466..b9d5e3d1b78a1 100644 --- a/docs/api/schemas.md +++ b/docs/api/schemas.md @@ -1184,7 +1184,6 @@ ```json { - "convert_to_oidc_enabled": true, "github": { "enabled": true }, @@ -1201,12 +1200,11 @@ ### Properties -| Name | Type | Required | Restrictions | Description | -| ------------------------- | -------------------------------------------------- | -------- | ------------ | ----------- | -| `convert_to_oidc_enabled` | boolean | false | | | -| `github` | [codersdk.AuthMethod](#codersdkauthmethod) | false | | | -| `oidc` | [codersdk.OIDCAuthMethod](#codersdkoidcauthmethod) | false | | | -| `password` | [codersdk.AuthMethod](#codersdkauthmethod) | false | | | +| Name | Type | Required | Restrictions | Description | +| ---------- | -------------------------------------------------- | -------- | ------------ | ----------- | +| `github` | [codersdk.AuthMethod](#codersdkauthmethod) | false | | | +| `oidc` | [codersdk.OIDCAuthMethod](#codersdkoidcauthmethod) | false | | | +| `password` | [codersdk.AuthMethod](#codersdkauthmethod) | false | | | ## codersdk.AuthorizationCheck @@ -2673,7 +2671,6 @@ AuthorizationObject can represent a "set" of objects, such as: all workspaces in | `moons` | | `workspace_actions` | | `tailnet_pg_coordinator` | -| `convert-to-oidc` | | `single_tailnet` | | `template_restart_requirement` | | `template_insights_page` | diff --git a/docs/api/users.md b/docs/api/users.md index f22f97adb4ab8..3c583e15787db 100644 --- a/docs/api/users.md +++ b/docs/api/users.md @@ -142,7 +142,6 @@ curl -X GET http://coder-server:8080/api/v2/users/authmethods \ ```json { - "convert_to_oidc_enabled": true, "github": { "enabled": true }, diff --git a/site/src/api/typesGenerated.ts b/site/src/api/typesGenerated.ts index 4eaff1ea1d062..e374e46e192f1 100644 --- a/site/src/api/typesGenerated.ts +++ b/site/src/api/typesGenerated.ts @@ -110,7 +110,6 @@ export interface AuthMethod { // From codersdk/users.go export interface AuthMethods { - readonly convert_to_oidc_enabled: boolean readonly password: AuthMethod readonly github: AuthMethod readonly oidc: OIDCAuthMethod @@ -1560,7 +1559,6 @@ export const Entitlements: Entitlement[] = [ // From codersdk/deployment.go export type Experiment = - | "convert-to-oidc" | "moons" | "single_tailnet" | "tailnet_pg_coordinator" @@ -1568,7 +1566,6 @@ export type Experiment = | "template_restart_requirement" | "workspace_actions" export const Experiments: Experiment[] = [ - "convert-to-oidc", "moons", "single_tailnet", "tailnet_pg_coordinator", diff --git a/site/src/components/SignInForm/SignInForm.stories.tsx b/site/src/components/SignInForm/SignInForm.stories.tsx index fb49792dc99de..ea3610e7ba49d 100644 --- a/site/src/components/SignInForm/SignInForm.stories.tsx +++ b/site/src/components/SignInForm/SignInForm.stories.tsx @@ -28,7 +28,6 @@ SigningIn.args = { ...SignedOut.args, isSigningIn: true, authMethods: { - convert_to_oidc_enabled: false, password: { enabled: true }, github: { enabled: true }, oidc: { enabled: false, signInText: "", iconUrl: "" }, @@ -56,7 +55,6 @@ export const WithGithub = Template.bind({}) WithGithub.args = { ...SignedOut.args, authMethods: { - convert_to_oidc_enabled: false, password: { enabled: true }, github: { enabled: true }, oidc: { enabled: false, signInText: "", iconUrl: "" }, @@ -67,7 +65,6 @@ export const WithOIDC = Template.bind({}) WithOIDC.args = { ...SignedOut.args, authMethods: { - convert_to_oidc_enabled: false, password: { enabled: true }, github: { enabled: false }, oidc: { enabled: true, signInText: "", iconUrl: "" }, @@ -78,7 +75,6 @@ export const WithOIDCWithoutPassword = Template.bind({}) WithOIDCWithoutPassword.args = { ...SignedOut.args, authMethods: { - convert_to_oidc_enabled: false, password: { enabled: false }, github: { enabled: false }, oidc: { enabled: true, signInText: "", iconUrl: "" }, @@ -89,7 +85,6 @@ export const WithoutAny = Template.bind({}) WithoutAny.args = { ...SignedOut.args, authMethods: { - convert_to_oidc_enabled: false, password: { enabled: false }, github: { enabled: false }, oidc: { enabled: false, signInText: "", iconUrl: "" }, @@ -100,7 +95,6 @@ export const WithGithubAndOIDC = Template.bind({}) WithGithubAndOIDC.args = { ...SignedOut.args, authMethods: { - convert_to_oidc_enabled: false, password: { enabled: true }, github: { enabled: true }, oidc: { enabled: true, signInText: "", iconUrl: "" }, diff --git a/site/src/pages/LoginPage/LoginPage.test.tsx b/site/src/pages/LoginPage/LoginPage.test.tsx index 3fc3ad1369874..e7dcd782fcfa5 100644 --- a/site/src/pages/LoginPage/LoginPage.test.tsx +++ b/site/src/pages/LoginPage/LoginPage.test.tsx @@ -61,7 +61,6 @@ describe("LoginPage", () => { it("shows github authentication when enabled", async () => { const authMethods: TypesGen.AuthMethods = { - convert_to_oidc_enabled: false, password: { enabled: true }, github: { enabled: true }, oidc: { enabled: true, signInText: "", iconUrl: "" }, @@ -113,7 +112,6 @@ describe("LoginPage", () => { it("hides password authentication if OIDC/GitHub is enabled and displays on click", async () => { const authMethods: TypesGen.AuthMethods = { - convert_to_oidc_enabled: false, password: { enabled: true }, github: { enabled: true }, oidc: { enabled: true, signInText: "", iconUrl: "" }, diff --git a/site/src/pages/UserSettingsPage/SecurityPage/SecurityPage.tsx b/site/src/pages/UserSettingsPage/SecurityPage/SecurityPage.tsx index 6a0e9853f6e30..36f0db6f38c63 100644 --- a/site/src/pages/UserSettingsPage/SecurityPage/SecurityPage.tsx +++ b/site/src/pages/UserSettingsPage/SecurityPage/SecurityPage.tsx @@ -53,17 +53,13 @@ export const SecurityPage: FC = () => { }, }, }} - oidc={ - authMethods.convert_to_oidc_enabled - ? { - section: { - authMethods, - userLoginType, - ...singleSignOnSection, - }, - } - : undefined - } + oidc={{ + section: { + authMethods, + userLoginType, + ...singleSignOnSection, + }, + }} /> ) } diff --git a/site/src/testHelpers/entities.ts b/site/src/testHelpers/entities.ts index 3b32ac9ec2098..930263fe2049c 100644 --- a/site/src/testHelpers/entities.ts +++ b/site/src/testHelpers/entities.ts @@ -1113,7 +1113,6 @@ export const MockAuthMethods: TypesGen.AuthMethods = { password: { enabled: true }, github: { enabled: false }, oidc: { enabled: false, signInText: "", iconUrl: "" }, - convert_to_oidc_enabled: true, } export const MockAuthMethodsWithPasswordType: TypesGen.AuthMethods = {