synced/coder
1
0
Fork 0
mirror of https://github.com/coder/coder.git synced 2025-07-03 16:13:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: convert to oidc out of experimental (#8742)

Browse Source
This commit is contained in:
Steven Masley
2023-07-31 11:30:34 -04:00
committed by GitHub
parent ed82b864d0
commit cb36783e8c
13 changed files with 15 additions and 65 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
coderd/userauth.go
View File

@ -64,13 +64,6 @@ type OAuthConvertStateClaims struct {
// @Success 201 {object} codersdk.OAuthConversionResponse
// @Router /users/{user}/convert-login [post]
func (api *API) postConvertLoginType(rw http.ResponseWriter, r *http.Request) {
if !api.Experiments.Enabled(codersdk.ExperimentConvertToOIDC) {
httpapi.Write(r.Context(), rw, http.StatusForbidden, codersdk.Response{
Message: "Oauth conversion is not allowed, contact an administrator to turn on this feature.",
})
return
}
var (
user = httpmw.UserParam(r)
ctx = r.Context()
@ -455,7 +448,6 @@ func (api *API) userAuthMethods(rw http.ResponseWriter, r *http.Request) {
}
httpapi.Write(r.Context(), rw, http.StatusOK, codersdk.AuthMethods{
ConvertToOIDCEnabled: api.Experiments.Enabled(codersdk.ExperimentConvertToOIDC),
Password: codersdk.AuthMethod{
Enabled: !api.DeploymentValues.DisablePasswordAuth.Value(),
},
@ -1499,11 +1491,6 @@ func (api *API) convertUserToOauth(ctx context.Context, r *http.Request, db data
oauthConvertAudit.UserID = claims.UserID
oauthConvertAudit.Old = user
// If we do not allow converting to oauth, return an error.
if !api.Experiments.Enabled(codersdk.ExperimentConvertToOIDC) {
return database.User{}, wrongLoginTypeHTTPError(user.LoginType, params.LoginType)
}
if claims.RegisteredClaims.Issuer != api.DeploymentID {
return database.User{}, httpError{
code: http.StatusForbidden,