From 25dc4767c9828aeccc6c0ceddf55a06552e60656 Mon Sep 17 00:00:00 2001
From: Gero Posmyk-Leinemann <gero@gitpod.io>
Date: Fri, 24 Mar 2023 16:32:19 +0000
Subject: [PATCH] [server] Fix userService.deauthorize to disallow
 disconnecting the last auth provider

---
 components/server/src/user/user-service.ts | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/components/server/src/user/user-service.ts b/components/server/src/user/user-service.ts
index 4af9bd84f01ccc..63e9ae583e0fcd 100644
--- a/components/server/src/user/user-service.ts
+++ b/components/server/src/user/user-service.ts
@@ -461,7 +461,6 @@ export class UserService {
     }
 
     async deauthorize(user: User, authProviderId: string) {
-        const builtInProviders = ["Public-GitLab", "Public-GitHub", "Public-Bitbucket"];
         const externalIdentities = user.identities.filter(
             (i) => i.authProviderId !== TokenService.GITPOD_AUTH_PROVIDER_ID,
         );
@@ -476,10 +475,8 @@ export class UserService {
             (i) => i !== identity && (!this.config.disableDynamicAuthProviderLogin || isBuiltin(i.authProviderId)),
         );
 
-        if (
-            remainingLoginIdentities.length === 1 &&
-            !builtInProviders.includes(remainingLoginIdentities[0].authProviderId)
-        ) {
+        // Disallow users to deregister the last builtin auth provider's from their user
+        if (remainingLoginIdentities.length === 0) {
             throw new Error(
                 "Cannot remove last authentication provider for logging in to Gitpod. Please delete account if you want to leave.",
             );