Remove new device verification feature flag.

src/Admin/Controllers/UsersController.cs

@@ -167,7 +167,6 @@ public class UsersController : Controller
     [HttpPost]
     [ValidateAntiForgeryToken]
     [RequirePermission(Permission.User_NewDeviceException_Edit)]
-    [RequireFeature(FeatureFlagKeys.NewDeviceVerification)]
     public async Task<IActionResult> ToggleNewDeviceVerification(Guid id)
     {
         var user = await _userRepository.GetByIdAsync(id);

src/Api/Auth/Controllers/AccountsController.cs

@@ -739,7 +739,6 @@ public class AccountsController : Controller
         }
     }
 
-    [RequireFeature(FeatureFlagKeys.NewDeviceVerification)]
     [AllowAnonymous]
     [HttpPost("resend-new-device-otp")]
     public async Task ResendNewDeviceOtpAsync([FromBody] UnauthenticatedSecretVerificationRequestModel request)

src/Identity/IdentityServer/RequestValidators/DeviceValidator.cs

@@ -22,8 +22,7 @@ public class DeviceValidator(
     ICurrentContext currentContext,
     IUserService userService,
     IDistributedCache distributedCache,
-    ILogger<DeviceValidator> logger,
-    IFeatureService featureService) : IDeviceValidator
+    ILogger<DeviceValidator> logger) : IDeviceValidator
 {
     private readonly IDeviceService _deviceService = deviceService;
     private readonly IDeviceRepository _deviceRepository = deviceRepository;
@@ -33,7 +32,6 @@ public class DeviceValidator(
     private readonly IUserService _userService = userService;
     private readonly IDistributedCache distributedCache = distributedCache;
     private readonly ILogger<DeviceValidator> _logger = logger;
-    private readonly IFeatureService _featureService = featureService;
 
     public async Task<bool> ValidateRequestDeviceAsync(ValidatedTokenRequest request, CustomValidatorRequestContext context)
     {
@@ -64,9 +62,7 @@ public class DeviceValidator(
         }
 
         // We have established that the device is unknown at this point; begin new device verification
-        // PM-13340: remove feature flag
-        if (_featureService.IsEnabled(FeatureFlagKeys.NewDeviceVerification) &&
-            request.GrantType == "password" &&
+        if (request.GrantType == "password" &&
             request.Raw["AuthRequest"] == null &&
             !context.TwoFactorRequired &&
             !context.SsoRequired &&

test/Identity.Test/IdentityServer/DeviceValidatorTests.cs

@@ -28,7 +28,7 @@ public class DeviceValidatorTests
     private readonly IUserService _userService;
     private readonly IDistributedCache _distributedCache;
     private readonly Logger<DeviceValidator> _logger;
-    private readonly IFeatureService _featureService;
+
     private readonly DeviceValidator _sut;
 
     public DeviceValidatorTests()
@@ -41,7 +41,6 @@ public class DeviceValidatorTests
         _userService = Substitute.For<IUserService>();
         _distributedCache = Substitute.For<IDistributedCache>();
         _logger = new Logger<DeviceValidator>(Substitute.For<ILoggerFactory>());
-        _featureService = Substitute.For<IFeatureService>();
         _sut = new DeviceValidator(
             _deviceService,
             _deviceRepository,
@@ -50,8 +49,7 @@ public class DeviceValidatorTests
             _currentContext,
             _userService,
             _distributedCache,
-            _logger,
-            _featureService);
+            _logger);
     }
 
     [Theory, BitAutoData]
@@ -312,8 +310,6 @@ public class DeviceValidatorTests
         AddValidDeviceToRequest(request);
         _deviceRepository.GetByIdentifierAsync(context.Device.Identifier, context.User.Id)
             .Returns(null as Device);
-        _featureService.IsEnabled(FeatureFlagKeys.NewDeviceVerification)
-            .Returns(true);
 
         request.GrantType = grantType;
 
@@ -336,8 +332,6 @@ public class DeviceValidatorTests
         AddValidDeviceToRequest(request);
         _deviceRepository.GetByIdentifierAsync(context.Device.Identifier, context.User.Id)
             .Returns(null as Device);
-        _featureService.IsEnabled(FeatureFlagKeys.NewDeviceVerification)
-            .Returns(true);
 
         request.Raw.Add("AuthRequest", "authRequest");
 
@@ -360,8 +354,6 @@ public class DeviceValidatorTests
         AddValidDeviceToRequest(request);
         _deviceRepository.GetByIdentifierAsync(context.Device.Identifier, context.User.Id)
             .Returns(null as Device);
-        _featureService.IsEnabled(FeatureFlagKeys.NewDeviceVerification)
-            .Returns(true);
 
         context.TwoFactorRequired = true;
 
@@ -384,8 +376,6 @@ public class DeviceValidatorTests
         AddValidDeviceToRequest(request);
         _deviceRepository.GetByIdentifierAsync(context.Device.Identifier, context.User.Id)
             .Returns(null as Device);
-        _featureService.IsEnabled(FeatureFlagKeys.NewDeviceVerification)
-            .Returns(true);
 
         context.SsoRequired = true;
 
@@ -404,7 +394,6 @@ public class DeviceValidatorTests
     {
         // Arrange
         ArrangeForHandleNewDeviceVerificationTest(context, request);
-        _featureService.IsEnabled(FeatureFlagKeys.NewDeviceVerification).Returns(true);
         _globalSettings.EnableNewDeviceVerification = true;
 
         context.User = null;
@@ -430,7 +419,6 @@ public class DeviceValidatorTests
     {
         // Arrange
         ArrangeForHandleNewDeviceVerificationTest(context, request);
-        _featureService.IsEnabled(FeatureFlagKeys.NewDeviceVerification).Returns(true);
         _globalSettings.EnableNewDeviceVerification = true;
         context.User.VerifyDevices = false;
 
@@ -454,7 +442,6 @@ public class DeviceValidatorTests
     {
         // Arrange
         ArrangeForHandleNewDeviceVerificationTest(context, request);
-        _featureService.IsEnabled(FeatureFlagKeys.NewDeviceVerification).Returns(true);
         _globalSettings.EnableNewDeviceVerification = true;
         _distributedCache.GetAsync(Arg.Any<string>()).Returns(null as byte[]);
         context.User.CreationDate = DateTime.UtcNow - TimeSpan.FromHours(23);
@@ -479,7 +466,6 @@ public class DeviceValidatorTests
     {
         // Arrange
         ArrangeForHandleNewDeviceVerificationTest(context, request);
-        _featureService.IsEnabled(FeatureFlagKeys.NewDeviceVerification).Returns(true);
         _globalSettings.EnableNewDeviceVerification = true;
         _distributedCache.GetAsync(Arg.Any<string>()).Returns([1]);
 
@@ -503,7 +489,6 @@ public class DeviceValidatorTests
     {
         // Arrange
         ArrangeForHandleNewDeviceVerificationTest(context, request);
-        _featureService.IsEnabled(FeatureFlagKeys.NewDeviceVerification).Returns(true);
         _globalSettings.EnableNewDeviceVerification = true;
         _distributedCache.GetAsync(Arg.Any<string>()).Returns(null as byte[]);
 
@@ -535,7 +520,6 @@ public class DeviceValidatorTests
     {
         // Arrange
         ArrangeForHandleNewDeviceVerificationTest(context, request);
-        _featureService.IsEnabled(FeatureFlagKeys.NewDeviceVerification).Returns(true);
         _globalSettings.EnableNewDeviceVerification = true;
         _distributedCache.GetAsync(Arg.Any<string>()).Returns(null as byte[]);
 
@@ -564,7 +548,6 @@ public class DeviceValidatorTests
     {
         // Arrange
         ArrangeForHandleNewDeviceVerificationTest(context, request);
-        _featureService.IsEnabled(FeatureFlagKeys.NewDeviceVerification).Returns(true);
         _globalSettings.EnableNewDeviceVerification = true;
         _distributedCache.GetAsync(Arg.Any<string>()).Returns([1]);
         _deviceRepository.GetManyByUserIdAsync(context.User.Id).Returns([]);
@@ -590,7 +573,6 @@ public class DeviceValidatorTests
     {
         // Arrange
         ArrangeForHandleNewDeviceVerificationTest(context, request);
-        _featureService.IsEnabled(FeatureFlagKeys.NewDeviceVerification).Returns(true);
         _globalSettings.EnableNewDeviceVerification = true;
         _deviceRepository.GetManyByUserIdAsync(context.User.Id).Returns([new Device()]);
         _distributedCache.GetAsync(Arg.Any<string>()).Returns(null as byte[]);