Deploy RC 373 to Production

app/components/accordion_component.html.erb

@@ -9,9 +9,7 @@
       <%= header %>
     </button>
   </div>
-  <div id="accordion-<%= unique_id %>" class="usa-accordion__container">
-    <div class="usa-accordion__content">
-      <%= content %>
-    </div>
+  <div id="accordion-<%= unique_id %>" class="usa-accordion__content">
+    <%= content %>
   </div>
 <% end %>

app/controllers/concerns/idv/document_capture_concern.rb

@@ -49,7 +49,7 @@ def stored_result
     end
 
     def selfie_requirement_met?
-      !decorated_sp_session.selfie_required? || stored_result.selfie_check_performed?
+      !decorated_sp_session.biometric_comparison_required? || stored_result.selfie_check_performed?
     end
 
     private

app/controllers/concerns/idv_session_concern.rb

@@ -17,7 +17,7 @@ def hybrid_session?
   end
 
   def idv_needed?
-    user_needs_selfie? ||
+    user_needs_biometric_comparison? ||
       idv_session_user.active_profile.blank? ||
       decorated_sp_session.requested_more_recent_verification? ||
       idv_session_user.reproof_for_irs?(service_provider: current_sp)
@@ -66,7 +66,8 @@ def idv_session_user
     current_user
   end
 
-  def user_needs_selfie?
-    decorated_sp_session.selfie_required? && !current_user.identity_verified_with_selfie?
+  def user_needs_biometric_comparison?
+    decorated_sp_session.biometric_comparison_required? &&
+      !current_user.identity_verified_with_biometric_comparison?
   end
 end

app/controllers/concerns/idv_step_concern.rb

@@ -111,7 +111,7 @@ def flow_policy
 
   def confirm_step_allowed
     # set it everytime, since user may switch SP
-    idv_session.selfie_check_required = decorated_sp_session.selfie_required?
+    idv_session.selfie_check_required = decorated_sp_session.biometric_comparison_required?
     return if flow_policy.controller_allowed?(controller: self.class)
 
     redirect_to url_for_latest_step

app/controllers/frontend_log_controller.rb

@@ -35,7 +35,6 @@ class FrontendLogController < ApplicationController
     'IdV: personal key acknowledgment toggled' => :idv_personal_key_acknowledgment_toggled,
     'IdV: prepare submitted' => :idv_in_person_prepare_submitted,
     'IdV: prepare visited' => :idv_in_person_prepare_visited,
-    'IdV: selfie image clicked' => :idv_selfie_image_clicked,
     'IdV: switch_back submitted' => :idv_in_person_switch_back_submitted,
     'IdV: switch_back visited' => :idv_in_person_switch_back_visited,
     'IdV: user clicked sp link on ready to verify page' => :idv_in_person_ready_to_verify_sp_link_clicked,
@@ -55,6 +54,7 @@ class FrontendLogController < ApplicationController
     idv_sdk_selfie_image_capture_failed
     idv_sdk_selfie_image_capture_opened
     idv_selfie_image_added
+    idv_selfie_image_clicked
     phone_input_country_changed
   ].freeze
 

app/controllers/idv/address_controller.rb

@@ -59,13 +59,6 @@ def address_from_document
 
     def success
       idv_session.address_edited = address_edited?
-      idv_session.pii_from_doc = idv_session.pii_from_doc.merge(
-        address1: @address_form.address1,
-        address2: @address_form.address2,
-        city: @address_form.city,
-        state: @address_form.state,
-        zipcode: @address_form.zipcode,
-      )
       idv_session.updated_user_address = @address_form.updated_user_address
       redirect_to idv_verify_info_url
     end

app/controllers/idv/document_capture_controller.rb

@@ -51,7 +51,7 @@ def extra_view_variables
         skip_doc_auth: idv_session.skip_doc_auth,
         skip_doc_auth_from_handoff: idv_session.skip_doc_auth_from_handoff,
         opted_in_to_in_person_proofing: idv_session.opted_in_to_in_person_proofing,
-        doc_auth_selfie_capture: decorated_sp_session.selfie_required?,
+        doc_auth_selfie_capture: decorated_sp_session.biometric_comparison_required?,
       }.merge(
         acuant_sdk_upgrade_a_b_testing_variables,
       )
@@ -97,7 +97,7 @@ def analytics_arguments
         irs_reproofing: irs_reproofing?,
         redo_document_capture: idv_session.redo_document_capture,
         skip_hybrid_handoff: idv_session.skip_hybrid_handoff,
-        liveness_checking_required: decorated_sp_session.selfie_required?,
+        liveness_checking_required: decorated_sp_session.biometric_comparison_required?,
         selfie_check_required: idv_session.selfie_check_required,
       }.merge(ab_test_analytics_buckets)
     end

app/controllers/idv/hybrid_mobile/capture_complete_controller.rb

@@ -25,7 +25,7 @@ def analytics_arguments
           step: 'capture_complete',
           analytics_id: 'Doc Auth',
           irs_reproofing: irs_reproofing?,
-          liveness_checking_required: decorated_sp_session.selfie_required?,
+          liveness_checking_required: decorated_sp_session.biometric_comparison_required?,
         }.merge(ab_test_analytics_buckets)
       end
     end

app/controllers/idv/hybrid_mobile/document_capture_controller.rb

@@ -43,7 +43,7 @@ def extra_view_variables
           flow_path: 'hybrid',
           document_capture_session_uuid: document_capture_session_uuid,
           failure_to_proof_url: return_to_sp_failure_to_proof_url(step: 'document_capture'),
-          doc_auth_selfie_capture: decorated_sp_session.selfie_required?,
+          doc_auth_selfie_capture: decorated_sp_session.biometric_comparison_required?,
         }.merge(
           acuant_sdk_upgrade_a_b_testing_variables,
         )
@@ -57,8 +57,8 @@ def analytics_arguments
           step: 'document_capture',
           analytics_id: 'Doc Auth',
           irs_reproofing: irs_reproofing?,
-          liveness_checking_required: decorated_sp_session.selfie_required?,
-          selfie_check_required: decorated_sp_session.selfie_required?,
+          liveness_checking_required: decorated_sp_session.biometric_comparison_required?,
+          selfie_check_required: decorated_sp_session.biometric_comparison_required?,
         }.merge(
           ab_test_analytics_buckets,
         )

app/controllers/idv/image_uploads_controller.rb

@@ -25,7 +25,7 @@ def image_upload_form
         uuid_prefix: current_sp&.app_id,
         irs_attempts_api_tracker: irs_attempts_api_tracker,
         store_encrypted_images: store_encrypted_images?,
-        liveness_checking_required: decorated_sp_session.selfie_required?,
+        liveness_checking_required: decorated_sp_session.biometric_comparison_required?,
       )
     end
 

app/controllers/idv_controller.rb

@@ -32,8 +32,8 @@ def activated
   private
 
   def already_verified?
-    if decorated_sp_session.selfie_required?
-      return current_user.identity_verified_with_selfie?
+    if decorated_sp_session.biometric_comparison_required?
+      return current_user.identity_verified_with_biometric_comparison?
     end
 
     return current_user.active_profile.present?

app/controllers/openid_connect/authorization_controller.rb

@@ -30,7 +30,7 @@ def index
         return redirect_to reactivate_account_url if user_needs_to_reactivate_account?
         return redirect_to url_for_pending_profile_reason if user_has_pending_profile?
         return redirect_to idv_url if identity_needs_verification?
-        return redirect_to idv_url if selfie_needed?
+        return redirect_to idv_url if biometric_comparison_needed?
       end
       return redirect_to sign_up_completed_url if needs_completion_screen_reason
       link_identity_to_service_provider
@@ -127,9 +127,9 @@ def identity_needs_verification?
         current_user.reproof_for_irs?(service_provider: current_sp)
     end
 
-    def selfie_needed?
-      decorated_sp_session.selfie_required? &&
-        !current_user.identity_verified_with_selfie?
+    def biometric_comparison_needed?
+      decorated_sp_session.biometric_comparison_required? &&
+        !current_user.identity_verified_with_biometric_comparison?
     end
 
     def build_authorize_form_from_params

app/controllers/saml_idp_controller.rb

@@ -36,7 +36,7 @@ def auth
       return redirect_to reactivate_account_url if user_needs_to_reactivate_account?
       return redirect_to url_for_pending_profile_reason if user_has_pending_profile?
       return redirect_to idv_url if identity_needs_verification?
-      return redirect_to idv_url if selfie_needed?
+      return redirect_to idv_url if biometric_comparison_needed?
     end
     return redirect_to sign_up_completed_url if needs_completion_screen_reason
     if auth_count == 1 && first_visit_for_sp?
@@ -112,9 +112,9 @@ def prompt_for_password_if_ial2_request_and_pii_locked
     redirect_to capture_password_url
   end
 
-  def selfie_needed?
-    decorated_sp_session.selfie_required? &&
-      !current_user.identity_verified_with_selfie?
+  def biometric_comparison_needed?
+    decorated_sp_session.biometric_comparison_required? &&
+      !current_user.identity_verified_with_biometric_comparison?
   end
 
   def set_devise_failure_redirect_for_concurrent_session_logout

app/controllers/sign_up/completions_controller.rb

@@ -6,7 +6,6 @@ class CompletionsController < ApplicationController
 
     before_action :confirm_two_factor_authenticated
     before_action :confirm_identity_verified, if: :identity_proofing_required?
-    before_action :confirm_selfie_captured, if: :selfie_required?
     before_action :apply_secure_headers_override, only: [:show, :update]
     before_action :verify_needs_completions_screen
 
@@ -38,10 +37,6 @@ def confirm_identity_verified
       redirect_to idv_url if current_user.identity_not_verified?
     end
 
-    def confirm_selfie_captured
-      redirect_to idv_url if !current_user.identity_verified_with_selfie?
-    end
-
     def verify_needs_completions_screen
       return_to_account unless needs_completion_screen_reason
     end
@@ -65,10 +60,6 @@ def ial2_requested?
       resolved_authn_context_result.identity_proofing_or_ialmax? && current_user.identity_verified?
     end
 
-    def selfie_required?
-      decorated_sp_session.selfie_required?
-    end
-
     def return_to_account
       track_completion_event('account-page')
       redirect_to account_url

app/decorators/null_service_provider_session.rb

@@ -47,7 +47,7 @@ def request_url_params
     {}
   end
 
-  def selfie_required?
+  def biometric_comparison_required?
     false
   end
 

app/decorators/service_provider_session.rb

@@ -72,7 +72,7 @@ def sp_issuer
     sp.issuer
   end
 
-  def selfie_required?
+  def biometric_comparison_required?
     !!(FeatureManagement.idv_allow_selfie_check? &&
       sp_session[:biometric_comparison_required])
   end

app/javascript/packages/captcha-submit-button/captcha-submit-button-element.spec.ts

@@ -136,6 +136,27 @@ describe('CaptchaSubmitButtonElement', () => {
           });
         });
       });
+
+      context('when recaptcha fails to load', () => {
+        beforeEach(() => {
+          delete (global as any).grecaptcha;
+        });
+
+        it('does not prevent default form submission', async () => {
+          const button = screen.getByRole('button', { name: 'Submit' });
+          const form = document.querySelector('form')!;
+
+          let didSubmit = false;
+          form.addEventListener('submit', (event) => {
+            expect(event.defaultPrevented).to.equal(false);
+            event.preventDefault();
+            didSubmit = true;
+          });
+
+          await userEvent.click(button);
+          await waitFor(() => expect(didSubmit).to.be.true());
+        });
+      });
     });
   });
 });

app/javascript/packages/captcha-submit-button/captcha-submit-button-element.ts

@@ -31,29 +31,29 @@ class CaptchaSubmitButtonElement extends HTMLElement {
     return this.getAttribute('recaptcha-enterprise') === 'true';
   }
 
-  get recaptchaClient(): ReCaptchaV2.ReCaptcha {
+  get recaptchaClient(): ReCaptchaV2.ReCaptcha | undefined {
     if (this.isRecaptchaEnterprise) {
-      return grecaptcha.enterprise;
+      return globalThis.grecaptcha?.enterprise;
     }
 
-    return grecaptcha;
+    return globalThis.grecaptcha;
   }
 
   submit() {
     this.form?.submit();
   }
 
   invokeChallenge() {
-    this.recaptchaClient.ready(async () => {
+    this.recaptchaClient!.ready(async () => {
       const { recaptchaSiteKey: siteKey, recaptchaAction: action } = this;
-      const token = await this.recaptchaClient.execute(siteKey!, { action });
+      const token = await this.recaptchaClient!.execute(siteKey!, { action });
       this.tokenInput.value = token;
       this.submit();
     });
   }
 
   shouldInvokeChallenge(): boolean {
-    return !!this.recaptchaSiteKey;
+    return !!(this.recaptchaSiteKey && this.recaptchaClient);
   }
 
   handleFormSubmit = (event: SubmitEvent) => {

app/javascript/packages/document-capture/components/acuant-capture.tsx

@@ -437,11 +437,15 @@ function AcuantCapture(
     return <T extends (...args: any[]) => any>(fn: T) =>
       (...args: Parameters<T>) => {
         if (!isSuppressingClickLogging.current) {
-          trackEvent(`IdV: ${name} image clicked`, {
-            source,
-            ...metadata,
-            liveness_checking_required: isSelfieCaptureEnabled,
-          });
+          trackEvent(
+            name === 'selfie' ? 'idv_selfie_image_clicked' : `IdV: ${name} image clicked`,
+            {
+              source,
+              ...metadata,
+              liveness_checking_required: isSelfieCaptureEnabled,
+              captureAttempts,
+            },
+          );
         }
 
         return fn(...args);

app/models/user.rb

@@ -1,9 +1,6 @@
 # frozen_string_literal: true
 
 class User < ApplicationRecord
-  # To be dropped in: https://github.com/18F/identity-idp/pull/10429
-  self.ignored_columns = [:remember_created_at]
-
   include NonNullUuid
 
   include ::NewRelic::Agent::MethodTracer
@@ -373,7 +370,7 @@ def identity_verified?(service_provider: nil)
     active_profile.present? && !reproof_for_irs?(service_provider: service_provider)
   end
 
-  def identity_verified_with_selfie?
+  def identity_verified_with_biometric_comparison?
     BIOMETRIC_COMPARISON_IDV_LEVELS.include?(active_profile&.idv_level)
   end
 

app/presenters/idv/welcome_presenter.rb

@@ -22,6 +22,10 @@ def title
       t('doc_auth.headings.welcome', sp_name: sp_name)
     end
 
+    def selfie_required?
+      decorated_sp_session.biometric_comparison_required?
+    end
+
     def explanation_text(help_link)
       if first_time_idv?
         t(