LG-13136: Fix rate limiting logic when user is on last try

[night-jellyfish]

🎫 Ticket

LG-13136

🛠 Summary of changes

When we used limited? we found the user was prevented from completing their last chance at a request, even if the request came back from TrueID as a success. Due to the use of >= in limited?, in this situation the attempts and max_attempts were equal. While polling for the results, the user would be short-circuited to the too_many_requests logic.

Instead we needed a way to only prevent that if the user had exceeded their max amount of tries.

📜 Testing Plan

• Set doc_auth_max_attempts to a low number locally in your application.yml
• Fail an attempt due to doc auth errors up to minus one the amount of times you allowed in the first step (so if you changed to 5, fail 4 times with doc auth errors)
• For your last attempt, use a successful image / yml and make sure you're able to get through to the SSN page.

[dawei-nava]

I am thinking whether we should completely remove this check, due to the way rate_limiter implemented.

And technically this controller wont be calle, since when doc_auth is submitted then the rate_limit should not be exceeded.

[night-jellyfish]

I am trying out removing this call locally. Everything seems to be passing so far.

My main concern is that - if we shouldn't ever call this controller, is there some sort of earlier check that's misfiring? Because if it shouldn't have ever been called, then this user should never have encountered this issue...

[dawei-nava]

@night-jellyfish , i meant this wont be called technically if rate limited, unless something goes wrong or called intentionally.

[night-jellyfish]

Can you point me to the earlier check that would filter out rate limited requests? I am having a hard time finding it.

[dawei-nava]

@night-jellyfish here, it's a controller before_action hook

identity-idp/app/controllers/idv/document_capture_controller.rb

Line 11 in add15b5

before_action :confirm_not_rate_limited, except: [:update]

also

identity-idp/app/controllers/idv/link_sent_controller.rb

Line 10 in add15b5

before_action :confirm_not_rate_limited

[night-jellyfish]

Thank you!! I also found this relevant conversation that further supports your point.

With that in mind, I updated this PR to instead delete the check for rate limiting, as you suggested. I still need to test this manually.

[night-jellyfish]

I think I need to also add a feature test for this, perhaps.

[amirbey]

👀

[amirbey]

When I get rate limited during they hybrid flow, the desktop is stuck on the polling page. It'd help to add a feature test for hybrid rate limiting

[eileen-nava]

I was able to successfully complete all the steps in the testing plan. I can approve this once you address Amir's feedback.

[eileen-nava]

When I get rate limited during the hybrid flow, the desktop is stuck on the polling page. It'd help to add a feature test for hybrid rate limiting

@amirbey When you were testing the hybrid flow and got rate limited, did the desktop still display the We sent a message to your phone screen? I think we might have a ticket/figma related to this, but I wanted to be sure I understood what you were referring to. Thanks!

[amirbey]

When I get rate limited during the hybrid flow, the desktop is stuck on the polling page. It'd help to add a feature test for hybrid rate limiting

@amirbey When you were testing the hybrid flow and got rate limited, did the desktop still display the We sent a message to your phone screen? I think we might have a ticket/figma related to this, but I wanted to be sure I understood what you were referring to. Thanks!

hi @eileen-nava ... yes, that screen remains unchanged after the user gets rate limited

[eileen-nava]

@amirbey @night-jellyfish I followed up with Kelli and realized that we had a Figma and ticket for a different issue. Kelli documented the past behavior in this figma and Team Ada fixed it in LG-9813.

[night-jellyfish]

I pushed up a commit to restore the original test that looked for that page.

Unfortunately I'm struggling to get both tests to pass. @amirbey or @dawei-nava perhaps we could look at it tomorrow?

[dawei-nava]

persist it immediately in case we get racing condition in poller

[dawei-nava]

This timestamp is used at another place

identity-idp/app/controllers/concerns/idv/verify_info_concern.rb

Line 23 in 9a22735

document_capture_session.requested_at = Time.zone.now

In this case, guess there is no racing concern, so no need to persist immediately.

Also, should we reset it after doc auth since it use used at this place also, maybe not.

[dawei-nava]

Need explicitly save failed result and result timestamp when finger print check disabled.

[dawei-nava]

Adding delays in mock client to facilitate tests that reflect reality, useful for hybrid flow poller testing.

[eileen-nava]

This is a good idea. 👍🏻

[dawei-nava]

disable check so we can resubmit same images, easier to test.

[dawei-nava]

Add delays longer than a polling cycle which is 5 sec.

[dawei-nava]

Future works:

• network exception should not be counted for rate limiting, this includes LN service return 200 but indicate service not available in response message sometimes.
• examine behavior of exceptions on hybrid flow? like image upload controller exception, capture status controller exception/availability when polling

[dawei-nava]

we may take a detailed look, is it necessary? what's our assumption when this method is invoked? what are the edge cases?

[eileen-nava]

Team Timnit paused work on this bug in anticipation of the upcoming team transition. The comments provide guidance for whoever picks it up in the future. Thanks, @night-jellyfish and @dawei-nava, for all your work on this bug!