diff --git a/app/controllers/idv/by_mail/enter_code_controller.rb b/app/controllers/idv/by_mail/enter_code_controller.rb index e9a3f230d49..2f8eeaf1b86 100644 --- a/app/controllers/idv/by_mail/enter_code_controller.rb +++ b/app/controllers/idv/by_mail/enter_code_controller.rb @@ -45,7 +45,7 @@ def create @gpo_verify_form = build_gpo_verify_form - result = @gpo_verify_form.submit + result = @gpo_verify_form.submit(resolved_authn_context_result.enhanced_ipp?) analytics.idv_verify_by_mail_enter_code_submitted(**result.to_h) if !result.success? diff --git a/app/controllers/idv/enter_password_controller.rb b/app/controllers/idv/enter_password_controller.rb index 22d5af84833..b2c2963aa97 100644 --- a/app/controllers/idv/enter_password_controller.rb +++ b/app/controllers/idv/enter_password_controller.rb @@ -124,8 +124,10 @@ def gpo_mail_service end def init_profile - idv_session.create_profile_from_applicant_with_password(password) - + idv_session.create_profile_from_applicant_with_password( + password, + resolved_authn_context_result.enhanced_ipp?, + ) if idv_session.verify_by_mail? current_user.send_email_to_all_addresses(:verify_by_mail_letter_requested) analytics.idv_gpo_address_letter_enqueued( diff --git a/app/forms/gpo_verify_form.rb b/app/forms/gpo_verify_form.rb index 8e840a01e2c..2253e49a2de 100644 --- a/app/forms/gpo_verify_form.rb +++ b/app/forms/gpo_verify_form.rb @@ -17,7 +17,7 @@ def initialize(user:, pii:, otp: nil) @otp = otp end - def submit + def submit(is_enhanced_ipp) result = valid? fraud_check_failed = pending_profile&.fraud_pending_reason.present? @@ -25,7 +25,7 @@ def submit pending_profile&.remove_gpo_deactivation_reason if user.has_establishing_in_person_enrollment_safe? - schedule_in_person_enrollment_and_deactivate_profile + schedule_in_person_enrollment_and_deactivate_profile(is_enhanced_ipp) elsif fraud_check_failed && threatmetrix_enabled? pending_profile&.deactivate_for_fraud_review elsif fraud_check_failed @@ -63,8 +63,12 @@ def gpo_confirmation_code pending_profile.gpo_confirmation_codes.first_with_otp(otp) end - def schedule_in_person_enrollment_and_deactivate_profile - UspsInPersonProofing::EnrollmentHelper.schedule_in_person_enrollment(user, pii) + def schedule_in_person_enrollment_and_deactivate_profile(is_enhanced_ipp) + UspsInPersonProofing::EnrollmentHelper.schedule_in_person_enrollment( + user:, + pii:, + is_enhanced_ipp:, + ) pending_profile&.deactivate_for_in_person_verification end diff --git a/app/services/idv/session.rb b/app/services/idv/session.rb index df91551145f..a59e83c6d44 100644 --- a/app/services/idv/session.rb +++ b/app/services/idv/session.rb @@ -62,7 +62,7 @@ def respond_to_missing?(method_sym, include_private) VALID_SESSION_ATTRIBUTES.include?(attr_name_sym) || super end - def create_profile_from_applicant_with_password(user_password) + def create_profile_from_applicant_with_password(user_password, is_enhanced_ipp) profile_maker = build_profile_maker(user_password) profile = profile_maker.save_profile( fraud_pending_reason: threatmetrix_fraud_pending_reason, @@ -87,9 +87,10 @@ def create_profile_from_applicant_with_password(user_password) create_gpo_entry(profile_maker.pii_attributes, profile) elsif profile.in_person_verification_pending? UspsInPersonProofing::EnrollmentHelper.schedule_in_person_enrollment( - current_user, - profile_maker.pii_attributes, - opt_in_param, + user: current_user, + pii: profile_maker.pii_attributes, + is_enhanced_ipp: is_enhanced_ipp, + opt_in: opt_in_param, ) end end diff --git a/app/services/usps_in_person_proofing/enrollment_helper.rb b/app/services/usps_in_person_proofing/enrollment_helper.rb index ff0f6eb50e0..482025700e9 100644 --- a/app/services/usps_in_person_proofing/enrollment_helper.rb +++ b/app/services/usps_in_person_proofing/enrollment_helper.rb @@ -3,7 +3,7 @@ module UspsInPersonProofing class EnrollmentHelper class << self - def schedule_in_person_enrollment(user, pii, opt_in = nil) + def schedule_in_person_enrollment(user:, pii:, is_enhanced_ipp:, opt_in: nil) enrollment = user.establishing_in_person_enrollment return unless enrollment @@ -17,7 +17,7 @@ def schedule_in_person_enrollment(user, pii, opt_in = nil) transform_keys(SECONDARY_ID_ADDRESS_MAP) end - enrollment_code = create_usps_enrollment(enrollment, pii) + enrollment_code = create_usps_enrollment(enrollment, pii, is_enhanced_ipp) return unless enrollment_code # update the enrollment to status pending @@ -52,7 +52,7 @@ def send_ready_to_verify_email(user, enrollment) # @param [Pii::Attributes] pii The PII associated with the in-person enrollment # @return [String] The enrollment code # @raise [Exception::RequestEnrollException] Raised with a problem creating the enrollment - def create_usps_enrollment(enrollment, pii) + def create_usps_enrollment(enrollment, pii, is_enhanced_ipp) # Use the enrollment's unique_id value if it exists, otherwise use the deprecated # #usps_unique_id value in order to remain backwards-compatible. LG-7024 will remove this unique_id = enrollment.unique_id || enrollment.usps_unique_id @@ -71,7 +71,7 @@ def create_usps_enrollment(enrollment, pii) ) proofer = usps_proofer - response = proofer.request_enroll(applicant) + response = proofer.request_enroll(applicant, is_enhanced_ipp) response.enrollment_code rescue Faraday::BadRequestError => err handle_bad_request_error(err, enrollment) diff --git a/app/services/usps_in_person_proofing/mock/fixtures.rb b/app/services/usps_in_person_proofing/mock/fixtures.rb index 71fbdc5b71b..c5eaffaa1b7 100644 --- a/app/services/usps_in_person_proofing/mock/fixtures.rb +++ b/app/services/usps_in_person_proofing/mock/fixtures.rb @@ -19,8 +19,8 @@ def self.request_facilities_response load_response_fixture('request_facilities_response.json') end - def self.request_eipp_facilities_response - load_response_fixture('request_eipp_facilities_response.json') + def self.request_enhanced_ipp_facilities_response + load_response_fixture('request_enhanced_ipp_facilities_response.json') end def self.request_facilities_response_with_unordered_distance @@ -43,6 +43,10 @@ def self.request_enroll_response load_response_fixture('request_enroll_response.json') end + def self.request_enroll_response_enhanced_ipp + load_response_fixture('request_enroll_response_enhanced_ipp.json') + end + def self.request_enroll_bad_request_response load_response_fixture('request_enroll_failed_response.json') end diff --git a/app/services/usps_in_person_proofing/mock/proofer.rb b/app/services/usps_in_person_proofing/mock/proofer.rb index d20eeaa4d2d..10b5be38681 100644 --- a/app/services/usps_in_person_proofing/mock/proofer.rb +++ b/app/services/usps_in_person_proofing/mock/proofer.rb @@ -3,7 +3,7 @@ module UspsInPersonProofing module Mock class Proofer < UspsInPersonProofing::Proofer - def request_enroll(applicant) + def request_enroll(applicant, is_enhanced_ipp) case applicant['first_name'] when 'usps waiting' # timeout @@ -26,12 +26,15 @@ def request_enroll(applicant) res = JSON.parse(Fixtures.request_enroll_response) end + if is_enhanced_ipp + res = JSON.parse(Fixtures.request_enroll_response_enhanced_ipp) + end Response::RequestEnrollResponse.new(res) end def request_facilities(_location, is_enhanced_ipp) if is_enhanced_ipp - parse_facilities(JSON.parse(Fixtures.request_eipp_facilities_response)) + parse_facilities(JSON.parse(Fixtures.request_enhanced_ipp_facilities_response)) else parse_facilities(JSON.parse(Fixtures.request_facilities_response)) end diff --git a/app/services/usps_in_person_proofing/mock/responses/request_eipp_facilities_response.json b/app/services/usps_in_person_proofing/mock/responses/request_enhanced_ipp_facilities_response.json similarity index 100% rename from app/services/usps_in_person_proofing/mock/responses/request_eipp_facilities_response.json rename to app/services/usps_in_person_proofing/mock/responses/request_enhanced_ipp_facilities_response.json diff --git a/app/services/usps_in_person_proofing/mock/responses/request_enroll_response_enhanced_ipp.json b/app/services/usps_in_person_proofing/mock/responses/request_enroll_response_enhanced_ipp.json new file mode 100644 index 00000000000..6e08ead2c25 --- /dev/null +++ b/app/services/usps_in_person_proofing/mock/responses/request_enroll_response_enhanced_ipp.json @@ -0,0 +1,4 @@ +{ + "enrollmentCode": "314159", + "responseMessage": "Applicant 314159 successfully processed through enhanced ipp" +} diff --git a/app/services/usps_in_person_proofing/proofer.rb b/app/services/usps_in_person_proofing/proofer.rb index be92ca723e9..ccfd883c0ef 100644 --- a/app/services/usps_in_person_proofing/proofer.rb +++ b/app/services/usps_in_person_proofing/proofer.rb @@ -46,7 +46,7 @@ def request_facilities(location, is_enhanced_ipp) # stored with the unique ID to be able to request the status of proofing. # @param applicant [Hash] # @return [Hash] API response - def request_enroll(applicant) + def request_enroll(applicant, is_enhanced_ipp) url = "#{root_url}/ivs-ippaas-api/IPPRest/resources/rest/optInIPPApplicant" request_body = { sponsorID: sponsor_id, @@ -61,6 +61,11 @@ def request_enroll(applicant) IPPAssuranceLevel: '1.5', } + if is_enhanced_ipp + request_body[:sponsorID] = IdentityConfig.store.usps_eipp_sponsor_id.to_i + request_body[:IPPAssuranceLevel] = '2.0' + end + res = faraday.post(url, request_body, dynamic_headers) do |req| req.options.context = { service_name: 'usps_enroll' } end diff --git a/lib/tasks/dev.rake b/lib/tasks/dev.rake index f24664d0356..880a26e0361 100644 --- a/lib/tasks/dev.rake +++ b/lib/tasks/dev.rake @@ -81,6 +81,7 @@ namespace :dev do desc 'Create in-person enrollments for N random users' task random_in_person_users: [:environment, :random_users] do + is_enhanced_ipp = false usps_request_delay_ms = (ENV['USPS_REQUEST_DELAY_MS'] || 0).to_i num_users = (ENV['NUM_USERS'] || 100).to_i pw = 'salty pickles' @@ -149,8 +150,9 @@ namespace :dev do num_attempts += 1 begin UspsInPersonProofing::EnrollmentHelper.schedule_in_person_enrollment( - user, - pii, + user: user, + pii: pii, + is_enhanced_ipp: is_enhanced_ipp, ) rescue StandardError => e Rails.logger.error 'Exception raised while enrolling user: ' + e.message diff --git a/spec/controllers/idv/by_mail/enter_code_controller_spec.rb b/spec/controllers/idv/by_mail/enter_code_controller_spec.rb index d34ea5750a1..199513694a8 100644 --- a/spec/controllers/idv/by_mail/enter_code_controller_spec.rb +++ b/spec/controllers/idv/by_mail/enter_code_controller_spec.rb @@ -446,5 +446,28 @@ end end end + + context 'when the user is going through enhanced ipp' do + subject(:action) do + post(:create, params: { gpo_verify_form: { otp: good_otp } }) + end + let(:is_enhanced_ipp) { true } + let(:user) { create(:user, :with_pending_gpo_profile, created_at: 2.days.ago) } + let(:gpo_verify_form) { GpoVerifyForm.new(user: user, pii: {}, otp: good_otp) } + before do + authn_context_result = Vot::Parser.new(vector_of_trust: 'Pe').parse + allow(controller).to( + receive(:resolved_authn_context_result).and_return(authn_context_result), + ) + allow(GpoVerifyForm).to receive(:new).and_return(gpo_verify_form) + allow(gpo_verify_form).to receive(:submit).and_call_original + end + + it 'passes the correct param to the gpo verify form submit method' do + action + + expect(gpo_verify_form).to have_received(:submit).with(is_enhanced_ipp) + end + end end end diff --git a/spec/controllers/idv/enter_password_controller_spec.rb b/spec/controllers/idv/enter_password_controller_spec.rb index 33f10acad3b..5bd223b8c13 100644 --- a/spec/controllers/idv/enter_password_controller_spec.rb +++ b/spec/controllers/idv/enter_password_controller_spec.rb @@ -890,5 +890,29 @@ def show end end end + + context 'user is going through enhanced ipp' do + let(:is_enhanced_ipp) { true } + let!(:enrollment) do + create(:in_person_enrollment, :establishing, user: user, profile: nil) + end + before do + authn_context_result = Vot::Parser.new(vector_of_trust: 'Pe').parse + allow(controller).to( + receive(:resolved_authn_context_result).and_return(authn_context_result), + ) + end + it 'passes the correct param to the enrollment helper method' do + expect(UspsInPersonProofing::EnrollmentHelper).to receive(:schedule_in_person_enrollment). + with( + user: user, + pii: Pii::Attributes.new_from_hash(applicant), + is_enhanced_ipp: is_enhanced_ipp, + opt_in: nil, + ) + + put :create, params: { user: { password: ControllerHelper::VALID_PASSWORD } } + end + end end end diff --git a/spec/controllers/idv/in_person/usps_locations_controller_spec.rb b/spec/controllers/idv/in_person/usps_locations_controller_spec.rb index 68913117d91..8d0a7228a43 100644 --- a/spec/controllers/idv/in_person/usps_locations_controller_spec.rb +++ b/spec/controllers/idv/in_person/usps_locations_controller_spec.rb @@ -85,18 +85,18 @@ allow(UspsInPersonProofing::Proofer).to receive(:new).and_return(proofer) end - context 'with EIPP enabled' do + context 'with a user going through enhanced ipp' do let(:vtr) { ['C1.C2.P1.Pe'] } - let(:eipp_sp_session) { { vtr: vtr, acr_values: nil } } + let(:enhanced_ipp_sp_session) { { vtr: vtr, acr_values: nil } } let(:user) { build(:user) } let(:sp) { build(:service_provider, ial: 2) } before do - allow(controller).to receive(:sp_session).and_return(eipp_sp_session) + allow(controller).to receive(:sp_session).and_return(enhanced_ipp_sp_session) allow(controller).to receive(:sp_from_sp_session).and_return(sp) end - it 'requests EIPP locations' do + it 'requests enhanced ipp locations' do expect(AuthnContextResolver).to receive(:new).with( user: user, service_provider: sp, vtr: vtr, acr_values: nil diff --git a/spec/controllers/idv/personal_key_controller_spec.rb b/spec/controllers/idv/personal_key_controller_spec.rb index 49c87cf6fcb..2899e92299c 100644 --- a/spec/controllers/idv/personal_key_controller_spec.rb +++ b/spec/controllers/idv/personal_key_controller_spec.rb @@ -30,6 +30,7 @@ def assert_personal_key_generated_for_profiles(*profile_pii_pairs) let(:applicant) { Idp::Constants::MOCK_IDV_APPLICANT_WITH_PHONE } let(:password) { 'sekrit phrase' } let(:user) { create(:user, :fully_registered, password: password) } + let(:is_enhanced_ipp) { false } # Most (but not all) of these tests assume that a profile has been minted # from the data in idv_session. Set this to false to prevent this behavior @@ -68,7 +69,7 @@ def assert_personal_key_generated_for_profiles(*profile_pii_pairs) idv_session.applicant = applicant if mint_profile_from_idv_session - idv_session.create_profile_from_applicant_with_password(password) + idv_session.create_profile_from_applicant_with_password(password, is_enhanced_ipp) end end diff --git a/spec/forms/gpo_verify_form_spec.rb b/spec/forms/gpo_verify_form_spec.rb index 771d059e97a..774213f7805 100644 --- a/spec/forms/gpo_verify_form_spec.rb +++ b/spec/forms/gpo_verify_form_spec.rb @@ -19,6 +19,7 @@ ) end let(:proofing_components) { nil } + let(:is_enhanced_ipp) { false } before do next if pending_profile.blank? @@ -36,7 +37,7 @@ let(:entered_otp) { nil } it 'is invalid' do - result = subject.submit + result = subject.submit(is_enhanced_ipp) expect(result.success?).to eq(false) expect(result.errors[:otp]).to eq [t('errors.messages.blank')] end @@ -47,7 +48,7 @@ let(:user) { build_stubbed(:user) } it 'is invalid' do - result = subject.submit + result = subject.submit(is_enhanced_ipp) expect(result.success?).to eq(false) expect(result.errors[:base]).to eq [t('errors.messages.no_pending_profile')] end @@ -59,7 +60,7 @@ let(:otp) { 'ABCDEF12345' } it 'is valid' do - result = subject.submit + result = subject.submit(is_enhanced_ipp) expect(result.success?).to eq(true) end end @@ -69,7 +70,7 @@ let(:otp) { '0000000000' } it 'is valid' do - result = subject.submit + result = subject.submit(is_enhanced_ipp) expect(result.success?).to eq(true) end end @@ -79,7 +80,7 @@ let(:entered_otp) { 'wrong' } it 'is invalid' do - result = subject.submit + result = subject.submit(is_enhanced_ipp) expect(result.success?).to eq(false) expect(result.errors[:otp]).to eq [t('errors.messages.confirmation_code_incorrect')] end @@ -98,7 +99,7 @@ end it 'is invalid' do - result = subject.submit + result = subject.submit(is_enhanced_ipp) expect(result.success?).to eq(false) expect(subject.errors[:otp]).to eq [t('errors.messages.gpo_otp_expired')] end @@ -108,7 +109,7 @@ allow(subject).to receive(:user_can_request_another_letter?).and_return(false) end it 'is invalid and uses different messaging' do - result = subject.submit + result = subject.submit(is_enhanced_ipp) expect(result.success?).to eq(false) expect(subject.errors[:otp]).to eq [ t('errors.messages.gpo_otp_expired_and_cannot_request_another'), @@ -121,20 +122,20 @@ describe '#submit' do context 'correct OTP' do it 'returns true' do - result = subject.submit + result = subject.submit(is_enhanced_ipp) expect(result.success?).to eq true end it 'activates the pending profile' do expect(pending_profile).to_not be_active - subject.submit + subject.submit(is_enhanced_ipp) expect(pending_profile.reload).to be_active end it 'logs the date the code was sent at' do - result = subject.submit + result = subject.submit(is_enhanced_ipp) confirmation_code = pending_profile.gpo_confirmation_codes.last expect(result.to_h[:enqueued_at]).to eq(confirmation_code.code_sent_at) @@ -159,7 +160,7 @@ end it 'sets profile to pending in person verification' do - subject.submit + subject.submit(is_enhanced_ipp) pending_profile.reload expect(pending_profile).not_to be_active @@ -168,7 +169,7 @@ end it 'updates establishing in-person enrollment to pending' do - subject.submit + subject.submit(is_enhanced_ipp) establishing_enrollment.reload @@ -197,7 +198,7 @@ end it 'changes profile from pending to active' do - subject.submit + subject.submit(is_enhanced_ipp) pending_profile.reload expect(pending_profile).to be_active @@ -217,19 +218,19 @@ end it 'returns true' do - result = subject.submit + result = subject.submit(is_enhanced_ipp) expect(result.success?).to eq true end it 'does not activate the users profile' do - subject.submit + subject.submit(is_enhanced_ipp) profile = user.profiles.first expect(profile.active).to eq(false) expect(profile.fraud_review_pending?).to eq(true) end it 'notes that threatmetrix failed' do - result = subject.submit + result = subject.submit(is_enhanced_ipp) expect(result.extra).to include(fraud_check_failed: true) end @@ -239,19 +240,19 @@ end it 'returns true' do - result = subject.submit + result = subject.submit(is_enhanced_ipp) expect(result.success?).to eq true end it 'does activate the users profile' do - subject.submit + subject.submit(is_enhanced_ipp) profile = user.profiles.first expect(profile.active).to eq(true) expect(profile.deactivation_reason).to eq(nil) end it 'notes that threatmetrix failed' do - result = subject.submit + result = subject.submit(is_enhanced_ipp) expect(result.extra).to include(fraud_check_failed: true) end end @@ -262,7 +263,7 @@ let(:entered_otp) { 'wrong' } it 'clears form' do - subject.submit + subject.submit(is_enhanced_ipp) expect(subject.otp).to be_nil end @@ -293,7 +294,7 @@ let(:entered_otp) { first_otp } it 'logs which letter and letter count' do - result = subject.submit + result = subject.submit(is_enhanced_ipp) expect(result.to_h[:which_letter]).to eq(1) expect(result.to_h[:letter_count]).to eq(3) @@ -304,7 +305,7 @@ let(:entered_otp) { second_otp } it 'logs which letter and letter count' do - result = subject.submit + result = subject.submit(is_enhanced_ipp) expect(result.to_h[:which_letter]).to eq(2) expect(result.to_h[:letter_count]).to eq(3) @@ -315,12 +316,30 @@ let(:entered_code) { third_otp } it 'logs which letter and letter count' do - result = subject.submit + result = subject.submit(is_enhanced_ipp) expect(result.to_h[:which_letter]).to eq(3) expect(result.to_h[:letter_count]).to eq(3) end end end + + context 'when the user is going through enhanced ipp' do + let(:is_enhanced_ipp) { true } + let!(:establishing_enrollment) do + create( + :in_person_enrollment, + :establishing, + profile: pending_profile, + user: user, + ) + end + it 'sends the correct information for scheduling an in person enrollment' do + expect(UspsInPersonProofing::EnrollmentHelper).to receive(:schedule_in_person_enrollment). + with(user: anything, pii: anything, is_enhanced_ipp: is_enhanced_ipp) + + subject.submit(is_enhanced_ipp) + end + end end end diff --git a/spec/policies/idv/flow_policy_spec.rb b/spec/policies/idv/flow_policy_spec.rb index b3fe49dfa26..16647342985 100644 --- a/spec/policies/idv/flow_policy_spec.rb +++ b/spec/policies/idv/flow_policy_spec.rb @@ -312,12 +312,13 @@ end context 'preconditions for personal_key are present' do + let(:is_enhanced_ipp) { false } let(:password) { 'sekrit phrase' } context 'user has a verify by mail pending profile' do it 'returns personal_key' do stub_up_to(:request_letter, idv_session: idv_session) idv_session.gpo_code_verified = true - idv_session.create_profile_from_applicant_with_password('password') + idv_session.create_profile_from_applicant_with_password('password', is_enhanced_ipp) expect(subject.info_for_latest_step.key).to eq(:personal_key) expect(subject.controller_allowed?(controller: Idv::PersonalKeyController)).to be @@ -325,9 +326,10 @@ end context 'user has a newly activated profile' do + let(:is_enhanced_ipp) { false } it 'returns personal_key' do stub_up_to(:otp_verification, idv_session: idv_session) - idv_session.create_profile_from_applicant_with_password('password') + idv_session.create_profile_from_applicant_with_password('password', is_enhanced_ipp) expect(subject.info_for_latest_step.key).to eq(:personal_key) expect(subject.controller_allowed?(controller: Idv::PersonalKeyController)).to be diff --git a/spec/services/gpo_reminder_sender_spec.rb b/spec/services/gpo_reminder_sender_spec.rb index ec07520a29c..797937626b7 100644 --- a/spec/services/gpo_reminder_sender_spec.rb +++ b/spec/services/gpo_reminder_sender_spec.rb @@ -158,6 +158,7 @@ def set_reminder_sent_at(to_time) end context 'but the user has completed gpo verification' do + let(:is_enhanced_ipp) { false } before do otp = 'ABC123' pending_profile = user.gpo_verification_pending_profile @@ -175,7 +176,7 @@ def set_reminder_sent_at(to_time) user: user, pii: Idp::Constants::MOCK_IDV_APPLICANT_WITH_PHONE, otp: otp, - ).submit + ).submit(is_enhanced_ipp) end include_examples 'sends no emails' diff --git a/spec/services/idv/session_spec.rb b/spec/services/idv/session_spec.rb index 59f17f4365d..f09d4d2ff00 100644 --- a/spec/services/idv/session_spec.rb +++ b/spec/services/idv/session_spec.rb @@ -128,6 +128,7 @@ describe '#create_profile_from_applicant_with_password' do let(:opt_in_param) { nil } + let(:is_enhanced_ipp) { false } before do subject.applicant = Idp::Constants::MOCK_IDV_APPLICANT_WITH_SSN end @@ -144,7 +145,7 @@ now = Time.zone.now subject.user_phone_confirmation = true - subject.create_profile_from_applicant_with_password(user.password) + subject.create_profile_from_applicant_with_password(user.password, is_enhanced_ipp) profile = subject.profile expect(profile.activated_at).to eq now @@ -163,7 +164,7 @@ it 'does not complete the profile if the user has not completed OTP phone confirmation' do subject.user_phone_confirmation = nil - subject.create_profile_from_applicant_with_password(user.password) + subject.create_profile_from_applicant_with_password(user.password, is_enhanced_ipp) profile = subject.profile expect(profile.activated_at).to eq nil @@ -192,7 +193,7 @@ end it 'sets profile to pending in person verification' do - subject.create_profile_from_applicant_with_password(user.password) + subject.create_profile_from_applicant_with_password(user.password, is_enhanced_ipp) profile = subject.profile expect(profile.activated_at).to eq nil @@ -211,9 +212,11 @@ it 'creates a USPS enrollment' do expect(UspsInPersonProofing::EnrollmentHelper). to receive(:schedule_in_person_enrollment). - with(user, Pii::Attributes.new_from_hash(subject.applicant), opt_in_param) + with(user: user, pii: Pii::Attributes.new_from_hash(subject.applicant), + is_enhanced_ipp: is_enhanced_ipp, + opt_in: opt_in_param) - subject.create_profile_from_applicant_with_password(user.password) + subject.create_profile_from_applicant_with_password(user.password, is_enhanced_ipp) profile = enrollment.reload.profile expect(profile).to eq(user.profiles.last) @@ -235,7 +238,7 @@ end it 'sets profile to pending gpo verification' do - subject.create_profile_from_applicant_with_password(user.password) + subject.create_profile_from_applicant_with_password(user.password, is_enhanced_ipp) profile = subject.profile expect(profile.activated_at).to eq nil @@ -259,7 +262,7 @@ end it 'does not complete the user profile' do - subject.create_profile_from_applicant_with_password(user.password) + subject.create_profile_from_applicant_with_password(user.password, is_enhanced_ipp) profile = subject.profile expect(profile.activated_at).to eq nil diff --git a/spec/services/usps_in_person_proofing/enrollment_helper_spec.rb b/spec/services/usps_in_person_proofing/enrollment_helper_spec.rb index 6f72187974c..91c905eaf1d 100644 --- a/spec/services/usps_in_person_proofing/enrollment_helper_spec.rb +++ b/spec/services/usps_in_person_proofing/enrollment_helper_spec.rb @@ -22,6 +22,7 @@ 'registration@usps.local.identitysandbox.gov' end let(:proofer) { UspsInPersonProofing::Mock::Proofer.new } + let(:is_enhanced_ipp) { false } before(:each) do stub_request_token @@ -56,7 +57,7 @@ it 'uses a mock proofer' do expect(UspsInPersonProofing::Mock::Proofer).to receive(:new).and_call_original - subject.schedule_in_person_enrollment(user, pii) + subject.schedule_in_person_enrollment(user:, pii:, is_enhanced_ipp:) end end @@ -71,7 +72,7 @@ it 'updates the existing enrollment record' do expect(user.in_person_enrollments.length).to eq(1) - subject.schedule_in_person_enrollment(user, pii) + subject.schedule_in_person_enrollment(user:, pii:, is_enhanced_ipp:) enrollment.reload # tests that the value of current_address_matches_id on the enrollment corresponds @@ -93,10 +94,10 @@ expect(applicant.zip_code).to eq(Idp::Constants::MOCK_IDV_APPLICANT[:zipcode]) expect(applicant.unique_id).to eq(enrollment.unique_id) - UspsInPersonProofing::Mock::Proofer.new.request_enroll(applicant) + UspsInPersonProofing::Mock::Proofer.new.request_enroll(applicant, is_enhanced_ipp) end - subject.schedule_in_person_enrollment(user, pii) + subject.schedule_in_person_enrollment(user:, pii:, is_enhanced_ipp:) end context 'same address as id is false' do @@ -122,10 +123,10 @@ zip_code: Idp::Constants::MOCK_IDV_APPLICANT_STATE_ID_ADDRESS[:identity_doc_zipcode], ) - UspsInPersonProofing::Mock::Proofer.new.request_enroll(applicant) + UspsInPersonProofing::Mock::Proofer.new.request_enroll(applicant, is_enhanced_ipp) end - subject.schedule_in_person_enrollment(user, pii) + subject.schedule_in_person_enrollment(user:, pii:, is_enhanced_ipp:) end end end @@ -158,10 +159,10 @@ expect(applicant.email).to eq(usps_ipp_enrollment_status_update_email_address) expect(applicant.unique_id).to eq(enrollment.unique_id) - UspsInPersonProofing::Mock::Proofer.new.request_enroll(applicant) + UspsInPersonProofing::Mock::Proofer.new.request_enroll(applicant, is_enhanced_ipp) end - subject.schedule_in_person_enrollment(user, pii) + subject.schedule_in_person_enrollment(user:, pii:, is_enhanced_ipp:) end end @@ -171,15 +172,15 @@ expect(proofer).to receive(:request_enroll) do |applicant| expect(applicant.unique_id).to eq(enrollment.usps_unique_id) - UspsInPersonProofing::Mock::Proofer.new.request_enroll(applicant) + UspsInPersonProofing::Mock::Proofer.new.request_enroll(applicant, is_enhanced_ipp) end - subject.schedule_in_person_enrollment(user, pii) + subject.schedule_in_person_enrollment(user:, pii:, is_enhanced_ipp:) end end it 'sets enrollment status to pending and sets established at date and unique id' do - subject.schedule_in_person_enrollment(user, pii) + subject.schedule_in_person_enrollment(user:, pii:, is_enhanced_ipp:) expect(user.in_person_enrollments.first.status).to eq(InPersonEnrollment::STATUS_PENDING) expect(user.in_person_enrollments.first.enrollment_established_at).to_not be_nil @@ -189,7 +190,7 @@ context 'event logging' do context 'with no service provider' do it 'logs event' do - subject.schedule_in_person_enrollment(user, pii) + subject.schedule_in_person_enrollment(user:, pii:, is_enhanced_ipp:) expect(subject_analytics).to have_logged_event( 'USPS IPPaaS enrollment created', @@ -208,7 +209,7 @@ let(:service_provider) { build(:service_provider, issuer: issuer) } it 'logs event' do - subject.schedule_in_person_enrollment(user, pii) + subject.schedule_in_person_enrollment(user:, pii:, is_enhanced_ipp:) expect(subject_analytics).to have_logged_event( 'USPS IPPaaS enrollment created', @@ -235,7 +236,7 @@ it 'does not log the presence of address line 2 only in residential address' do pii['identity_doc_address2'] = nil - subject.schedule_in_person_enrollment(user, pii) + subject.schedule_in_person_enrollment(user:, pii:, is_enhanced_ipp:) expect(subject_analytics).to have_logged_event( 'USPS IPPaaS enrollment created', @@ -255,7 +256,7 @@ pii['same_address_as_id'] = false pii['address2'] = nil - subject.schedule_in_person_enrollment(user, pii) + subject.schedule_in_person_enrollment(user:, pii:, is_enhanced_ipp:) expect(subject_analytics).to have_logged_event( 'USPS IPPaaS enrollment created', @@ -274,7 +275,7 @@ let(:opt_in) { true } it 'logs user\'s opt-in choice' do - subject.schedule_in_person_enrollment(user, pii, opt_in) + subject.schedule_in_person_enrollment(user:, pii:, is_enhanced_ipp:, opt_in:) expect(subject_analytics).to have_logged_event( 'USPS IPPaaS enrollment created', @@ -290,7 +291,7 @@ end it 'sends verification emails' do - subject.schedule_in_person_enrollment(user, pii) + subject.schedule_in_person_enrollment(user:, pii:, is_enhanced_ipp:) expect_delivered_email_count(1) expect_delivered_email( @@ -301,6 +302,42 @@ end end + describe '#create_usps_enrollment' do + let(:usps_mock_fallback) { true } + let(:enrollment) { create(:in_person_enrollment, :with_service_provider) } + let(:usps_eipp_sponsor_id) { '314159265359' } + let(:is_enhanced_ipp) { true } + let(:pii) do + Pii::Attributes.new_from_hash( + Idp::Constants::MOCK_IDV_APPLICANT, + ) + end + let(:applicant) do + UspsInPersonProofing::Applicant.new( + unique_id: enrollment.unique_id, + first_name: Idp::Constants::MOCK_IDV_APPLICANT[:first_name], + last_name: Idp::Constants::MOCK_IDV_APPLICANT[:last_name], + address: Idp::Constants::MOCK_IDV_APPLICANT[:address1], + city: Idp::Constants::MOCK_IDV_APPLICANT[:city], + state: Idp::Constants::MOCK_IDV_APPLICANT[:state], + zip_code: Idp::Constants::MOCK_IDV_APPLICANT[:zipcode], + email: usps_ipp_enrollment_status_update_email_address, + ) + end + before do + allow(IdentityConfig.store).to receive(:usps_eipp_sponsor_id). + and_return(usps_eipp_sponsor_id) + allow(UspsInPersonProofing::Mock::Proofer).to receive(:new).and_return(proofer) + allow(proofer).to receive(:request_enroll).and_call_original + end + context 'when the user is going through enhanced ipp' do + it 'creates an enhanced ipp enrollment' do + expect(proofer).to receive(:request_enroll).with(applicant, is_enhanced_ipp) + subject.create_usps_enrollment(enrollment, pii, is_enhanced_ipp) + end + end + end + def transliterated_without_change(value) UspsInPersonProofing::Transliterator::TransliterationResult.new( changed?: false, diff --git a/spec/services/usps_in_person_proofing/proofer_spec.rb b/spec/services/usps_in_person_proofing/proofer_spec.rb index ba73c6cccd6..000dac22c58 100644 --- a/spec/services/usps_in_person_proofing/proofer_spec.rb +++ b/spec/services/usps_in_person_proofing/proofer_spec.rb @@ -101,9 +101,9 @@ def expect_facility_fields_to_be_present(facility) stub_request_token stub_request_enroll - subject.request_enroll(applicant) - subject.request_enroll(applicant) - subject.request_enroll(applicant) + subject.request_enroll(applicant, false) + subject.request_enroll(applicant, false) + subject.request_enroll(applicant, false) expect(WebMock).to have_requested(:post, %r{/oauth/authenticate}).once expect(WebMock).to have_requested( @@ -219,15 +219,15 @@ def expect_facility_fields_to_be_present(facility) ).to eq(1) end - context 'when the user is going through EIPP' do + context 'when the user is going through enhanced ipp' do let(:usps_eipp_sponsor_id) { '314159265359' } let(:is_enhanced_ipp) { true } before do allow(IdentityConfig.store).to receive(:usps_eipp_sponsor_id). and_return(usps_eipp_sponsor_id) end - it 'uses the EIPP usps_ipp_sponsor_id in calls to the USPS API' do - stub_request_eipp_facilities + it 'uses the usps_eipp_sponsor_id in calls to the USPS API' do + stub_request_enhanced_ipp_facilities subject.request_facilities(location, is_enhanced_ipp) expect(WebMock).to have_requested(:post, request_url). @@ -281,15 +281,21 @@ def expect_facility_fields_to_be_present(facility) unique_id: '123456789', ) end + let(:is_enhanced_ipp) { false } + let(:request_url) { "#{root_url}/ivs-ippaas-api/IPPRest/resources/rest/optInIPPApplicant" } + let(:usps_ipp_sponsor_id) { '42' } + let(:ipp_assurance_level) { '1.5' } before do stub_request_token + allow(IdentityConfig.store).to receive(:usps_ipp_sponsor_id). + and_return(usps_ipp_sponsor_id) end it 'returns enrollment information' do stub_request_enroll - enrollment = subject.request_enroll(applicant) + enrollment = subject.request_enroll(applicant, is_enhanced_ipp) expect(enrollment.enrollment_code).to be_present expect(enrollment.response_message).to be_present end @@ -297,7 +303,7 @@ def expect_facility_fields_to_be_present(facility) it 'returns 400 error' do stub_request_enroll_bad_request_response - expect { subject.request_enroll(applicant) }.to raise_error( + expect { subject.request_enroll(applicant, is_enhanced_ipp) }.to raise_error( an_instance_of(Faraday::BadRequestError). and(having_attributes( response: include( @@ -312,7 +318,7 @@ def expect_facility_fields_to_be_present(facility) it 'returns 500 error' do stub_request_enroll_internal_server_error_response - expect { subject.request_enroll(applicant) }.to raise_error( + expect { subject.request_enroll(applicant, is_enhanced_ipp) }.to raise_error( an_instance_of(Faraday::ServerError). and(having_attributes( response: include( @@ -324,6 +330,21 @@ def expect_facility_fields_to_be_present(facility) ) end + it 'uses the usps_ipp_sponsor_id and IPPAssurance Level in calls to the USPS API' do + stub_request_enroll + subject.request_enroll(applicant, is_enhanced_ipp) + + expect(WebMock).to have_requested(:post, request_url). + with( + body: hash_including( + { + sponsorID: usps_ipp_sponsor_id.to_i, + IPPAssuranceLevel: ipp_assurance_level, + }, + ), + ) + end + context 'when the auth token is expired' do expires_at = nil let(:expires_in) { 15.minutes } @@ -341,7 +362,7 @@ def expect_facility_fields_to_be_present(facility) subject.token enrollment = nil travel_to(expires_at) do - enrollment = subject.request_enroll(applicant) + enrollment = subject.request_enroll(applicant, false) end expect(WebMock).to have_requested(:post, "#{root_url}/oauth/authenticate").twice @@ -350,6 +371,30 @@ def expect_facility_fields_to_be_present(facility) expect(enrollment.response_message).to be_present end end + + context 'when the enrollment is enhanced ipp' do + let(:usps_eipp_sponsor_id) { '314159265359' } + let(:ipp_assurance_level) { '2.0' } + let(:is_enhanced_ipp) { true } + before do + allow(IdentityConfig.store).to receive(:usps_eipp_sponsor_id). + and_return(usps_eipp_sponsor_id) + end + it 'uses the enhanced ipp usps_eipp_sponsor_id & IPPAssuranceLevel in calls to USPS API' do + stub_request_enroll + subject.request_enroll(applicant, is_enhanced_ipp) + + expect(WebMock).to have_requested(:post, request_url). + with( + body: hash_including( + { + sponsorID: usps_eipp_sponsor_id.to_i, + IPPAssuranceLevel: ipp_assurance_level, + }, + ), + ) + end + end end describe '#request_proofing_results' do diff --git a/spec/support/usps_ipp_helper.rb b/spec/support/usps_ipp_helper.rb index 0154bc8991e..a73504ba76d 100644 --- a/spec/support/usps_ipp_helper.rb +++ b/spec/support/usps_ipp_helper.rb @@ -35,10 +35,10 @@ def stub_request_facilities ) end - def stub_request_eipp_facilities + def stub_request_enhanced_ipp_facilities stub_request(:post, %r{/ivs-ippaas-api/IPPRest/resources/rest/getIppFacilityList}).to_return( status: 200, - body: UspsInPersonProofing::Mock::Fixtures.request_eipp_facilities_response, + body: UspsInPersonProofing::Mock::Fixtures.request_enhanced_ipp_facilities_response, headers: { 'content-type' => 'application/json' }, ) end