Merged
Conversation
This commit adds a `VerifyByMailConcern` to the IdP. This is intended to function as a mixin that wraps up the logic required for verify-by-mail. This includes: - Creating an providing an accessor for the verify-by-mail policy object - Delegating some methods to the policy object to describe things such as whether a user can request or resend a letter - Logging analytics events and computing analytics properties Inspiration from this came from this comment: https://github.com/18F/identity-idp/pull/10878/files#r1657358020 [skip changelog]
changelog: Internal, Automated Testing, Render negated test cases in account specs
* add failing spec changelog: Bug Fixes, In-Person Proofing, Fix 500 in document capture when going to IPP * check authentication before other actions
* Update rules_of_use_horizon_years to 5 For Kantara purposes, this needs to be 5 years, not 6. (In practice, `rules_of_use_updated_at` is updated more often than every 5 years.) * changelog: Internal, Terms of use, Require re-accepting rules of use every 5 years * Update tests as well
* add failing spec * Fix 500 error when validating userinfo requests changelog: Bug Fixes, OpenID Connect, Fix 500 error when validating userinfo requests
* changelog: User-Facing Improvements, Authentication, Recaptcha ignore low confidence score failures * address comments
* Add Gitlab workflows that can be scheduled to notify Slack * Add specs for notify-slack * Remove JSON matcher dependency * allow running scheduled jobs * add username * Clean up Slack message, href syntax didn't work changelog: Internal, Source code, Add scheduled checks for external changes --------- Co-authored-by: Mitchell Henke <mitchell.henke@gsa.gov>
* Save sponsor_id on new IPP enrollments * Fix linter errors * Add addi check before setting sponsor_id * changelog: Internal, In-Person Proofing, Save Sponsor Id on IPP Enrollments (Internal) and on EIPP Enhanced Enrollments (Upcoming Features) * Remove config var checks * Remove white space inside it description of spec
* Translate Post Office search results changelog: Internal, Bug Fixes, Translate Post Office search results * Update app/presenters/idv/in_person/ready_to_verify_presenter.rb Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com> * Move localized location into helper * fix module * align location results with proofer behavior * Pass locationsURL as localized path helper context --------- Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com> Co-authored-by: Andrew Duthie <andrew.duthie@gsa.gov>
…10887) * LG-13318: Ensure user_id present in account deletion submitted changelog: Internal, Analytics, Ensure user ID present in account deletion submitted * Fix PIV CAC login controller specs The issue was stub_analytics was _also_ being called and causing the controller to memoize analytics result in a way that wasn't previously surfaced since we asserted against analytics_user directly, despite the fact that the analytics method is what's actually used in code for logging * Reorder redirect relative to sign-out Signing out would cause current_user to always return nil. This change returns to previous implementation prior to #10573 with order of redirect See: https://github.com/18F/identity-idp/pull/10887/files#r1661091791
* Allow filtering user log report by start and end dates changelog: Internal, Data Requests, Allow filtering user log report by start and end dates * Update lib/tasks/data_requests.rake Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com> --------- Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com>
…10866) In #10864 a new controller was introduced to handle resends. In #10865 the controller started being used. Once both of those changes are fully deployed this change can be merged to remove the resend functionality from the `RequestLetterController`. This change will make the `RequestLetterController` behave like the rest of the IdV-step controllers. It will no longer be accessible outside of the IdV workflow. [skip changelog]
We have observed a number of SSH errors when attempting to upload the GPO file. When those have occured re-running the GPO job has resulted in a successful upload. This commit attempts to automate that by adding retry logic to confirmation uploader. This change is limited to the SSH connection and upload. This is to tread carefully around the job's logic. It deletes the records it uploads so we need to tread lightly when performing retries. [skip changelog]
**Why**: These checks look for external changes (vulnerabilities reported, documentation out of date), so failing branch builds on them causes noisy issues for everybody. They are now scheduled on main so they can be fixed for everybody changelog: Internal, CI, Remove per-branch checks for scheduled job checks
* Lint hard-coded URLs in JavaScript changelog: Internal, Continuous Integration, Add JavaScript lint to prevent hardcoding URLs * session timeout * address search URL * Update app/javascript/packages/session/requests.ts Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com> * Update app/javascript/packs/session-timeout-ping.ts Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com> * rename variables --------- Co-authored-by: Andrew Duthie <andrew.duthie@gsa.gov> Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com>
* Implement proofing_components in terms of idv_session Add new class, `ProofingComponents`, that calculates our sometimes-wonky ProofingComponents values based on values in Idv::Session. changelog: Internal, Identity verification, Calculate proofing_components dynamically * Log dynamic proofing_components * WIP * Analytics spec: Ensure FakeAnalytics has a session * Special case Idv::ProofingComponents in FakeAnalytics * Fix analytics feature tests * Add IPP-related methods to AnonymousUser * Add missing frozen_string_literal to top of file * Ensure FakeAnalytics has a session in cancel feature spec * Log analytics before clearing session when starting over * Various small test fixes * Revert changes to OutOfBandSessionAccessor * Remove unused user_session method * Remove references to unused proofing component fields * Remove Idv::ProofingComponentsLogging * Fix doc comments * Use fewer words * Update spec/services/idv/analytics_events_enhancer_spec.rb Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com> --------- Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com>
…10886) In #10871 we added a requirement that 2 pieces of fair evidence are required during verification. This is active whenever a SP requests biometric comparison. This commit adds enforcement of that requirement. It uses the `GpoVerifyForm` added in #10844 to disallow sends when that requirement is in place. changelog: User-Facing Improvements, Verify By Mail Flow, The verify by mail flow enforces the 2 pieces of fair evidence requirement which disallows verify by mail when a SP requests an authn context with the requirement.
aduth
approved these changes
Jul 2, 2024
jmdembe
added a commit
that referenced
this pull request
Jul 2, 2024
Revert "Merge pull request #10909 from 18F/stages/rc-2024-07-02"
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
7 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
User-Facing Improvements
Bug Fixes
Internal