Use faster default driver for feature tests not requiring JavaScript

spec/features/openid_connect/vtr_spec.rb

@@ -10,7 +10,7 @@
       and_return(true)
   end
 
-  scenario 'sign in with VTR request for authentication', :js do
+  scenario 'sign in with VTR request for authentication' do
     user = create(:user, :fully_registered)
 
     visit_idp_from_oidc_sp_with_vtr(vtr: ['C1'])
@@ -25,10 +25,10 @@
 
     click_agree_and_continue
 
-    expect(current_url).to start_with('http://localhost:7654/auth/result')
+    expect(oidc_redirect_url).to start_with('http://localhost:7654/auth/result')
   end
 
-  scenario 'sign in with VTR request for AAL2 disables remember device', :js do
+  scenario 'sign in with VTR request for AAL2 disables remember device' do
     user = create(:user, :fully_registered)
 
     # Sign in and remember device
@@ -48,10 +48,10 @@
 
     click_agree_and_continue
 
-    expect(current_url).to start_with('http://localhost:7654/auth/result')
+    expect(oidc_redirect_url).to start_with('http://localhost:7654/auth/result')
   end
 
-  scenario 'sign in with VTR for phishing-resistance requires phishing-resistanc auth', :js do
+  scenario 'sign in with VTR for phishing-resistance requires phishing-resistanc auth' do
     mock_webauthn_setup_challenge
     user = create(:user, :fully_registered)
 
@@ -69,7 +69,7 @@
 
     click_agree_and_continue
 
-    expect(current_url).to start_with('http://localhost:7654/auth/result')
+    expect(oidc_redirect_url).to start_with('http://localhost:7654/auth/result')
   end
 
   scenario 'sign in with VTR request for HSDP12 auth requires PIV/CAC setup' do
@@ -94,12 +94,11 @@
     follow_piv_cac_redirect
 
     click_agree_and_continue
-    click_submit_default
 
-    expect(current_url).to start_with('http://localhost:7654/auth/result')
+    expect(oidc_redirect_url).to start_with('http://localhost:7654/auth/result')
   end
 
-  scenario 'sign in with VTR request for idv requires idv', :js do
+  scenario 'sign in with VTR request for idv requires idv' do
     user = create(:user, :fully_registered)
 
     visit_idp_from_oidc_sp_with_vtr(vtr: ['P1'])

spec/features/users/profile_recovery_for_gpo_verified_spec.rb

@@ -4,30 +4,16 @@
               allowed_extra_analytics: [:*] do
   include IdvStepHelper
 
-  let(:email) { 'cool_beagle@example.org' }
-  let(:password) { '!1a Z@6s' * 16 } # default password from user factory
   let(:new_password) { 'some really awesome new password' }
 
-  let(:user) { create(:user, :fully_registered, email: email, password: password) }
-
-  before do
-    allow(FeatureManagement).to receive(:reveal_gpo_code?).and_return(true)
-  end
-
-  scenario 'lets them reactivate their profile with their personal key', email: true, js: true do
-    complete_idv_steps_with_gpo_before_confirmation_step(user)
-    click_on t('doc_auth.buttons.continue')
-
-    gpo_code = page.get_rack_session_key('last_gpo_confirmation_code')
-    page.go_back # get_rack_session_key navigates away.
-
-    click_on t('links.sign_out')
-
-    fill_in_credentials_and_submit(email, password)
+  scenario 'lets them reactivate their profile with their personal key', email: true do
+    user = create(:user, :fully_registered, :with_pending_gpo_profile)
+    visit new_user_session_path
+    fill_in_credentials_and_submit(user.email, user.password)
     fill_in I18n.t('components.one_time_code_input.label'), with: last_phone_otp
     click_submit_default
 
-    fill_in 'gpo_verify_form_otp', with: gpo_code
+    fill_in 'gpo_verify_form_otp', with: 'ABCDE12345'
     click_on t('idv.gpo.form.submit')
 
     personal_key = scrape_personal_key

spec/features/users/sign_up_spec.rb

@@ -241,14 +241,6 @@ def clipboard_text
 
       expect(page).to have_current_path account_path
     end
-
-    it 'allows a user to sign up with backup codes and add methods without reauthentication' do
-      sign_in_user
-      select_2fa_option('backup_code')
-
-      visit phone_setup_path
-      expect(page).to have_current_path phone_setup_path
-    end
   end
 
   context 'user accesses password screen with already confirmed token', email: true do

spec/features/webauthn/sign_in_spec.rb

@@ -15,13 +15,18 @@
     )
   end
 
-  it 'allows the user to sign in if webauthn is successful' do
-    mock_webauthn_verification_challenge
+  context 'with javascript enabled', :js do
+    # While JavaScript tests are slower to run, these tests provide increased confidence in the
+    # real-world behavior of WebAuthn browser interaction for the critical pathways.
 
-    sign_in_user(user)
-    mock_successful_webauthn_authentication { click_webauthn_authenticate_button }
+    it 'allows the user to sign in if webauthn is successful' do
+      mock_webauthn_verification_challenge
 
-    expect(page).to have_current_path(account_path)
+      sign_in_user(user)
+      mock_successful_webauthn_authentication { click_webauthn_authenticate_button }
+
+      expect(page).to have_current_path(account_path)
+    end
   end
 
   it 'does not allow the user to sign in if the challenge/secret is incorrect' do
@@ -44,7 +49,7 @@
     expect(page).to have_current_path(login_two_factor_webauthn_path)
   end
 
-  it 'does not show error after successful challenge/secret reattempt', :js do
+  it 'does not show error after successful challenge/secret reattempt' do
     mock_webauthn_verification_challenge
 
     sign_in_user(user)
@@ -57,7 +62,7 @@
     expect(page).to_not have_content(general_error)
   end
 
-  it 'maintains correct platform attachment content if cancelled', :js do
+  it 'maintains correct platform attachment content if cancelled' do
     mock_webauthn_verification_challenge
 
     sign_in_user(user)
@@ -71,7 +76,7 @@
       create(:user, :with_webauthn_platform, with: { credential_id:, credential_public_key: })
     end
 
-    it 'maintains correct platform attachment content if cancelled', :js do
+    it 'maintains correct platform attachment content if cancelled' do
       mock_webauthn_verification_challenge
 
       sign_in_user(user)