Add idv_resolution_default_vendor config#11515
Conversation
Start the process of separating configuration of the resolution proofer mock fallback from the address proofer mock fallback. For a short period of time, we'll need to continue to support the old method of configuration (until staging and prod configs can be updated). [skip changelog]
| @proofer ||= begin | ||
| # Historically, proofer_mock_fallback has controlled whether we | ||
| # use mock implementations of the Resolution and Address proofers | ||
| # (true = use mock, false = don't use mock). | ||
| # We are transitioning to a place where we will have separate | ||
| # configs for both. For the time being, we want to keep support for | ||
| # proofer_mock_fallback here. This can be removed after this code | ||
| # has been deployed and configs have been updated in all relevant | ||
| # environments. | ||
|
|
||
| old_config_says_mock = IdentityConfig.store.proofer_mock_fallback | ||
| old_config_says_iv = !old_config_says_mock | ||
| new_config_says_mock = | ||
| IdentityConfig.store.idv_resolution_default_vendor == :mock | ||
| new_config_says_iv = | ||
| IdentityConfig.store.idv_resolution_default_vendor == :instant_verify | ||
|
|
||
| proofer_type = | ||
| if new_config_says_mock && old_config_says_iv | ||
| # This will be the case immediately after deployment, when | ||
| # environment configs have not been updated. We need to | ||
| # fall back to the old config here. | ||
| :instant_verify | ||
| elsif new_config_says_iv | ||
| :instant_verify | ||
| else | ||
| :mock | ||
| end | ||
|
|
||
| if proofer_type == :mock |
There was a problem hiding this comment.
Note that these blocks (and the added specs) are identical for the two plugins--the intention is that this is temporary code (cleanup PR coming), soon to be further streamlined in another PR.
| config.add( | ||
| :idv_resolution_default_vendor, | ||
| type: :symbol, | ||
| enum: [:instant_verify, :mock], | ||
| ) |
There was a problem hiding this comment.
This, it turns out, is a much better thing to do than raise errors in application code if the setting is misconfigured
n1zyy
left a comment
n1zyy
left a comment
There was a problem hiding this comment.
One nit about an ever-so-slightly confusing comment, but overall I really like the way this is organized for maximum clarity.
| :instant_verify | ||
| else | ||
| :mock | ||
| end |
There was a problem hiding this comment.
I'm a fan of really expressive code like this for this sort of thing.
I think customarily we'd argue that old_config_says_mock is unneeded as a variable, and the first two cases of this conditional could be combined. But in temporary code handling something a little complicated to reason about? This makes it really easy to understand.
| # This will be the case immediately after deployment, when | ||
| # environment configs have not been updated. We need to | ||
| # fall back to the old config here. |
There was a problem hiding this comment.
Very minor: the examples in the tests say "the new setting takes precedence," but here the comment says we "fall back to the old config" which suggests it's the other way around. They're not discussing the same thing and the behavior is actually consistent, but if you see an easy way to make the wording consistent, it might further prevent confusion for anyone looking at this first thing in the morning while under-caffeinated. (Hypothetically speaking.)
There was a problem hiding this comment.
I think this is a case of bad spec name. I changed it to creates an Instant Verify proofer because the new setting takes precedence over the old one when the old one is set to its default value. The idea is that, when proofer_mock_fallback is false, that is an indication that it has (probably) not been actively configured. If the new setting is set to a non-default value, we should use that instead.
2 participants
🎫 Ticket
This PR was extracted from #11479, and is in support of
LG-14725
🛠 Summary of changes
Historically, we have used one config flag,
proofer_mock_fallback, to control whether mocked resolution and address Proofers are used during identity verification. This value is set totrue(use mocks) by default andfalse(don't use mocks) in production environments.We are moving (gradually) toward a world where we have multiple identity resolution vendors, and thus 3 possible config states for identity resolution (Instant Verify, Socure KYC, and Mock). #11479 is about running Instant Verify and Socure side-by-side in production, and requires a different configuration strategy than
proofer_mock_fallback: false.This PR adds a new config setting,
idv_resolution_default_vendor(the_default_is because there will soon be an_alternate_setting as well). This setting can have one of two values:mock(default)instant_verifyHopefully it is clear which setting corresponds to which proofer being used.
📜 Testing Plan
The testing process here is to:
application.ymlinstant_verifymockinstant_verifymockinstant_verifymockany other value(You can monitor
log/events.logto see the relevantIdV: doc auth verify proofing resultsevents going by.)