From c8f2398123509068a19a97950f0ebf715496b341 Mon Sep 17 00:00:00 2001
From: Malick Diarra <malick.diarra@gsa.gov>
Date: Mon, 2 Dec 2024 10:17:08 -0500
Subject: [PATCH 1/4] changelog: Upcoming Features, Authentication,
 Threatmetrix API add local_attribute_1 for user when available

---
 app/controllers/concerns/mfa_setup_concern.rb |  1 +
 .../account_creation_threat_metrix_job.rb     |  4 +++-
 .../account_creation/device_profiling.rb      |  8 ++++++--
 config/initializers/strong_migrations.rb      |  4 ++--
 ...account_creation_threat_metrix_job_spec.rb |  2 ++
 .../account_creation/device_profiling_spec.rb |  2 ++
 .../ddp/verification_request_spec.rb          | 19 +++++++++++++++++++
 7 files changed, 35 insertions(+), 5 deletions(-)

diff --git a/app/controllers/concerns/mfa_setup_concern.rb b/app/controllers/concerns/mfa_setup_concern.rb
index 6f673afde94..e3c1e07ad51 100644
--- a/app/controllers/concerns/mfa_setup_concern.rb
+++ b/app/controllers/concerns/mfa_setup_concern.rb
@@ -97,6 +97,7 @@ def threatmetrix_attrs
       request_ip: request&.remote_ip,
       threatmetrix_session_id: session[:threatmetrix_session_id],
       email: EmailContext.new(current_user).last_sign_in_email_address.email,
+      uuid_prefix: current_sp&.app_id,
     }
   end
 
diff --git a/app/jobs/account_creation_threat_metrix_job.rb b/app/jobs/account_creation_threat_metrix_job.rb
index 4d1dd53fe32..9a3e5238d32 100644
--- a/app/jobs/account_creation_threat_metrix_job.rb
+++ b/app/jobs/account_creation_threat_metrix_job.rb
@@ -5,13 +5,15 @@ def perform(
     user_id: nil,
     threatmetrix_session_id: nil,
     request_ip: nil,
-    email: nil
+    email: nil,
+    uuid_prefix: nil
   )
 
     device_profiling_result = AccountCreation::DeviceProfiling.new.proof(
       request_ip: request_ip,
       threatmetrix_session_id: threatmetrix_session_id,
       user_email: email,
+      uuid_prefix: uuid_prefix,
     )
   ensure
     user = User.find_by(id: user_id)
diff --git a/app/services/account_creation/device_profiling.rb b/app/services/account_creation/device_profiling.rb
index 7cccde45b12..c74fae53642 100644
--- a/app/services/account_creation/device_profiling.rb
+++ b/app/services/account_creation/device_profiling.rb
@@ -5,15 +5,18 @@ class DeviceProfiling
     attr_reader :request_ip,
                 :threatmetrix_session_id,
                 :user_email,
-                :device_profile_result
+                :device_profile_result,
+                :uuid_prefix
     def proof(
       request_ip:,
       threatmetrix_session_id:,
-      user_email:
+      user_email:,
+      uuid_prefix:
     )
       @request_ip = request_ip
       @threatmetrix_session_id = threatmetrix_session_id
       @user_email = user_email
+      @uuid_prefix = uuid_prefix
 
       @device_profile_result = device_profile
     end
@@ -27,6 +30,7 @@ def device_profile
         threatmetrix_session_id: threatmetrix_session_id,
         email: user_email,
         request_ip: request_ip,
+        uuid_prefix: uuid_prefix,
       )
     end
 
diff --git a/config/initializers/strong_migrations.rb b/config/initializers/strong_migrations.rb
index b7e3d6c5a8a..8320ec2edb2 100644
--- a/config/initializers/strong_migrations.rb
+++ b/config/initializers/strong_migrations.rb
@@ -15,13 +15,13 @@ class IdpStrongMigrations
 StrongMigrations.add_check do |method, (table, column, type, _options)|
   is_excluded = IdpStrongMigrations::EXCLUDED_COLUMNS.include?([table, column])
   if !is_excluded && method == :add_column && column.to_s.ends_with?('_id') && type == :integer
-    stop! """
+    stop! "
     Columns referencing another table should use :bigint instead of integer.
 
     add_column #{table.inspect}, #{column.inspect}, :bigint
     OR
     t.bigint #{column.inspect}
-    """
+    "
   end
 end
 
diff --git a/spec/jobs/account_creation_threat_metrix_job_spec.rb b/spec/jobs/account_creation_threat_metrix_job_spec.rb
index cffb09cfda7..091df7d8fda 100644
--- a/spec/jobs/account_creation_threat_metrix_job_spec.rb
+++ b/spec/jobs/account_creation_threat_metrix_job_spec.rb
@@ -3,6 +3,7 @@
 RSpec.describe AccountCreationThreatMetrixJob, type: :job do
   let(:user) { create(:user, :fully_registered) }
   let(:request_ip) { Faker::Internet.ip_v4_address }
+  let(:service_provider) { create(:service_provider) }
   let(:threatmetrix_session_id) { SecureRandom.uuid }
   let(:authentication_device_profiling) { :collect_only }
   let(:lexisnexis_threatmetrix_mock_enabled) { false }
@@ -28,6 +29,7 @@
         user_id: user.id,
         threatmetrix_session_id: threatmetrix_session_id,
         request_ip: request_ip,
+        uuid_prefix: service_provider.app_id,
       )
     end
 
diff --git a/spec/services/account_creation/device_profiling_spec.rb b/spec/services/account_creation/device_profiling_spec.rb
index 3178f51170e..e25ada4e17a 100644
--- a/spec/services/account_creation/device_profiling_spec.rb
+++ b/spec/services/account_creation/device_profiling_spec.rb
@@ -5,6 +5,7 @@
   let(:threatmetrix_proofer_result) do
     instance_double(Proofing::DdpResult, success?: true, transaction_id: 'ddp-123')
   end
+  let(:service_provider) { create(:service_provider) }
   let(:threatmetrix_proofer) do
     instance_double(
       Proofing::LexisNexis::Ddp::Proofer,
@@ -24,6 +25,7 @@
         request_ip: Faker::Internet.ip_v4_address,
         threatmetrix_session_id: threatmetrix_session_id,
         user_email: Faker::Internet.email,
+        uuid_prefix: service_provider&.app_id,
       )
     end
 
diff --git a/spec/services/proofing/lexis_nexis/ddp/verification_request_spec.rb b/spec/services/proofing/lexis_nexis/ddp/verification_request_spec.rb
index 199cef5e19a..4e541595f69 100644
--- a/spec/services/proofing/lexis_nexis/ddp/verification_request_spec.rb
+++ b/spec/services/proofing/lexis_nexis/ddp/verification_request_spec.rb
@@ -81,6 +81,25 @@
         expected_json = JSON.parse(LexisNexisFixtures.ddp_authentication_request_json)
         expect(response_json).to eq(expected_json)
       end
+
+      context 'with service provider associated with user' do
+        let(:applicant) do
+          {
+            threatmetrix_session_id: 'UNIQUE_SESSION_ID',
+            email: 'test@example.com',
+            request_ip: '127.0.0.1',
+            uuid_prefix: 'SPNUM',
+          }
+        end
+
+        it 'returns a properly formed request body' do
+          response_json = JSON.parse(subject.body)
+
+          base_json = JSON.parse(LexisNexisFixtures.ddp_authentication_request_json)
+          expected_json = base_json.merge({ 'local_attrib_1' => 'SPNUM' })
+          expect(response_json).to eq(expected_json)
+        end
+      end
     end
   end
 

From 8de913d9956da09907fc8932a75b65cc49131d3b Mon Sep 17 00:00:00 2001
From: Malick Diarra <malick.diarra@gsa.gov>
Date: Mon, 2 Dec 2024 14:03:37 -0500
Subject: [PATCH 2/4] change strong migration back

---
 config/initializers/strong_migrations.rb | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/config/initializers/strong_migrations.rb b/config/initializers/strong_migrations.rb
index 8320ec2edb2..68c771c3831 100644
--- a/config/initializers/strong_migrations.rb
+++ b/config/initializers/strong_migrations.rb
@@ -15,13 +15,13 @@ class IdpStrongMigrations
 StrongMigrations.add_check do |method, (table, column, type, _options)|
   is_excluded = IdpStrongMigrations::EXCLUDED_COLUMNS.include?([table, column])
   if !is_excluded && method == :add_column && column.to_s.ends_with?('_id') && type == :integer
-    stop! "
+    stop! """
     Columns referencing another table should use :bigint instead of integer.
 
     add_column #{table.inspect}, #{column.inspect}, :bigint
     OR
     t.bigint #{column.inspect}
-    "
+    """
   end
 end
 
@@ -30,4 +30,4 @@ class IdpStrongMigrations
 
 # Added to run tests locally; the defaults cause timeouts when setting things up. J.A.M.
 StrongMigrations.lock_timeout = 10.seconds
-StrongMigrations.statement_timeout = 1.hour
+StrongMigrations.statement_timeout = 1.hour
\ No newline at end of file

From 83c89239f0c2adbe1c10d924f79b57980a11e526 Mon Sep 17 00:00:00 2001
From: Malick Diarra <malick.diarra@gsa.gov>
Date: Mon, 2 Dec 2024 14:04:15 -0500
Subject: [PATCH 3/4] remove &. for service provider

---
 spec/services/account_creation/device_profiling_spec.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/spec/services/account_creation/device_profiling_spec.rb b/spec/services/account_creation/device_profiling_spec.rb
index e25ada4e17a..03f3c69bfec 100644
--- a/spec/services/account_creation/device_profiling_spec.rb
+++ b/spec/services/account_creation/device_profiling_spec.rb
@@ -25,7 +25,7 @@
         request_ip: Faker::Internet.ip_v4_address,
         threatmetrix_session_id: threatmetrix_session_id,
         user_email: Faker::Internet.email,
-        uuid_prefix: service_provider&.app_id,
+        uuid_prefix: service_provider.app_id,
       )
     end
 

From 97d41ec8a26990770955df2cffeb69356ff0aae4 Mon Sep 17 00:00:00 2001
From: Malick Diarra <malick.diarra@gsa.gov>
Date: Mon, 2 Dec 2024 14:04:52 -0500
Subject: [PATCH 4/4] add new line

---
 config/initializers/strong_migrations.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/config/initializers/strong_migrations.rb b/config/initializers/strong_migrations.rb
index 68c771c3831..b7e3d6c5a8a 100644
--- a/config/initializers/strong_migrations.rb
+++ b/config/initializers/strong_migrations.rb
@@ -30,4 +30,4 @@ class IdpStrongMigrations
 
 # Added to run tests locally; the defaults cause timeouts when setting things up. J.A.M.
 StrongMigrations.lock_timeout = 10.seconds
-StrongMigrations.statement_timeout = 1.hour
\ No newline at end of file
+StrongMigrations.statement_timeout = 1.hour