LG-15166: Store doc auth vendor in Idv::Session

app/controllers/concerns/idv/document_capture_concern.rb

@@ -39,6 +39,8 @@ def error_hash(message)
     def extract_pii_from_doc(user, store_in_session: false)
       if defined?(idv_session) # hybrid mobile does not have idv_session
         idv_session.had_barcode_read_failure = stored_result.attention_with_barcode?
+        # See also Idv::InPerson::StateIdController#update
+        idv_session.doc_auth_vendor = doc_auth_vendor
         if store_in_session
           idv_session.pii_from_doc = stored_result.pii_from_doc
           idv_session.selfie_check_performed = stored_result.selfie_check_performed?

app/controllers/idv/document_capture_controller.rb

@@ -75,6 +75,7 @@ def self.step_info
           idv_session.had_barcode_attention_error = nil
           idv_session.had_barcode_read_failure = nil
           idv_session.selfie_check_performed = nil
+          idv_session.doc_auth_vendor = nil
         end,
       )
     end

app/controllers/idv/in_person/state_id_controller.rb

@@ -56,6 +56,7 @@ def update
             redirect_url = idv_in_person_ssn_url
           end
 
+          idv_session.doc_auth_vendor = Idp::Constants::Vendors::USPS
           redirect_to redirect_url
         else
           render :show, locals: extra_view_variables
@@ -85,6 +86,7 @@ def self.step_info
             pii_from_user[:identity_doc_city] = nil
             pii_from_user[:identity_doc_zipcode] = nil
             pii_from_user[:identity_doc_state] = nil
+            idv_session.doc_auth_vendor = nil
           end,
         )
       end

app/controllers/idv/link_sent_controller.rb

@@ -50,6 +50,7 @@ def self.step_info
           idv_session.had_barcode_attention_error = nil
           idv_session.had_barcode_read_failure = nil
           idv_session.selfie_check_performed = nil
+          idv_session.doc_auth_vendor = nil
         end,
       )
     end

app/controllers/idv/socure/document_capture_controller.rb

@@ -105,6 +105,7 @@ def self.step_info
             idv_session.pii_from_doc = nil
             idv_session.socure_docv_wait_polling_started_at = nil
             idv_session.invalidate_in_person_pii_from_user!
+            idv_session.doc_auth_vendor = nil
           end,
         )
       end

app/services/doc_auth/socure/responses/docv_result_response.rb

@@ -81,7 +81,7 @@ def extra_attributes
             liveness_checking_required: @biometric_comparison_required,
             issue_year: state_id_issued&.year,
             doc_auth_success: successful_result?,
-            vendor: 'Socure',
+            vendor: 'Socure', # TODO: Replace with Idp::Constants::Vendors::SOCURE
             address_line2_present: address2.present?,
             zip_code: zipcode,
             birth_year: dob&.year,

app/services/idv/session.rb

@@ -4,6 +4,7 @@ module Idv
   # @attr address_edited [Boolean, nil]
   # @attr address_verification_mechanism [String, nil]
   # @attr applicant [Struct, nil]
+  # @attr doc_auth_vendor [String, nil]
   # @attr document_capture_session_uuid [String, nil]
   # @attr flow_path [String, nil]
   # @attr go_back_path [String, nil]
@@ -20,7 +21,7 @@ module Idv
   # @attr phone_for_mobile_flow [String, nil]
   # @attr previous_phone_step_params [Array]
   # @attr previous_ssn [String, nil]
-  # @attr profile_id [String, nil]
+  # @attr profile_id [Integer, nil]
   # @attr proofing_started_at [String, nil]
   # @attr redo_document_capture [Boolean, nil]
   # @attr residential_resolution_vendor [String, nil]
@@ -47,6 +48,7 @@ class Session
       address_edited
       address_verification_mechanism
       applicant
+      doc_auth_vendor
       document_capture_session_uuid
       flow_path
       go_back_path
@@ -66,7 +68,6 @@ class Session
       profile_id
       proofing_started_at
       redo_document_capture
-      source_check_vendor
       residential_resolution_vendor
       resolution_successful
       resolution_vendor
@@ -76,6 +77,7 @@ class Session
       skip_doc_auth_from_how_to_verify
       skip_hybrid_handoff
       socure_docv_wait_polling_started_at
+      source_check_vendor
       ssn
       threatmetrix_review_status
       threatmetrix_session_id

spec/controllers/idv/document_capture_controller_spec.rb

@@ -3,48 +3,67 @@
 RSpec.describe Idv::DocumentCaptureController do
   include FlowPolicyHelper
 
+  let(:user) { create(:user) }
+  let(:idv_vendor) { Idp::Constants::Vendors::LEXIS_NEXIS }
+  let(:vendor_switching_enabled) { true }
+  let(:ab_test_args) { {} }
+
+  # selfie related test flags
+  let(:facial_match_required) { false }
+  let(:flow_path) { 'standard' }
+  let(:doc_auth_selfie_desktop_test_mode) { false }
+
+  # document capture setup
+  let(:doc_auth_success) { true }
   let(:document_capture_session_requested_at) { Time.zone.now }
+  let(:document_capture_session_uuid) { document_capture_session&.uuid }
 
-  let!(:document_capture_session) do
-    DocumentCaptureSession.create!(
+  let(:document_capture_session) do
+    DocumentCaptureSession.create(
       user: user,
       requested_at: document_capture_session_requested_at,
     )
   end
 
-  let(:document_capture_session_uuid) { document_capture_session&.uuid }
-
-  let(:user) { create(:user) }
-  let(:ab_test_args) { {} }
-
-  # selfie related test flags
-  let(:sp_selfie_enabled) { false }
-  let(:flow_path) { 'standard' }
-  let(:doc_auth_selfie_desktop_test_mode) { false }
+  let(:stored_result) do
+    DocumentCaptureSessionResult.new(
+      id: SecureRandom.uuid,
+      success: doc_auth_success,
+      doc_auth_success: doc_auth_success,
+      selfie_status: :none,
+      pii: { first_name: 'Testy', last_name: 'Testerson' },
+      attention_with_barcode: false,
+    )
+  end
 
   before do
     stub_sign_in(user)
     stub_up_to(:hybrid_handoff, idv_session: subject.idv_session)
-    stub_analytics
+    subject.idv_session.flow_path = flow_path
     subject.idv_session.document_capture_session_uuid = document_capture_session_uuid
 
-    vot = sp_selfie_enabled ? 'Pb' : 'P1'
+    vot = facial_match_required ? 'Pb' : 'P1'
     resolved_authn_context = Vot::Parser.new(vector_of_trust: vot).parse
-
     allow(controller).to receive(:resolved_authn_context_result)
       .and_return(resolved_authn_context)
-    subject.idv_session.flow_path = flow_path
-    allow(subject).to receive(:ab_test_analytics_buckets).and_return(ab_test_args)
 
-    allow(IdentityConfig.store).to receive(:doc_auth_vendor).and_return(
-      Idp::Constants::Vendors::LEXIS_NEXIS,
-    )
-    allow(IdentityConfig.store).to receive(:doc_auth_vendor_default).and_return(
-      Idp::Constants::Vendors::LEXIS_NEXIS,
-    )
+    allow(subject).to receive(:ab_test_analytics_buckets).and_return(ab_test_args)
 
+    allow(IdentityConfig.store).to receive(:doc_auth_vendor).and_return(idv_vendor)
+    allow(IdentityConfig.store).to receive(:doc_auth_vendor_default).and_return(idv_vendor)
+    allow(IdentityConfig.store).to receive(:doc_auth_vendor_switching_enabled)
+      .and_return(vendor_switching_enabled)
     allow(IdentityConfig.store).to receive(:doc_auth_selfie_desktop_test_mode)
       .and_return(doc_auth_selfie_desktop_test_mode)
+
+    allow_any_instance_of(ApplicationController).to receive(:current_user).and_return(user)
+
+    allow(subject).to receive(:stored_result).and_return(stored_result)
+
+    user_session = {}
+    allow(subject).to receive(:user_session).and_return(user_session)
+
+    stub_analytics
   end
 
   describe '#step_info' do
@@ -54,7 +73,7 @@
 
     context 'when selfie feature is enabled system wide' do
       describe 'with sp selfie disabled' do
-        let(:sp_selfie_enabled) { false }
+        let(:facial_match_required) { false }
 
         it 'does not satisfy precondition' do
           expect(Idv::DocumentCaptureController.step_info.preconditions.is_a?(Proc))
@@ -66,7 +85,7 @@
       end
 
       describe 'with sp selfie enabled' do
-        let(:sp_selfie_enabled) { true }
+        let(:facial_match_required) { true }
 
         it 'does satisfy precondition' do
           expect(Idv::DocumentCaptureController.step_info.preconditions.is_a?(Proc))
@@ -105,31 +124,17 @@
 
   describe '#show' do
     let(:analytics_name) { 'IdV: doc auth document_capture visited' }
+
     let(:analytics_args) do
       {
         analytics_id: 'Doc Auth',
         flow_path: 'standard',
         step: 'document_capture',
         liveness_checking_required: false,
-        selfie_check_required: sp_selfie_enabled,
+        selfie_check_required: facial_match_required,
       }
     end
 
-    let(:idv_vendor) { Idp::Constants::Vendors::LEXIS_NEXIS }
-    let(:vendor_switching_enabled) { true }
-
-    before do
-      allow(IdentityConfig.store).to receive(:doc_auth_vendor).and_return(
-        idv_vendor,
-      )
-      allow(IdentityConfig.store).to receive(:doc_auth_vendor_default).and_return(
-        idv_vendor,
-      )
-      allow(IdentityConfig.store).to receive(:doc_auth_vendor_switching_enabled).and_return(
-        vendor_switching_enabled,
-      )
-    end
-
     it 'has non-nil presenter' do
       get :show
       expect(assigns(:presenter)).to be_kind_of(Idv::InPerson::UspsFormPresenter)
@@ -188,13 +193,7 @@
 
     context 'socure is the default vendor but facial match is required' do
       let(:idv_vendor) { Idp::Constants::Vendors::SOCURE }
-      let(:vot) { 'Pb' }
-
-      before do
-        resolved_authn_context = Vot::Parser.new(vector_of_trust: vot).parse
-        allow(controller).to receive(:resolved_authn_context_result)
-          .and_return(resolved_authn_context)
-      end
+      let(:facial_match_required) { true }
 
       it 'does not redirect to Socure controller' do
         get :show
@@ -204,7 +203,7 @@
     end
 
     context 'when a selfie is requested' do
-      let(:sp_selfie_enabled) { true }
+      let(:facial_match_required) { true }
 
       describe 'when desktop selfie disabled' do
         it 'redirect back to handoff page' do
@@ -224,6 +223,7 @@
 
       describe 'when desktop selfie enabled' do
         let(:doc_auth_selfie_desktop_test_mode) { true }
+
         it 'allows capture' do
           expect(subject).to receive(:render).with(
             :show,
@@ -325,7 +325,7 @@
     end
 
     context 'ipp disabled for sp' do
-      let(:sp_selfie_enabled) { true }
+      let(:facial_match_required) { true }
 
       before do
         allow(Idv::InPersonConfig).to receive(:enabled_for_issuer?).with(anything).and_return(false)
@@ -344,6 +344,7 @@
 
   describe '#update' do
     let(:analytics_name) { 'IdV: doc auth document_capture submitted' }
+
     let(:analytics_args) do
       {
         success: true,
@@ -352,23 +353,20 @@
         flow_path: 'standard',
         step: 'document_capture',
         liveness_checking_required: false,
-        selfie_check_required: sp_selfie_enabled,
+        selfie_check_required: facial_match_required,
       }
     end
-    let(:result) { { success: true, errors: {} } }
 
     it 'invalidates future steps' do
       subject.idv_session.applicant = Idp::Constants::MOCK_IDV_APPLICANT
       expect(subject).to receive(:clear_future_steps!).and_call_original
 
       put :update
       expect(subject.idv_session.applicant).to be_nil
+      expect(subject.idv_session.doc_auth_vendor).to match(idv_vendor)
     end
 
     it 'sends analytics_submitted event' do
-      allow(result).to receive(:success?).and_return(true)
-      allow(subject).to receive(:handle_stored_result).and_return(result)
-
       put :update
 
       expect(@analytics).to have_logged_event(analytics_name, analytics_args)
@@ -391,29 +389,33 @@
       before do
         expect(controller).to receive(:selfie_requirement_met?)
           .and_return(performed_if_needed)
-        allow(result).to receive(:success?).and_return(true)
-        allow(result).to receive(:errors).and_return(result[:errors])
-        allow(subject).to receive(:stored_result).and_return(result)
-        allow(subject).to receive(:extract_pii_from_doc)
       end
 
       context 'not performed' do
         let(:performed_if_needed) { false }
 
         it 'stays on document capture' do
           put :update
-
+          expect(subject.idv_session.doc_auth_vendor).to be_nil
           expect(response).to redirect_to idv_document_capture_url
         end
       end
 
       context 'performed' do
         let(:performed_if_needed) { true }
 
-        it 'redirects to ssn' do
+        before do
           put :update
+        end
+
+        it 'redirects to ssn' do
           expect(response).to redirect_to idv_ssn_url
         end
+
+        it 'correctly updates Idv::Session' do
+          expect(subject.idv_session.doc_auth_vendor).to_not be_nil
+          expect(subject.idv_session.doc_auth_vendor).to match(idv_vendor)
+        end
       end
     end
 
@@ -431,6 +433,7 @@
 
   describe '#direct_in_person' do
     let(:analytics_name) { :idv_in_person_direct_start }
+
     let(:analytics_args) do
       {
         remaining_submit_attempts: 4,