Deploy RC 477 to Production

app/controllers/concerns/ial2_profile_concern.rb

@@ -18,7 +18,7 @@ def cache_profiles(raw_password)
   private
 
   def cache_profile_and_handle_errors(raw_password, profile)
-    cacher = Pii::Cacher.new(current_user, user_session)
+    cacher = Pii::Cacher.new(current_user, user_session, analytics:)
     begin
       cacher.save(raw_password, profile)
     rescue Encryption::EncryptionError => err

app/controllers/concerns/idv_step_concern.rb

@@ -85,6 +85,10 @@ def vendor_document_capture_url
     end
   end
 
+  def in_person_passports_allowed?
+    IdentityConfig.store.in_person_passports_enabled && document_capture_session.passport_allowed?
+  end
+
   private
 
   def extra_analytics_properties

app/controllers/idv/address_controller.rb

@@ -12,7 +12,10 @@ def new
       analytics.idv_address_visit
 
       @address_form = build_address_form
-      @presenter = AddressPresenter.new(gpo_letter_requested: idv_session.gpo_letter_requested)
+      @presenter = AddressPresenter.new(
+        gpo_letter_requested: idv_session.gpo_letter_requested,
+        address_update_request: address_update_request?,
+      )
     end
 
     def update
@@ -75,7 +78,10 @@ def success
     end
 
     def failure
-      @presenter = AddressPresenter.new(gpo_letter_requested: idv_session.gpo_letter_requested)
+      @presenter = AddressPresenter.new(
+        gpo_letter_requested: idv_session.gpo_letter_requested,
+        address_update_request: address_update_request?,
+      )
       render :new
     end
 
@@ -87,6 +93,10 @@ def track_submit_event(form_result)
       )
     end
 
+    def address_update_request?
+      idv_verify_info_url == request.referer
+    end
+
     def address_edited?
       address_from_document != @address_form.updated_user_address
     end

app/controllers/idv/by_mail/enter_code_controller.rb

@@ -29,6 +29,7 @@ def index
 
         prefilled_code = session[:last_gpo_confirmation_code] if FeatureManagement.reveal_gpo_code?
         @gpo_verify_form = GpoVerifyForm.new(
+          attempts_api_tracker:,
           user: current_user,
           pii: pii,
           resolved_authn_context_result: resolved_authn_context_result,
@@ -142,6 +143,7 @@ def send_please_call_email_if_necessary(result:)
 
       def build_gpo_verify_form
         GpoVerifyForm.new(
+          attempts_api_tracker:,
           user: current_user,
           pii: pii,
           resolved_authn_context_result: resolved_authn_context_result,

app/controllers/idv/enter_password_controller.rb

@@ -127,6 +127,7 @@ def confirm_current_password
     end
 
     def init_profile
+      reproof = current_user.has_proofed_before?
       profile = idv_session.create_profile_from_applicant_with_password(
         password,
         is_enhanced_ipp: resolved_authn_context_result.enhanced_ipp?,
@@ -147,6 +148,7 @@ def init_profile
         UserAlerts::AlertUserAboutAccountVerified.call(
           profile: idv_session.profile,
         )
+        attempts_api_tracker.idv_enrollment_complete(reproof:)
       end
     end
 

app/controllers/idv/forgot_password_controller.rb

@@ -24,9 +24,10 @@ def update
     def reset_password(email, request_id)
       sign_out
       RequestPasswordReset.new(
-        email: email,
-        request_id: request_id,
-        analytics: analytics,
+        email:,
+        request_id:,
+        analytics:,
+        attempts_api_tracker:,
       ).perform
       # The user/email is always found so...
       session[:email] = email

app/controllers/idv/in_person/address_controller.rb

@@ -50,7 +50,9 @@ def self.step_info
           controller: self,
           next_steps: [:ipp_ssn],
           preconditions: ->(idv_session:, user:) {
-            idv_session.ipp_state_id_complete?
+            # Handling passport navigation with checking in_person_passports_allowed? since passport
+            # form is not setup yet. This should be updated during LG-15985 implmentation.
+            idv_session.ipp_state_id_complete? || idv_session.in_person_passports_allowed?
           },
           undo_step: ->(idv_session:, user:) do
             idv_session.invalidate_in_person_address_step!

app/controllers/idv/in_person/passport_controller.rb

@@ -13,6 +13,11 @@ def show
         analytics.idv_in_person_proofing_passport_visited(**analytics_arguments)
       end
 
+      def update
+        enrollment.update!(document_type: :passport_book)
+        redirect_to idv_in_person_address_path
+      end
+
       def extra_view_variables
         {
           form:,
@@ -48,6 +53,10 @@ def analytics_arguments
           .merge(extra_analytics_properties)
       end
 
+      def enrollment
+        current_user.establishing_in_person_enrollment
+      end
+
       def initialize_pii_from_user
         user_session['idv/in_person'] ||= {}
         user_session['idv/in_person']['pii_from_user'] ||= { uuid: current_user.uuid }

app/controllers/idv/in_person/state_id_controller.rb

@@ -52,6 +52,7 @@ def update
             redirect_url = idv_in_person_ssn_url
           end
 
+          enrollment.update!(document_type: :state_id)
           idv_session.doc_auth_vendor = Idp::Constants::Vendors::USPS
 
           analytics.idv_in_person_proofing_state_id_submitted(
@@ -158,6 +159,10 @@ def flow_params
         )
       end
 
+      def enrollment
+        current_user.establishing_in_person_enrollment
+      end
+
       def form
         @form ||= Idv::StateIdForm.new(current_user)
       end

app/controllers/idv/in_person/usps_locations_controller.rb

@@ -61,6 +61,7 @@ def update
           issuer: current_sp&.issuer,
           doc_auth_result: document_capture_session&.last_doc_auth_result,
           sponsor_id: enrollment_sponsor_id,
+          document_type: nil,
         )
 
         render json: { success: true }, status: :ok

app/controllers/idv/in_person_controller.rb

@@ -3,6 +3,7 @@
 module Idv
   class InPersonController < ApplicationController
     include Idv::AvailabilityConcern
+    include Idv::ChooseIdTypeConcern
     include RenderConditionConcern
     include IdvStepConcern
 
@@ -14,15 +15,15 @@ class InPersonController < ApplicationController
     before_action :set_usps_form_presenter
 
     def index
-      if idv_session.in_person_passports_allowed?
+      if in_person_passports_allowed?
         redirect_to idv_in_person_choose_id_type_url
       else
         redirect_to idv_in_person_state_id_url
       end
     end
 
     def update
-      if idv_session.in_person_passports_allowed?
+      if in_person_passports_allowed?
         redirect_to idv_in_person_choose_id_type_url
       else
         redirect_to idv_in_person_state_id_url

app/controllers/users/reset_passwords_controller.rb

@@ -93,9 +93,10 @@ def request_id
 
     def handle_valid_email
       RequestPasswordReset.new(
-        email: email,
-        request_id: request_id,
-        analytics: analytics,
+        email:,
+        request_id:,
+        analytics:,
+        attempts_api_tracker:,
       ).perform
 
       session[:email] = email

app/controllers/users/sessions_controller.rb

@@ -115,9 +115,13 @@ def recaptcha_assessment_id
     end
 
     def recaptcha_form
+      return @recaptcha_form if defined?(@recaptcha_form)
+      existing_device = User.find_with_confirmed_email(auth_params[:email])&.devices&.exists?(
+        cookie_uuid: cookies[:device],
+      )
+
       @recaptcha_form ||= SignInRecaptchaForm.new(
-        email: auth_params[:email],
-        device_cookie: cookies[:device],
+        existing_device: existing_device,
         ab_test_bucket: ab_test_bucket(:RECAPTCHA_SIGN_IN, user: user_from_params),
         **recaptcha_form_args,
       )

app/forms/gpo_verify_form.rb

@@ -9,9 +9,10 @@ class GpoVerifyForm
   validate :validate_pending_profile
 
   attr_accessor :otp, :pii, :pii_attributes
-  attr_reader :user, :resolved_authn_context_result
+  attr_reader :attempts_api_tracker, :user, :resolved_authn_context_result
 
-  def initialize(user:, pii:, resolved_authn_context_result:, otp: nil)
+  def initialize(attempts_api_tracker:, user:, pii:, resolved_authn_context_result:, otp: nil)
+    @attempts_api_tracker = attempts_api_tracker
     @user = user
     @pii = pii
     @resolved_authn_context_result = resolved_authn_context_result
@@ -21,6 +22,7 @@ def initialize(user:, pii:, resolved_authn_context_result:, otp: nil)
   def submit
     result = valid?
     fraud_check_failed = pending_profile&.fraud_pending_reason.present?
+    reproof = user.has_proofed_before?
 
     if result
       pending_profile&.remove_gpo_deactivation_reason
@@ -35,6 +37,11 @@ def submit
     else
       reset_sensitive_fields
     end
+
+    if pending_profile&.active?
+      attempts_api_tracker.idv_enrollment_complete(reproof:)
+    end
+
     FormResponse.new(
       success: result,
       errors: errors,

app/forms/sign_in_recaptcha_form.rb

@@ -5,20 +5,20 @@ class SignInRecaptchaForm
 
   RECAPTCHA_ACTION = 'sign_in'
 
-  attr_reader :form_class, :form_args, :email, :recaptcha_token, :device_cookie, :ab_test_bucket,
+  attr_reader :form_class, :form_args, :recaptcha_token, :ab_test_bucket,
               :assessment_id
 
+  attr_writer :existing_device
+
   validate :validate_recaptcha_result
 
   def initialize(
-    email:,
-    device_cookie:,
+    existing_device:,
     ab_test_bucket:,
     form_class: RecaptchaForm,
     **form_args
   )
-    @email = email
-    @device_cookie = device_cookie
+    @existing_device = existing_device
     @ab_test_bucket = ab_test_bucket
     @form_class = form_class
     @form_args = form_args
@@ -34,7 +34,7 @@ def submit(recaptcha_token:)
   def exempt?
     IdentityConfig.store.sign_in_recaptcha_score_threshold.zero? ||
       ab_test_bucket != :sign_in_recaptcha ||
-      device.present?
+      @existing_device
   end
 
   private
@@ -44,10 +44,6 @@ def validate_recaptcha_result
     errors.merge!(recaptcha_form) if !recaptcha_response.success?
   end
 
-  def device
-    User.find_with_confirmed_email(email)&.devices&.find_by(cookie_uuid: device_cookie)
-  end
-
   def score_threshold
     if exempt?
       0.0

app/javascript/packages/address-search/README.md

@@ -21,7 +21,7 @@ Requires @18f/identity-i18n.
 To use this component, provide callbacks to it for desired behaviors.
 
 ```typescript jsx
-import AddressSearch from '@18f/identity-address-search';
+import FullAddressSearch from '@18f/identity-address-search';
 
 // Render UI component
 
@@ -40,6 +40,29 @@ return(
 );
 ```
 
+By adding the usesErrorComponent prop to the FullAddressSearch component you can opt in to showing a specialized error message for skipping location selection when a locations endpoint error happens instead of the alert.
+
+```typescript jsx
+import FullAddressSearch from '@18f/identity-address-search';
+
+// Render UI component
+
+return(
+    <>
+    <FullAddressSearch
+            disabled={disabledAddressSearchCallback}
+            handleLocationSelect={handleLocationSelect}
+            locationsURL={LOCATIONS_URL}
+            noInPersonLocationsDisplay={noInPersonLocationsDisplay}
+            onFoundLocations={setLocationResultsCallback}
+            registerField={registerFieldCallback}
+            resultsHeaderComponent={resultsHeaderComponent}
+            usesErrorComponent
+          />
+    </>
+);
+```
+
 ## License
 
 This project is in the public domain within the United States, and copyright and related rights in the work worldwide are waived through the [CC0 1.0 Universal public domain dedication](https://creativecommons.org/publicdomain/zero/1.0/).

app/javascript/packages/address-search/components/full-address-search-input.tsx

@@ -17,6 +17,7 @@ export default function FullAddressSearchInput({
   registerField = () => undefined,
   usStatesTerritories,
   uspsApiError,
+  usesErrorComponent,
 }: FullAddressSearchInputProps) {
   const { t } = useI18n();
   const spinnerButtonRef = useRef<SpinnerButtonRefHandle>(null);
@@ -175,12 +176,12 @@ export default function FullAddressSearchInput({
           isBig
           ref={spinnerButtonRef}
           type="submit"
-          onClick={uspsApiError ? handleContinue : handleSearch}
+          onClick={usesErrorComponent && uspsApiError ? handleContinue : handleSearch}
           spinOnClick={false}
           actionMessage={t('in_person_proofing.body.location.po_search.is_searching_message')}
           longWaitDurationMs={1}
         >
-          {uspsApiError
+          {usesErrorComponent && uspsApiError
             ? t('in_person_proofing.body.location.po_search.continue_button')
             : t('in_person_proofing.body.location.po_search.search_button')}
         </SpinnerButton>

app/javascript/packages/address-search/components/full-address-search.tsx

@@ -59,6 +59,7 @@ function FullAddressSearch({
         disabled={disabled}
         locationsURL={locationsURL}
         uspsApiError={apiError}
+        usesErrorComponent={usesErrorComponent}
       />
       {usesErrorComponent && apiError && <SkipUspsFacilitiesApiErrorMessage />}
       {locationResults && foundAddress && !isLoadingLocations && (

app/javascript/packages/address-search/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@18f/identity-address-search",
-  "version": "3.4.0",
+  "version": "4.0.1",
   "type": "module",
   "private": false,
   "files": [
@@ -34,4 +34,4 @@
     "directory": "app/javascript/packages/address-search"
   },
   "sideEffects": false
-}
+}

app/javascript/packages/address-search/types.d.ts

@@ -94,4 +94,5 @@ interface FullAddressSearchInputProps {
   registerField?: RegisterFieldCallback;
   usStatesTerritories: string[][];
   uspsApiError: Error | null;
+  usesErrorComponent?: boolean;
 }