18F · jmdembe · Jul 2, 2025 · Jul 1, 2025 · Jul 1, 2025 · Jul 2, 2025
diff --git a/app/components/webauthn_input_component.rb b/app/components/webauthn_input_component.rb
@@ -2,24 +2,21 @@
 
 class WebauthnInputComponent < BaseComponent
   attr_reader :platform, :passkey_supported_only, :show_unsupported_passkey,
-              :desktop_ft_unlock_option, :tag_options
+              :tag_options
 
   alias_method :platform?, :platform
   alias_method :passkey_supported_only?, :passkey_supported_only
   alias_method :show_unsupported_passkey?, :show_unsupported_passkey
-  alias_method :desktop_ft_unlock_option?, :desktop_ft_unlock_option
 
   def initialize(
     platform: false,
     passkey_supported_only: false,
     show_unsupported_passkey: false,
-    desktop_ft_unlock_option: false,
     **tag_options
   )
     @platform = platform
     @passkey_supported_only = passkey_supported_only
     @show_unsupported_passkey = show_unsupported_passkey
-    @desktop_ft_unlock_option = desktop_ft_unlock_option
     @tag_options = tag_options
   end
 
@@ -30,7 +27,6 @@ def call
       **tag_options,
       **initial_hidden_tag_options,
       'show-unsupported-passkey': show_unsupported_passkey?.presence,
-      'desktop-ft-unlock-option': show_desktop_ft_unlock_option?.presence,
     )
   end
 
@@ -41,8 +37,4 @@ def initial_hidden_tag_options
       { class: 'js' }
     end
   end
-
-  def show_desktop_ft_unlock_option?
-    desktop_ft_unlock_option? && I18n.locale == :en
-  end
 end
diff --git a/app/controllers/users/two_factor_authentication_setup_controller.rb b/app/controllers/users/two_factor_authentication_setup_controller.rb
@@ -74,7 +74,6 @@ def two_factor_options_presenter
         show_skip_additional_mfa_link: show_skip_additional_mfa_link?,
         after_mfa_setup_path:,
         return_to_sp_cancel_path:,
-        desktop_ft_ab_test: in_ab_test_bucket?,
       )
     end
 
@@ -89,10 +88,6 @@ def two_factor_options_form_params
       ActionController::Parameters.new(selection: [])
     end
 
-    def in_ab_test_bucket?
-      ab_test_bucket(:DESKTOP_FT_UNLOCK_SETUP) == (:desktop_ft_unlock_option_shown)
-    end
-
     def threatmetrix_variables
       return {} unless FeatureManagement.account_creation_device_profiling_collecting_enabled?
       session_id = generate_threatmetrix_session_id

diff --git a/app/javascript/packages/webauthn/webauthn-input-element.spec.ts b/app/javascript/packages/webauthn/webauthn-input-element.spec.ts
@@ -40,20 +40,6 @@ describe('WebauthnInputElement', () => {
       });
     });
 
-    context('as a part of A/B test', () => {
-      beforeEach(() => {
-        isWebauthnPasskeySupported.returns(false);
-        isWebauthnPlatformAvailable.resolves(true);
-        document.body.innerHTML = `<lg-webauthn-input desktop-ft-unlock-option hidden></lg-webauthn-input>`;
-      });
-
-      it('becomes visible', async () => {
-        const element = document.querySelector('lg-webauthn-input')!;
-
-        await waitFor(() => expect(element.hidden).to.be.false());
-      });
-    });
-
     context('unsupported passkey shown', () => {
       beforeEach(() => {
         isWebauthnPasskeySupported.returns(false);

diff --git a/app/javascript/packages/webauthn/webauthn-input-element.ts b/app/javascript/packages/webauthn/webauthn-input-element.ts
@@ -6,10 +6,6 @@ export class WebauthnInputElement extends HTMLElement {
     this.toggleVisibleIfPasskeySupported();
   }
 
-  get isOptedInToAbTest(): boolean {
-    return this.hasAttribute('desktop-ft-unlock-option');
-  }
-
   get isPlatform(): boolean {
     return this.hasAttribute('platform');
   }
@@ -23,10 +19,7 @@ export class WebauthnInputElement extends HTMLElement {
       return;
     }
 
-    if (
-      (isWebauthnPasskeySupported() || this.isOptedInToAbTest) &&
-      (await isWebauthnPlatformAuthenticatorAvailable())
-    ) {
+    if (isWebauthnPasskeySupported() && (await isWebauthnPlatformAuthenticatorAvailable())) {
       this.hidden = false;
     } else if (this.showUnsupportedPasskey) {
       this.hidden = false;

diff --git a/app/presenters/two_factor_authentication/set_up_selection_presenter.rb b/app/presenters/two_factor_authentication/set_up_selection_presenter.rb
@@ -7,23 +7,20 @@ class SetUpSelectionPresenter
     attr_reader :user,
                 :piv_cac_required,
                 :phishing_resistant_required,
-                :user_agent,
-                :desktop_ft_ab_test
+                :user_agent
     alias_method :piv_cac_required?, :piv_cac_required
     alias_method :phishing_resistant_required?, :phishing_resistant_required
 
     def initialize(
       user:,
       piv_cac_required: false,
       phishing_resistant_required: false,
-      user_agent: nil,
-      desktop_ft_ab_test: nil
+      user_agent: nil
     )
       @user = user
       @piv_cac_required = piv_cac_required
       @phishing_resistant_required = phishing_resistant_required
       @user_agent = user_agent
-      @desktop_ft_ab_test = desktop_ft_ab_test
     end
 
     def render_in(view_context, &block)

diff --git a/app/presenters/two_factor_authentication/set_up_webauthn_platform_selection_presenter.rb b/app/presenters/two_factor_authentication/set_up_webauthn_platform_selection_presenter.rb
@@ -13,7 +13,6 @@ def render_in(view_context, &block)
           passkey_supported_only: true,
           show_unsupported_passkey:
             IdentityConfig.store.show_unsupported_passkey_platform_authentication_setup,
-          desktop_ft_unlock_option: desktop_ft_ab_test,
         ),
         &block
       )

diff --git a/app/presenters/two_factor_options_presenter.rb b/app/presenters/two_factor_options_presenter.rb
@@ -8,8 +8,7 @@ class TwoFactorOptionsPresenter
               :return_to_sp_cancel_path,
               :phishing_resistant_required,
               :piv_cac_required,
-              :user_agent,
-              :desktop_ft_ab_test
+              :user_agent
 
   delegate :two_factor_enabled?, to: :mfa_policy
   def initialize(
@@ -19,8 +18,7 @@ def initialize(
     piv_cac_required: false,
     show_skip_additional_mfa_link: true,
     after_mfa_setup_path: nil,
-    return_to_sp_cancel_path: nil,
-    desktop_ft_ab_test: false
+    return_to_sp_cancel_path: nil
   )
     @user_agent = user_agent
     @user = user
@@ -29,7 +27,6 @@ def initialize(
     @show_skip_additional_mfa_link = show_skip_additional_mfa_link
     @after_mfa_setup_path = after_mfa_setup_path
     @return_to_sp_cancel_path = return_to_sp_cancel_path
-    @desktop_ft_ab_test = desktop_ft_ab_test
   end
 
   def options
@@ -50,7 +47,6 @@ def all_options_sorted
         piv_cac_required: piv_cac_required?,
         phishing_resistant_required: phishing_resistant_only?,
         user_agent:,
-        desktop_ft_ab_test:,
       )
     end
       .partition(&:recommended?)

diff --git a/config/application.yml.default b/config/application.yml.default
@@ -96,7 +96,6 @@ database_worker_jobs_sslmode: 'verify-full'
 database_worker_jobs_username: ''
 deleted_user_accounts_report_configs: '[]'
 deliver_mail_async: false
-desktop_ft_unlock_setup_option_percent_tested: 0
 development_mailer_deliver_method: letter_opener
 disable_email_sending: true
 disposable_email_services: '[]'
@@ -513,7 +512,6 @@ development:
   compromised_password_randomizer_value: 1
   dashboard_api_token: test_token
   dashboard_url: http://localhost:3001/api/service_providers
-  desktop_ft_unlock_setup_option_percent_tested: 100
   doc_auth_selfie_desktop_test_mode: true
   domain_name: localhost:3000
   enable_rate_limiting: false

diff --git a/config/initializers/ab_tests.rb b/config/initializers/ab_tests.rb
@@ -145,18 +145,6 @@ def self.all
     },
   ).freeze
 
-  DESKTOP_FT_UNLOCK_SETUP = AbTest.new(
-    experiment_name: 'Desktop F/T unlock setup',
-    should_log: [
-      'User Registration: 2FA Setup visited',
-      'WebAuthn Setup Visited',
-      :webauthn_setup_submitted,
-      'Multi-Factor Authentication Setup',
-    ].to_set,
-    buckets: { desktop_ft_unlock_option_shown:
-        IdentityConfig.store.desktop_ft_unlock_setup_option_percent_tested },
-  ).freeze
-
   DOC_AUTH_PASSPORT = AbTest.new(
     experiment_name: 'Passport allowed',
     should_log: /^idv/i,

diff --git a/lib/identity_config.rb b/lib/identity_config.rb
@@ -114,7 +114,6 @@ def self.store
     config.add(:database_worker_jobs_username, type: :string)
     config.add(:deleted_user_accounts_report_configs, type: :json)
     config.add(:deliver_mail_async, type: :boolean)
-    config.add(:desktop_ft_unlock_setup_option_percent_tested, type: :integer)
     config.add(:development_mailer_deliver_method, type: :symbol, enum: [:file, :letter_opener])
     config.add(:disable_email_sending, type: :boolean)
     config.add(:disposable_email_services, type: :json)

diff --git a/spec/components/webauthn_input_component_spec.rb b/spec/components/webauthn_input_component_spec.rb
@@ -17,28 +17,6 @@
     expect(component.passkey_supported_only?).to eq(false)
   end
 
-  it 'does not render desktop-ft-unlock-option attribute' do
-    expect(rendered).to have_css('lg-webauthn-input:not([desktop-ft-unlock-option="false"])')
-  end
-
-  context 'with desktop_ft_unlock_option' do
-    let(:options) { super().merge(desktop_ft_unlock_option: true) }
-
-    it 'does render desktop-ft-unlock-option attribute' do
-      expect(rendered).to have_css('lg-webauthn-input[desktop-ft-unlock-option="true"]')
-    end
-
-    context 'in a locale other than english' do
-      before do
-        I18n.locale = I18n.available_locales.sample
-      end
-
-      it 'does not render desktop-ft-unlock-option attribute' do
-        expect(rendered).to have_css('lg-webauthn-input:not([desktop-ft-unlock-option="false"])')
-      end
-    end
-  end
-
   context 'with platform option' do
     context 'with platform option false' do
       let(:options) { super().merge(platform: false) }

diff --git a/spec/config/initializers/ab_tests_spec.rb b/spec/config/initializers/ab_tests_spec.rb
@@ -469,51 +469,6 @@
     end
   end
 
-  describe 'DESKTOP_FT_UNLOCK_SETUP' do
-    let(:user) { nil }
-    let(:user_session) { {} }
-
-    subject(:bucket) do
-      AbTests::DESKTOP_FT_UNLOCK_SETUP.bucket(
-        request: nil,
-        service_provider: nil,
-        session: nil,
-        user:,
-        user_session:,
-      )
-    end
-
-    context 'when A/B test is disabled' do
-      before do
-        allow(IdentityConfig.store).to receive(:desktop_ft_unlock_setup_option_percent_tested)
-          .and_return(0)
-        reload_ab_tests
-      end
-
-      context 'when it would otherwise assign a bucket' do
-        let(:user) { build(:user) }
-
-        it 'does not return a bucket' do
-          expect(bucket).to be_nil
-        end
-      end
-    end
-
-    context 'when A/B test is enabled' do
-      before do
-        allow(IdentityConfig.store).to receive(:desktop_ft_unlock_setup_option_percent_tested)
-          .and_return(100)
-        reload_ab_tests
-      end
-
-      let(:user) { build(:user) }
-
-      it 'returns a bucket' do
-        expect(bucket).not_to be_nil
-      end
-    end
-  end
-
   describe 'DOC_AUTH_PASSPORT' do
     let(:ab_test) { :DOC_AUTH_PASSPORT }
 

diff --git a/spec/controllers/users/two_factor_authentication_setup_controller_spec.rb b/spec/controllers/users/two_factor_authentication_setup_controller_spec.rb
@@ -21,12 +21,6 @@
       )
     end
 
-    it 'initializes presenter with false ab test bucket value' do
-      response
-
-      expect(assigns(:presenter).desktop_ft_ab_test).to be false
-    end
-
     context 'with threatmetrix disabled' do
       before do
         allow(FeatureManagement).to receive(:proofing_device_profiling_collecting_enabled?)
@@ -155,20 +149,6 @@
         expect(response).to redirect_to(user_two_factor_authentication_url)
       end
     end
-
-    context 'with user opted in to desktop ft unlock setup ab test' do
-      before do
-        allow(controller).to receive(:ab_test_bucket).with(
-          :DESKTOP_FT_UNLOCK_SETUP,
-        ).and_return(:desktop_ft_unlock_option_shown)
-      end
-
-      it 'initializes presenter with ab test bucket value' do
-        response
-
-        expect(assigns(:presenter).desktop_ft_ab_test).to eq(true)
-      end
-    end
   end
 
   describe '#create' do

diff --git a/spec/features/webauthn/hidden_spec.rb b/spec/features/webauthn/hidden_spec.rb
@@ -60,36 +60,6 @@
           expect(webauthn_option_hidden?).to eq(true)
         end
 
-        context 'when in ab test for desktop setup' do
-          before do
-            allow(IdentityConfig.store).to receive(:desktop_ft_unlock_setup_option_percent_tested)
-              .and_return(100)
-            reload_ab_tests
-          end
-
-          it 'displays the authenticator option' do
-            sign_up_and_set_password
-            simulate_platform_authenticator_available
-
-            expect(webauthn_option_hidden?).to eq(false)
-          end
-        end
-
-        context 'when A/B test is disabled' do
-          before do
-            allow(IdentityConfig.store).to receive(:desktop_ft_unlock_setup_option_percent_tested)
-              .and_return(0)
-            reload_ab_tests
-          end
-
-          it 'hides the authenticator option' do
-            sign_up_and_set_password
-            simulate_platform_authenticator_available
-
-            expect(webauthn_option_hidden?).to eq(true)
-          end
-        end
-
         context 'with supported browser and platform authenticator available',
                 driver: :headless_chrome_mobile do
           it 'displays the authenticator option' do