diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 7f80f621e36..578d0bf95eb 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -538,10 +538,15 @@ def find_device_profiling_result(type) ).last end + def user_in_one_account_verification_bucket? + ab_test_bucket(:ONE_ACCOUNT_USER_VERIFICATION_ENABLED) == :one_account_user_verification_enabled + end + def user_duplicate_profiles_detected? return false unless sp_eligible_for_one_account? profile = current_user&.active_profile return false unless profile + return false unless user_in_one_account_verification_bucket? user_session[:duplicate_profile_ids].present? end diff --git a/config/application.yml.default b/config/application.yml.default index e26c3a032d5..fcb8b478267 100644 --- a/config/application.yml.default +++ b/config/application.yml.default @@ -307,6 +307,7 @@ minimum_wait_before_another_usps_letter_in_hours: 24 mx_timeout: 3 new_device_alert_delay_in_minutes: 5 newrelic_license_key: '' +one_account_user_verification_enabled_percentage: 0 openid_connect_content_security_form_action_enabled: false openid_connect_redirect: client_side_js otp_delivery_blocklist_findtime: 5 diff --git a/config/initializers/ab_tests.rb b/config/initializers/ab_tests.rb index 3ffe11484cf..230ad2aec19 100644 --- a/config/initializers/ab_tests.rb +++ b/config/initializers/ab_tests.rb @@ -137,6 +137,23 @@ def self.all user&.uuid end.freeze + ONE_ACCOUNT_USER_VERIFICATION_ENABLED = AbTest.new( + experiment_name: 'One Account User Verification Enabled', + should_log: [ + 'Email and Password Authentication', + 'SP redirect initiated', + :one_account_duplicate_profiles_detected, + :one_account_unknown_profile_detected, + :one_account_recognize_all_profiles, + ].to_set, + buckets: { + one_account_user_verification_enabled_percentage: + IdentityConfig.store.one_account_user_verification_enabled_percentage, + }, + ) do |user:, user_session:, **| + user&.uuid + end.freeze + SOCURE_IDV_SHADOW_MODE_FOR_NON_DOCV_USERS = AbTest.new( experiment_name: 'Socure shadow mode', should_log: ['IdV: doc auth verify proofing results'].to_set, diff --git a/lib/identity_config.rb b/lib/identity_config.rb index 82a303f94a8..352baa76d00 100644 --- a/lib/identity_config.rb +++ b/lib/identity_config.rb @@ -319,6 +319,7 @@ def self.store config.add(:mx_timeout, type: :integer) config.add(:new_device_alert_delay_in_minutes, type: :integer) config.add(:newrelic_license_key, type: :string) + config.add(:one_account_user_verification_enabled_percentage, type: :integer) config.add( :openid_connect_redirect, type: :string, diff --git a/spec/controllers/application_controller_spec.rb b/spec/controllers/application_controller_spec.rb index a63f0de104f..543fda4c287 100644 --- a/spec/controllers/application_controller_spec.rb +++ b/spec/controllers/application_controller_spec.rb @@ -613,6 +613,8 @@ def index .and_return([issuer]) allow(controller).to receive(:sp_from_sp_session) .and_return(sp) + + allow(controller).to receive(:user_in_one_account_verification_bucket?).and_return(true) end context 'when SP is not eligible for one account' do @@ -646,24 +648,20 @@ def index context 'when user has active profile' do let!(:active_profile) { create(:profile, :active, user: user) } - context 'when no duplicate profile confirmations exist' do + context 'when no duplicate profile ids found in session' do it 'returns false' do get :index expect(response.body).to eq('false') end end - - context 'when duplicate profile confirmations exist but are already confirmed' do + context 'when duplicate profile ids found in session' do before do - create( - :duplicate_profile_confirmation, - profile: active_profile, confirmed_all: Time.zone.now, - ) + controller.user_session[:duplicate_profile_ids] = [active_profile.id] end - it 'returns false' do + it 'returns true' do get :index - expect(response.body).to eq('false') + expect(response.body).to eq('true') end end end