Skip to content

LG-16683: choose doc auth vendor after choose id type #12448

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
amirbey merged 19 commits into from
Aug 26, 2025
Merged

LG-16683: choose doc auth vendor after choose id type #12448

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
19 commits
Select commit Hold shift + click to select a range
78c1dbb
choose doc auth vendor after choose id type
amirbey Aug 22, 2025
55addb2
remove cruft filter
amirbey Aug 25, 2025
38395b9
passport not allowed redirect to document capture
amirbey Aug 25, 2025
5d2e6af
passport not allowed redirect to document capture
amirbey Aug 25, 2025
b05ccc4
update doc auth vendor specs to user doc cap sesh
amirbey Aug 25, 2025
08b92b8
use passport a/b only when passport for ial1
amirbey Aug 25, 2025
889178e
undo ruby version local change
amirbey Aug 25, 2025
ec75c7b
happy linting
amirbey Aug 25, 2025
cd8919a
spec to check doc auth vendor is unset
amirbey Aug 25, 2025
8536872
remove doc auth vendor from welcome analytics events
amirbey Aug 25, 2025
1b762c4
update choose id type spec to test vendor a/b routing on resubmit
amirbey Aug 25, 2025
4ed33dd
fix expected path
amirbey Aug 25, 2025
38deeea
fix doc auth vendor expectation
amirbey Aug 25, 2025
4b0a66d
update doc auth router to use passsport requested
amirbey Aug 25, 2025
07d1a74
add hybrid mobile choose id specs
amirbey Aug 25, 2025
0da1e0f
to be addressed in LG-16684
amirbey Aug 25, 2025
0c7c7b3
remove comments
amirbey Aug 26, 2025
33920e2
undo ruby version change for local dev
amirbey Aug 26, 2025
3a8319c
add new line
amirbey Aug 26, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 10 additions & 2 deletions app/controllers/concerns/idv/choose_id_type_concern.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,9 +8,17 @@ def chosen_id_type

def set_passport_requested
if chosen_id_type == 'passport'
document_capture_session.update!(passport_status: 'requested')
unless document_capture_session.passport_requested?
document_capture_session.update!(
passport_status: 'requested',
doc_auth_vendor: nil,
)
end
else
document_capture_session.update!(passport_status: 'not_requested')
document_capture_session.update!(
passport_status: 'not_requested',
doc_auth_vendor: nil,
)
end
end

Expand Down
81 changes: 41 additions & 40 deletions app/controllers/concerns/idv/doc_auth_vendor_concern.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,38 +4,6 @@ module Idv
module DocAuthVendorConcern
include AbTestingConcern

# @returns[String] String identifying the vendor to use for doc auth.
def doc_auth_vendor
idv_session.bucketed_doc_auth_vendor ||= begin
bucket = nil
if socure_user_set.maxed_users?
bucket = choose_non_socure_bucket
elsif resolved_authn_context_result.facial_match?
if idv_session.passport_allowed
bucket = choose_non_socure_bucket
else
bucket = ab_test_bucket(:DOC_AUTH_SELFIE_VENDOR)
end
elsif idv_session.passport_allowed
bucket = ab_test_bucket(:DOC_AUTH_PASSPORT_VENDOR)
else
bucket = ab_test_bucket(:DOC_AUTH_VENDOR)
end

if bucket == :socure
if !add_user_to_socure_set
bucket = choose_non_socure_bucket # force to lexis_nexis if max user reached
end
end

DocAuthRouter.doc_auth_vendor_for_bucket(
bucket,
selfie: resolved_authn_context_result.facial_match?,
passport_allowed: idv_session.passport_allowed,
)
end
end

def doc_auth_vendor_enabled?(vendor)
return true if IdentityConfig.store.doc_auth_vendor_default == vendor
return false unless IdentityConfig.store.doc_auth_vendor_switching_enabled
Expand Down Expand Up @@ -64,6 +32,12 @@ def doc_auth_selfie_vendor_enabled?(vendor)
end
end

def update_doc_auth_vendor(user: current_user)
if document_capture_session.doc_auth_vendor.blank?
document_capture_session.update!(doc_auth_vendor: bucketed_doc_auth_vendor(user))
end
end

private

def choose_non_socure_bucket
Expand All @@ -78,17 +52,44 @@ def socure_user_set
@socure_user_set ||= SocureUserSet.new
end

def add_user_to_socure_set
uuid = current_user&.uuid
if uuid.nil? && defined?(document_capture_user)
uuid = document_capture_user&.uuid
end

if uuid
return socure_user_set.add_user!(user_uuid: uuid)
def add_user_to_socure_set(user)
if user&.uuid
return socure_user_set.add_user!(user_uuid: user.uuid)
end

false
end

# @returns[String] String identifying the vendor to use for doc auth.
def bucketed_doc_auth_vendor(user)
@bucketed_doc_auth_vendor ||= begin
bucket = nil
if socure_user_set.maxed_users?
bucket = choose_non_socure_bucket
elsif resolved_authn_context_result.facial_match?
if document_capture_session.passport_requested?
bucket = choose_non_socure_bucket
else
bucket = ab_test_bucket(:DOC_AUTH_SELFIE_VENDOR, user:)
end
elsif document_capture_session.passport_requested?
bucket = ab_test_bucket(:DOC_AUTH_PASSPORT_VENDOR, user:)
else
bucket = ab_test_bucket(:DOC_AUTH_VENDOR, user:)
end

if bucket == :socure
if !add_user_to_socure_set(user)
bucket = choose_non_socure_bucket # force to lexis_nexis if max user reached
end
end

DocAuthRouter.doc_auth_vendor_for_bucket(
bucket,
selfie: resolved_authn_context_result.facial_match?,
passport_requested: document_capture_session.passport_requested?,
)
end
end
end
end
2 changes: 2 additions & 0 deletions app/controllers/idv/document_capture_controller.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,9 +7,11 @@ class DocumentCaptureController < ApplicationController
include DocumentCaptureConcern
include IdvStepConcern
include StepIndicatorConcern
include DocAuthVendorConcern

before_action :confirm_not_rate_limited, except: [:update, :direct_in_person]
before_action :confirm_step_allowed, unless: -> { allow_direct_ipp? }
before_action :update_doc_auth_vendor, only: :show
before_action :override_csp_to_allow_acuant
before_action :set_usps_form_presenter
before_action -> do
Expand Down
5 changes: 1 addition & 4 deletions app/controllers/idv/hybrid_mobile/choose_id_type_controller.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -44,10 +44,7 @@ def update

def redirect_if_passport_not_available
unless document_capture_session.passport_allowed?
redirect_to correct_vendor_path(
document_capture_session.doc_auth_vendor,
in_hybrid_mobile: true,
)
redirect_to idv_hybrid_mobile_document_capture_url
end
end

Expand Down
4 changes: 4 additions & 0 deletions app/controllers/idv/hybrid_mobile/document_capture_controller.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,10 +6,14 @@ class DocumentCaptureController < ApplicationController
include Idv::AvailabilityConcern
include DocumentCaptureConcern
include HybridMobileConcern
include DocAuthVendorConcern

before_action :check_valid_document_capture_session
before_action :override_csp_to_allow_acuant
before_action :confirm_document_capture_needed, only: :show
before_action -> do
update_doc_auth_vendor(user: document_capture_user)
end, only: :show
before_action :set_usps_form_presenter
before_action -> do
redirect_to_correct_vendor(Idp::Constants::Vendors::LEXIS_NEXIS, in_hybrid_mobile: true)
Expand Down
5 changes: 1 addition & 4 deletions app/controllers/idv/hybrid_mobile/entry_controller.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,10 +19,7 @@ def show
return
end

redirect_to correct_vendor_path(
document_capture_session.doc_auth_vendor,
in_hybrid_mobile: true,
)
redirect_to idv_hybrid_mobile_document_capture_url
end

private
Expand Down
4 changes: 4 additions & 0 deletions app/controllers/idv/hybrid_mobile/socure/document_capture_controller.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,10 +9,14 @@ class DocumentCaptureController < ApplicationController
include Idv::HybridMobile::HybridMobileConcern
include RenderConditionConcern
include SocureErrorsConcern
include DocAuthVendorConcern

check_or_render_not_found -> { IdentityConfig.store.socure_docv_enabled }
before_action :check_valid_document_capture_session
before_action :validate_step_not_completed, only: [:show]
before_action -> do
update_doc_auth_vendor(user: document_capture_user)
end, only: :show
before_action -> do
redirect_to_correct_vendor(Idp::Constants::Vendors::SOCURE, in_hybrid_mobile: true)
end, only: :show
Expand Down
2 changes: 2 additions & 0 deletions app/controllers/idv/socure/document_capture_controller.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ class DocumentCaptureController < ApplicationController
include IdvStepConcern
include DocumentCaptureConcern
include RenderConditionConcern
include DocAuthVendorConcern

check_or_render_not_found -> { IdentityConfig.store.socure_docv_enabled }

Expand All @@ -16,6 +17,7 @@ class DocumentCaptureController < ApplicationController
end, only: :update

before_action :confirm_step_allowed
before_action :update_doc_auth_vendor, only: :show
before_action -> do
redirect_to_correct_vendor(Idp::Constants::Vendors::SOCURE, in_hybrid_mobile: false)
end, only: :show
Expand Down
19 changes: 0 additions & 19 deletions app/controllers/idv/welcome_controller.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,6 @@ class WelcomeController < ApplicationController
include Idv::AvailabilityConcern
include IdvStepConcern
include StepIndicatorConcern
include DocAuthVendorConcern
include Idv::ChooseIdTypeConcern

before_action :confirm_step_allowed
Expand All @@ -14,7 +13,6 @@ class WelcomeController < ApplicationController
before_action :update_passport_allowed,
only: :show,
if: -> { IdentityConfig.store.doc_auth_passports_enabled }
before_action :update_doc_auth_vendor

def show
idv_session.proofing_started_at ||= Time.zone.now.iso8601
Expand Down Expand Up @@ -47,7 +45,6 @@ def self.step_info
undo_step: ->(idv_session:, user:) do
idv_session.welcome_visited = nil
idv_session.document_capture_session_uuid = nil
idv_session.bucketed_doc_auth_vendor = nil
idv_session.passport_allowed = nil
end,
)
Expand All @@ -59,26 +56,14 @@ def analytics_arguments
{
step: 'welcome',
analytics_id: 'Doc Auth',
doc_auth_vendor: idv_session.bucketed_doc_auth_vendor,
passport_allowed: idv_session.passport_allowed,
}.merge(ab_test_analytics_buckets)
end

def create_document_capture_session
existing_session = if idv_session.document_capture_session_uuid
DocumentCaptureSession.find_by(
uuid: idv_session.document_capture_session_uuid,
)
end

if existing_session
return
end

document_capture_session = DocumentCaptureSession.create!(
user_id: current_user.id,
issuer: sp_session[:issuer],
doc_auth_vendor:,
passport_status:,
)
idv_session.document_capture_session_uuid = document_capture_session.uuid
Expand All @@ -90,10 +75,6 @@ def cancel_previous_in_person_enrollments
)
end

def update_doc_auth_vendor
doc_auth_vendor
end

def update_passport_allowed
if !IdentityConfig.store.doc_auth_passports_enabled || (
resolved_authn_context_result.facial_match? &&
Expand Down
6 changes: 0 additions & 6 deletions app/services/analytics_events.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2392,14 +2392,12 @@ def idv_doc_auth_warning_visited(step_name:, remaining_submit_attempts:, **extra
# User submits IdV welcome screen
# @param [String] step Current IdV step
# @param [String] analytics_id Current IdV flow identifier
# @param [String] doc_auth_vendor Vendor used for document capture
# @param [Boolean] passport_allowed Whether passport is allowed for document capture
# @param [Boolean] skip_hybrid_handoff Whether skipped hybrid handoff A/B test is active
# @param [Boolean] opted_in_to_in_person_proofing User opted into in person proofing
def idv_doc_auth_welcome_submitted(
step:,
analytics_id:,
doc_auth_vendor:,
passport_allowed:,
opted_in_to_in_person_proofing: nil,
skip_hybrid_handoff: nil,
Expand All @@ -2409,7 +2407,6 @@ def idv_doc_auth_welcome_submitted(
'IdV: doc auth welcome submitted',
step:,
analytics_id:,
doc_auth_vendor:,
passport_allowed:,
opted_in_to_in_person_proofing:,
skip_hybrid_handoff:,
Expand All @@ -2420,14 +2417,12 @@ def idv_doc_auth_welcome_submitted(
# User visits IdV welcome screen
# @param [String] step Current IdV step
# @param [String] analytics_id Current IdV flow identifier
# @param [String] doc_auth_vendor Vendor used for document capture
# @param [Boolean] passport_allowed Whether passport is allowed for document capture
# @param [Boolean] skip_hybrid_handoff Whether skipped hybrid handoff A/B test is active
# @param [Boolean] opted_in_to_in_person_proofing User opted into in person proofing
def idv_doc_auth_welcome_visited(
step:,
analytics_id:,
doc_auth_vendor:,
passport_allowed:,
opted_in_to_in_person_proofing: nil,
skip_hybrid_handoff: nil,
Expand All @@ -2437,7 +2432,6 @@ def idv_doc_auth_welcome_visited(
'IdV: doc auth welcome visited',
step:,
analytics_id:,
doc_auth_vendor:,
passport_allowed:,
skip_hybrid_handoff:,
opted_in_to_in_person_proofing:,
Expand Down
4 changes: 2 additions & 2 deletions app/services/doc_auth_router.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -196,7 +196,7 @@ def self.client(vendor:, warn_notifier: nil)
end
# rubocop:enable Layout/LineLength

def self.doc_auth_vendor_for_bucket(bucket, selfie: false, passport_allowed: false)
def self.doc_auth_vendor_for_bucket(bucket, selfie: false, passport_requested: false)
case bucket
when :socure
Idp::Constants::Vendors::SOCURE
Expand All @@ -209,7 +209,7 @@ def self.doc_auth_vendor_for_bucket(bucket, selfie: false, passport_allowed: fal
else # e.g., nil
if selfie
IdentityConfig.store.doc_auth_selfie_vendor_default
elsif passport_allowed
elsif passport_requested
IdentityConfig.store.doc_auth_passport_vendor_default
else
IdentityConfig.store.doc_auth_vendor_default
Expand Down
Loading