Skip to content

Deploy rc-2017-08-21 to staging#1624

Merged
jmhooper merged 38 commits intostages/stagingfrom
stages/rc-2017-08-21
Aug 17, 2017
Merged

Deploy rc-2017-08-21 to staging#1624
jmhooper merged 38 commits intostages/stagingfrom
stages/rc-2017-08-21

Conversation

@jmhooper
Copy link
Contributor

@jmhooper jmhooper commented Aug 17, 2017

No description provided.

rlxdev and others added 30 commits July 24, 2017 16:24
@rlxdev
Improve Configuration Setting Validation
dad14d9 
**Why**:
- Current implementation looks at all environment variables, both
those associated with application configuration and those that don't apply
(e.g., IMSETTINGS_INTEGRATE_DESKTOP).  Non-configuration settings with
bad values will cause warnings.  This change aims to target validation to
only the configuration values.

**How**:
- Select keys (environment variable names) that have a 2nd definition prefixed
with "FIGARO_" - these are the key/value pairs associated with application
configuration.
- Check values case insensitive, ignoring white space.
- Add test cases.
@gemfarmer
Fix verification by mail redirect logic (#1569)
a86a124 
Fixes an issue that was redirecting users to /verify instead of /account after clicking the "Send another letter" button.
@zachmargolis
Fix load testing script for new phone form
a40b46c 
**Why**: Adding a new field broke the script
@zachmargolis
Merge pull request #1572 from 18F/margolis-update-load-test-scripts
6573ad2 
Fix load testing script for new phone form
@jmhooper
Add OTP delivery prefence to update phone form
50bfd66 
**Why**: So the user can select an OTP delivery preference for their new
phone number.

Merge 2FA setup and update user phone form

**Why**: With the addition of the OTP delivery preference option, both
forms are essentially identical and can be served by a single class.

Use submitted phone if phone is invalid

**Why**: The phone number formatting and validations mutates the phone
number on the user phone form. This can cause weird errors, especially
when the country code doesn't match the phone number. For example,
`+212-123-456-7890` becomes `+212-212-123-456-7890` after formatting.
This commit uses the submitted value instead of the formatted value when
the phone is invalid to prevent this.
@jmhooper
Merge pull request #1571 from 18F/jmhooper-update-user-phone-otp-sele…
29b4210 
…ction

Add OTP delivery preference to update user phone form
@zachmargolis
Update loading spinner
183efc8 
**Why**: Stay on-brand
@zachmargolis
Merge pull request #1573 from 18F/margolis-updated-spinner
9a29d6c 
Update loading spinner
@monfresh
Merge pull request #1569 from 18F/bsh-usps-verification
1ccd05d 
Fix verification by mail redirect logic
@monfresh
Merge pull request #1558 from rlxdev/rlxdev-cfg_validator
80a0598 
Provide better 'bad key' value error message
@zachmargolis
Update digital analytics program i18n
4e89290 
**Why**:
It keeps HTML tags out of the translation pipeline. Sending HTML
through translations is error-prone so this just focuses on the
copy.
@zachmargolis
Merge pull request #1575 from 18F/margolis-update-dap-comment
fef5ba5 
Update digital analytics program i18n
@zachmargolis
Allow pre-filling OTP in dev environment
3fe2510 
**Why**: Additional flexibility for load testing
@zachmargolis
Merge pull request #1577 from 18F/margolis-load-test-in-dev
5284188 
Allow pre-filling OTP in dev environment
@monfresh
Use shared examples for OIDC and SAML LOA3 specs
b49503f 
**Why**: To make it easier to remember that LOA3 features should always
be tested with both SAML and OIDC

This is a small PR to show what I have in mind for refactoring these
tests and to make sure we have consistent coverage between SAML and
OIDC.
@monfresh
Merge pull request #1579 from 18F/mb-refactor-sp-specs
2f82292 
Use shared examples for OIDC and SAML LOA3 specs
@jmhooper
Reorder phone confirmation and review page
f2845b7 
**Why**: It is confusing for users to verify their phone number after
entering confirming their profile by entering their password. This
commit changes the order so the user verifies their phone immediately
after entering it

Add spec for session#complete_session

**Why**: While working on the verify by phone flow for the IdV process,
I want to add a test to make sure that I don't create a situation where
a profile can be activated without a confirmed phone number of record.

Link to cancel path for idv phone OTP cancel

**Why**: When a user cancels during identity verification, we don't want
to sign them out. They were being signed out because we were sharing
code with the authentication 2FA flow.

Check in review controller if phone confirmed

**Why**: If the user has not confirmed their phone during the IdV flow,
we want to redirect to the phone confirmation instead of allowing them
to continue with the creation of their profile.
@jmhooper
Merge pull request #1530 from 18F/jmhooper-verify-phone-password-flow
a9526ea 
Reorder phone confirmation and review page
@blacktm
Add CBP OARS prod config
d918437 
**Why**: To enable rollout
@monfresh
Move USPS verification specs to shared example
0728a00 
**Why**: To continue consolidating SAML and OIDC specs
@monfresh
Merge pull request #1581 from 18F/mb-fix-oidc-controller
2258bd7 
Move USPS verification specs to shared example
@jmhooper
Move USPS verification selection to shared example
001586e 
**Why**: We want tests for the case where the user selects USPS
verification for both the SAML and OIDC protocols.
@jmhooper
Merge pull request #1583 from 18F/jmhooper-usps-verification-shared-e…
f3644a4 
…xamples

Move USPS verification selection to shared example
@monfresh
Merge pull request #1580 from 18F/add-cbp-oars-prod
c7ffef0 
Add CBP OARS prod config
@hursey013
Use style-guide to import fonts and favicons
30999cd
@hursey013
Merge pull request #1582 from 18F/bh-use-style-guide
574c5ac 
Use style-guide to import fonts and favicons
@jmhooper
Add come back later page
c1c8da1 
**Why**: Provide the user helpful instructions explaining that the idv
flow is finished until they receive a letter with their OTP. Also, gives
them the ability to return to the SP, or if we don't have a URL for the
SP, their account page.
@jmhooper
Merge pull request #1584 from 18F/jmhooper-come-back-later-page
297d2f5 
Add come back later page
@monfresh
Use a whitelist approach for URL parameters
daf4e4c 
**Why**: Similarly to strong parameters, it's a best practice to use
a whitelist approach as opposed to excluding unwanted parameters.
@monfresh
Merge pull request #1587 from 18F/mb-whitelist-params
e66b04d 
Use a whitelist approach for URL parameters
blacktm and others added 8 commits August 4, 2017 13:49
@blacktm
Update CBP OARS SP config
913cbe4 
**Why**: Missing colon in URI scheme from #1580
@blacktm
Merge pull request #1588 from 18F/update-cbs-oars-sp
537584e 
Update CBP OARS SP config
@hursey013
Revert "Merge pull request #1582 from 18F/bh-use-style-guide"
6bce21d 
This needs to be configured in Chef first.
@hursey013
Merge pull request #1589 from 18F/bh-undo-style-guide-npm
5094016 
Revert "Merge pull request #1582 from 18F/bh-use-style-guide"
@jmhooper
Format phone number of record as a US number
aeca825 
**Why**: Only US numbers can be used as the phone number of record. This
commit changes the frontend JS so that the text fields only formats US
numbers and prevents the user from typing an international number.

Don't use intl number for init value in IdV form

**Why**: We don't allow the user to use an international number during
identity verification, so we should not populate the form with an
international number as the initial value
@brodygov @jmhooper
Log useful error message when failing to load key.
81cad98 
**Why**:

This is a common error to encounter in deployment, and right now we get
an extremely unhelpful message. There isn't even any way to tell what
key file failed to load without looking at the line number in the
backtrace and consulting the IDP source code.

```
OpenSSL::PKey::RSAError: Neither PUB key nor PRIV key: nested asn1 error
```

With this change, we will at least log a better message to help
understand what's happening.
@jmhooper
Merge pull request #1578 from 18F/jmhooper-idv-flow-phone-formatter
10eb0cc 
Disallow international numbers in IdV process
@jmhooper
Merge pull request #1585 from 18F/brody/key-load-err-msg
7ca0230 
Log useful error message when failing to load key.
@jmhooper jmhooper changed the title Deploy rc-2017-08-21 Deploy rc-2017-08-21 to staging Aug 17, 2017
zachmargolis
zachmargolis approved these changes Aug 17, 2017
View reviewed changes
Copy link
Contributor

@zachmargolis zachmargolis left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@zachmargolis
Copy link
Contributor

zachmargolis commented Aug 17, 2017

Spec failure is OK -- this file is not actually served by our app so it won't break in IE due to CSP issues

Failures:
  1) SVG files /vendor/bundle/ruby/2.3.0/gems/rack-2.0.3/contrib/rack_logo.svg does not contain inline style tags (that render poorly in IE due to CSP)
     Failure/Error: expect(doc.css('style')).to be_empty
       expected `[#<Nokogiri::XML::Element:0x7d66bac name="style" namespace=#<Nokogiri::XML::Namespace:0x7d6ccc8 href=...#000000;stroke-width:5.8905;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:30;}\n">]>].empty?` to return true, got false
     # ./spec/svg_spec.rb:11:in `block (4 levels) in <top (required)>'

@jmhooper jmhooper merged commit 60fc2b8 into stages/staging Aug 17, 2017
@mitchellhenke mitchellhenke deleted the stages/rc-2017-08-21 branch December 28, 2021 16:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@zachmargolis zachmargolis zachmargolis approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

8 participants

@jmhooper @zachmargolis @rlxdev @gemfarmer @monfresh @blacktm @hursey013 @brodygov