From b9d6ae1962aaf1e1fc421f51369b989b412e53f5 Mon Sep 17 00:00:00 2001 From: Jonathan Hooper Date: Tue, 31 Mar 2020 10:00:06 -0400 Subject: [PATCH 01/11] Remove code for the old proofing flow from the tests **Why**: So the tests test the code the user actually sees when they doc auth --- .../idv/jurisdiction_controller.rb | 55 ----- app/controllers/idv/sessions_controller.rb | 88 +------- app/controllers/idv_controller.rb | 12 +- .../two_factor_login_options_presenter.rb | 5 - .../options/index.html.slim | 9 +- app/views/users/piv_cac_login/error.html.slim | 1 + config/application.yml.default | 4 - config/routes.rb | 33 +-- lib/feature_management.rb | 8 - .../idv/capture_doc_controller_spec.rb | 1 - .../idv/doc_auth_controller_spec.rb | 1 - .../idv/jurisdiction_controller_spec.rb | 105 ---------- .../idv/recovery_controller_spec.rb | 1 - .../idv/sessions_controller_spec.rb | 190 ------------------ spec/controllers/idv_controller_spec.rb | 6 - spec/features/idv/account_creation_spec.rb | 1 + .../features/idv/actions/reset_action_spec.rb | 1 - .../idv/cac/choose_method_step_spec.rb | 1 - spec/features/idv/cac/welcome_step_spec.rb | 1 - .../idv/doc_auth/address_step_spec.rb | 1 - .../idv/doc_auth/back_image_step_spec.rb | 1 - spec/features/idv/doc_auth/cancel_spec.rb | 1 - .../idv/doc_auth/doc_success_step_spec.rb | 1 - .../idv/doc_auth/email_sent_step_spec.rb | 1 - spec/features/idv/doc_auth/finished_spec.rb | 1 - .../idv/doc_auth/front_image_step_spec.rb | 1 - .../idv/doc_auth/link_sent_step_spec.rb | 1 - .../doc_auth/mobile_back_image_step_spec.rb | 1 - .../doc_auth/mobile_front_image_step_spec.rb | 1 - .../idv/doc_auth/send_link_step_spec.rb | 1 - spec/features/idv/doc_auth/ssn_step_spec.rb | 1 - .../idv/doc_auth/test_credentials_spec.rb | 1 - .../features/idv/doc_auth/verify_step_spec.rb | 1 - .../idv/doc_auth/welcome_step_spec.rb | 2 - .../doc_capture/capture_complete_step_spec.rb | 1 - .../mobile_back_image_step_spec.rb | 1 - .../mobile_front_image_step_spec.rb | 1 - .../idv/phone_otp_rate_limiting_spec.rb | 3 +- .../idv/recovery/back_image_step_spec.rb | 1 - .../idv/recovery/front_image_step_spec.rb | 1 - .../idv/recovery/overview_step_spec.rb | 2 - .../idv/recovery/recover_fail_step_spec.rb | 1 - .../idv/recovery/recover_step_spec.rb | 1 - spec/features/idv/recovery/ssn_step_spec.rb | 1 - .../features/idv/recovery/upload_step_spec.rb | 1 - .../features/idv/recovery/verify_step_spec.rb | 1 - .../idv/steps/jurisdiction_step_spec.rb | 71 ------- spec/features/idv/steps/profile_step_spec.rb | 97 --------- spec/features/sp_cost_tracking_spec.rb | 4 - spec/features/users/sign_in_spec.rb | 1 - spec/lib/feature_management_spec.rb | 28 --- spec/support/features/doc_auth_helper.rb | 6 +- spec/support/features/idv_helper.rb | 41 ---- spec/support/features/idv_step_helper.rb | 31 +-- .../idv_examples/cancel_at_idv_step.rb | 4 +- .../idv_examples/clearing_and_restarting.rb | 16 +- .../idv_examples/sp_requested_attributes.rb | 12 +- .../shared_examples/account_creation.rb | 14 +- 58 files changed, 39 insertions(+), 840 deletions(-) delete mode 100644 spec/controllers/idv/jurisdiction_controller_spec.rb delete mode 100644 spec/controllers/idv/sessions_controller_spec.rb delete mode 100644 spec/features/idv/steps/jurisdiction_step_spec.rb delete mode 100644 spec/features/idv/steps/profile_step_spec.rb diff --git a/app/controllers/idv/jurisdiction_controller.rb b/app/controllers/idv/jurisdiction_controller.rb index 718c1dce116..40d7eca8607 100644 --- a/app/controllers/idv/jurisdiction_controller.rb +++ b/app/controllers/idv/jurisdiction_controller.rb @@ -3,31 +3,7 @@ class JurisdictionController < ApplicationController include IdvSession before_action :confirm_two_factor_authenticated - before_action :confirm_idv_attempts_allowed before_action :confirm_idv_needed - before_action :confirm_step_needed, only: %i[new create] - before_action :set_jurisdiction_form, except: [:failure] - - def new - analytics.track_event(Analytics::IDV_JURISDICTION_VISIT) - end - - def create - result = @jurisdiction_form.submit(jurisdiction_params) - analytics.track_event(Analytics::IDV_JURISDICTION_FORM, result.to_h) - idv_session.selected_jurisdiction = @jurisdiction_form.state - - if result.success? - redirect_to idv_session_url - elsif ial2_consent_missing? - handle_missing_ial2_consent - else - # The only invalid result here is due to an unsupported jurisdiction - # and if it is missing from the params, it will be stopped by - # `strong_params`. - redirect_to failure_url(:unsupported_jurisdiction) - end - end def failure presenter = Idv::JurisdictionFailurePresenter.new( @@ -37,36 +13,5 @@ def failure ) render_full_width('shared/_failure', locals: { presenter: presenter }) end - - def jurisdiction_params - params.require(:jurisdiction).permit(*Idv::JurisdictionForm::ATTRIBUTES) - end - - private - - def set_jurisdiction_form - @jurisdiction_form ||= Idv::JurisdictionForm.new - end - - def confirm_step_needed - selected_jurisdiction = idv_session.selected_jurisdiction - return unless Idv::FormJurisdictionValidator::SUPPORTED_JURISDICTIONS. - include? selected_jurisdiction - - redirect_to idv_session_url unless selected_jurisdiction.nil? - end - - def ial2_consent_missing? - !@jurisdiction_form.ial2_consent_given? - end - - def handle_missing_ial2_consent - idv_session.selected_jurisdiction = nil - render :new - end - - def failure_url(reason) - idv_jurisdiction_failure_url(reason) - end end end diff --git a/app/controllers/idv/sessions_controller.rb b/app/controllers/idv/sessions_controller.rb index f487974b71e..164bf4a47ef 100644 --- a/app/controllers/idv/sessions_controller.rb +++ b/app/controllers/idv/sessions_controller.rb @@ -1,100 +1,16 @@ module Idv class SessionsController < ApplicationController include IdvSession - include PersonalKeyConcern - attr_reader :idv_form - - before_action :confirm_two_factor_authenticated, except: %i[success] - before_action :confirm_idv_attempts_allowed, except: %i[success destroy] - before_action :confirm_idv_needed, except: %i[destroy] - before_action :confirm_step_needed, except: %i[success destroy] - - delegate :attempts_exceeded?, to: :step, prefix: true - - def new - analytics.track_event(Analytics::IDV_BASIC_INFO_VISIT) - set_idv_form - @selected_state = idv_session.selected_jurisdiction - end - - def create - set_idv_form - form_result = idv_form.submit(profile_params) - analytics.track_event(Analytics::IDV_BASIC_INFO_SUBMITTED_FORM, form_result.to_h) - return process_form_failure unless form_result.success? - submit_proofing_attempt - end + before_action :confirm_two_factor_authenticated def destroy analytics.track_event(Analytics::IDV_VERIFICATION_ATTEMPT_CANCELLED) Idv::CancelVerificationAttempt.new(user: current_user).call + user_session['idv/doc_auth'] = {} idv_session.clear user_session.delete(:decrypted_pii) redirect_to idv_url end - - def success; end - - private - - def confirm_step_needed - redirect_to idv_session_success_url if idv_session.profile_confirmation == true - end - - def step - @_step ||= Idv::ProfileStep.new(idv_session: idv_session) - end - - def process_form_failure - if (sp_name = decorated_session.sp_name) && idv_form.unsupported_jurisdiction? - idv_form.add_sp_unsupported_jurisdiction_error(sp_name) - end - render :new - end - - def submit_proofing_attempt - idv_result = step.submit(profile_params.to_h) - analytics.track_event(Analytics::IDV_BASIC_INFO_SUBMITTED_VENDOR, idv_result.to_h) - redirect_to idv_session_success_url and return if idv_result.success? - handle_proofing_failure - end - - def handle_proofing_failure - idv_session.previous_profile_step_params = profile_params.to_h - redirect_to failure_url(step.failure_reason) - end - - def step_name - :sessions - end - - def remaining_step_attempts - Throttler::RemainingCount.call(current_user.id, :idv_resolution) - end - - def set_idv_form - @idv_form ||= Idv::ProfileForm.new( - user: current_user, - previous_params: idv_session.previous_profile_step_params, - ) - end - - def profile_params - params.require(:profile).permit(Idv::ProfileForm::PROFILE_ATTRIBUTES) - end - - def failure_url(reason) - case reason - when :warning - idv_session_errors_warning_url - when :timeout - idv_session_errors_timeout_url - when :jobfail - idv_session_errors_jobfail_url - when :fail - idv_session_errors_failure_url - end - end end end diff --git a/app/controllers/idv_controller.rb b/app/controllers/idv_controller.rb index d3714172bb6..ea4cf932559 100644 --- a/app/controllers/idv_controller.rb +++ b/app/controllers/idv_controller.rb @@ -31,11 +31,8 @@ def fail def verify_identity if proof_with_cac? redirect_to idv_cac_url - elsif doc_auth_enabled_and_exclusive? - redirect_to idv_doc_auth_url else - analytics.track_event(Analytics::IDV_INTRO_VISIT) - redirect_to idv_jurisdiction_url + redirect_to idv_doc_auth_url end end @@ -54,11 +51,4 @@ def proof_with_cac? (Db::EmailAddress::HasGovOrMil.call(current_user) || current_user.piv_cac_configurations.any?) end - - def doc_auth_enabled_and_exclusive? - # exclusive mode replaces the existing LOA3 flow with the doc auth flow - # non-exclusive mode allows both flows to co-exist - # in non-exclusive mode you enter the /verify/doc_auth path in the browser - FeatureManagement.doc_auth_enabled? && FeatureManagement.doc_auth_exclusive? - end end diff --git a/app/presenters/two_factor_login_options_presenter.rb b/app/presenters/two_factor_login_options_presenter.rb index 1fa9dae8a0c..1e3f4fc1594 100644 --- a/app/presenters/two_factor_login_options_presenter.rb +++ b/app/presenters/two_factor_login_options_presenter.rb @@ -42,11 +42,6 @@ def options configurations.group_by(&:class).flat_map { |klass, set| klass.selection_presenters(set) } end - def should_display_account_reset_or_cancel_link? - # IAL2 non-docauth users should not be able to reset account to comply with AAL2 reqs - !current_user.decorate.identity_verified? || FeatureManagement.doc_auth_enabled? - end - def account_reset_or_cancel_link account_reset_token_valid? ? account_reset_cancel_link : account_reset_link end diff --git a/app/views/two_factor_authentication/options/index.html.slim b/app/views/two_factor_authentication/options/index.html.slim index 3c93d70a58c..f2677908657 100644 --- a/app/views/two_factor_authentication/options/index.html.slim +++ b/app/views/two_factor_authentication/options/index.html.slim @@ -25,11 +25,10 @@ p.mt-tiny.mb3 = @presenter.info = f.button :submit, t('forms.buttons.continue') br -- if @presenter.should_display_account_reset_or_cancel_link? - - if current_user.decorate.identity_verified? && !FeatureManagement.disallow_ial2_recovery? - p = @presenter.reverify_link - - else - p = @presenter.account_reset_or_cancel_link +- if current_user.decorate.identity_verified? && !FeatureManagement.disallow_ial2_recovery? + p = @presenter.reverify_link +- else + p = @presenter.account_reset_or_cancel_link = render 'shared/cancel', link: destroy_user_session_path == javascript_pack_tag 'webauthn-unhide-signin' diff --git a/app/views/users/piv_cac_login/error.html.slim b/app/views/users/piv_cac_login/error.html.slim index 62180f583e5..da594c90abd 100644 --- a/app/views/users/piv_cac_login/error.html.slim +++ b/app/views/users/piv_cac_login/error.html.slim @@ -7,6 +7,7 @@ p.mt-tiny.mb3 = @presenter.description - link = account_path +/ TODO: This link will 404 if sign_up_or_idv_no_js_link is not nil - cancel = sign_up_or_idv_no_js_link || link .mt2.pt1.border-top = link_to t('forms.piv_cac_setup.choose_different_certificate'), diff --git a/config/application.yml.default b/config/application.yml.default index 7a3b69ea6d8..aec138e7098 100644 --- a/config/application.yml.default +++ b/config/application.yml.default @@ -40,7 +40,6 @@ aws_http_timeout: '5' cac_proofing_enabled: database_statement_timeout: '2500' disallow_ial2_recovery: -doc_auth_enabled: 'true' doc_capture_request_valid_for_minutes: '15' doc_auth_extend_timeout_by_minutes: '40' email_from: no-reply@login.gov @@ -155,7 +154,6 @@ development: disable_email_sending: disallow_all_web_crawlers: 'true' disallow_ial2_recovery: 'false' - doc_auth_exclusive: 'true' doc_capture_polling_enabled: 'true' domain_name: localhost:3000 email_deletion_enabled: 'true' @@ -260,7 +258,6 @@ production: disable_email_sending: 'false' disallow_all_web_crawlers: 'false' disallow_ial2_recovery: 'true' - doc_auth_exclusive: 'true' doc_capture_polling_enabled: 'true' domain_name: login.gov email_deletion_enabled: 'false' @@ -362,7 +359,6 @@ test: disable_email_sending: disallow_all_web_crawlers: 'true' disallow_ial2_recovery: 'false' - doc_auth_exclusive: 'false' doc_capture_polling_enabled: 'false' domain_name: www.example.com email_deletion_enabled: 'true' diff --git a/config/routes.rb b/config/routes.rb index e50f8999b16..e634058c126 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -270,13 +270,6 @@ put '/phone_confirmation' => 'otp_verification#update', as: :nil get '/review' => 'review#new' put '/review' => 'review#create' - if FeatureManagement.doc_auth_exclusive? - get '/session', to: redirect('/verify') - else - get '/session' => 'sessions#new' - put '/session' => 'sessions#create' - end - get '/session/success' => 'sessions#success' get '/session/errors/warning' => 'session_errors#warning' get '/session/errors/timeout' => 'session_errors#timeout' get '/session/errors/jobfail' => 'session_errors#jobfail' @@ -286,26 +279,22 @@ get '/session/errors/recovery_warning' => 'session_errors#recovery_warning' get '/session/errors/recovery_throttled' => 'session_errors#recovery_throttled' delete '/session' => 'sessions#destroy' - get '/jurisdiction' => 'jurisdiction#new' - post '/jurisdiction' => 'jurisdiction#create' get '/jurisdiction/failure/:reason' => 'jurisdiction#failure', as: :jurisdiction_failure get '/cancel/' => 'cancellations#new', as: :cancel delete '/cancel' => 'cancellations#destroy' get '/address' => 'address#new' post '/address' => 'address#update' - if FeatureManagement.doc_auth_enabled? - get '/doc_auth' => 'doc_auth#index' - get '/doc_auth/:step' => 'doc_auth#show', as: :doc_auth_step - put '/doc_auth/:step' => 'doc_auth#update' - get '/doc_auth/link_sent/poll' => 'doc_auth#doc_capture_poll' - get '/capture_doc' => 'capture_doc#index' - get '/capture_doc/:step' => 'capture_doc#show', as: :capture_doc_step - put '/capture_doc/:step' => 'capture_doc#update' - unless FeatureManagement.disallow_ial2_recovery? - get '/recovery' => 'recovery#index' - get '/recovery/:step' => 'recovery#show', as: :recovery_step - put '/recovery/:step' => 'recovery#update' - end + get '/doc_auth' => 'doc_auth#index' + get '/doc_auth/:step' => 'doc_auth#show', as: :doc_auth_step + put '/doc_auth/:step' => 'doc_auth#update' + get '/doc_auth/link_sent/poll' => 'doc_auth#doc_capture_poll' + get '/capture_doc' => 'capture_doc#index' + get '/capture_doc/:step' => 'capture_doc#show', as: :capture_doc_step + put '/capture_doc/:step' => 'capture_doc#update' + unless FeatureManagement.disallow_ial2_recovery? + get '/recovery' => 'recovery#index' + get '/recovery/:step' => 'recovery#show', as: :recovery_step + put '/recovery/:step' => 'recovery#update' end get '/in_person' => 'in_person#index' get '/in_person/:step' => 'in_person#show', as: :in_person_step diff --git a/lib/feature_management.rb b/lib/feature_management.rb index 1e076f26068..21b9b5c375e 100644 --- a/lib/feature_management.rb +++ b/lib/feature_management.rb @@ -90,14 +90,6 @@ def self.disallow_all_web_crawlers? Figaro.env.disallow_all_web_crawlers == 'true' end - def self.doc_auth_enabled? - Figaro.env.doc_auth_enabled == 'true' - end - - def self.doc_auth_exclusive? - Figaro.env.doc_auth_exclusive == 'true' - end - def self.disallow_ial2_recovery? Figaro.env.disallow_ial2_recovery == 'true' end diff --git a/spec/controllers/idv/capture_doc_controller_spec.rb b/spec/controllers/idv/capture_doc_controller_spec.rb index 581e25a0ce1..3b904551265 100644 --- a/spec/controllers/idv/capture_doc_controller_spec.rb +++ b/spec/controllers/idv/capture_doc_controller_spec.rb @@ -17,7 +17,6 @@ token = nil before do - enable_doc_auth stub_analytics allow(@analytics).to receive(:track_event) capture_doc = CaptureDoc::CreateRequest.call(user.id) diff --git a/spec/controllers/idv/doc_auth_controller_spec.rb b/spec/controllers/idv/doc_auth_controller_spec.rb index bd3f0093278..16d5435e56b 100644 --- a/spec/controllers/idv/doc_auth_controller_spec.rb +++ b/spec/controllers/idv/doc_auth_controller_spec.rb @@ -13,7 +13,6 @@ end before do |example| - enable_doc_auth stub_sign_in unless example.metadata[:skip_sign_in] stub_analytics allow(@analytics).to receive(:track_event) diff --git a/spec/controllers/idv/jurisdiction_controller_spec.rb b/spec/controllers/idv/jurisdiction_controller_spec.rb deleted file mode 100644 index 920085d6dd0..00000000000 --- a/spec/controllers/idv/jurisdiction_controller_spec.rb +++ /dev/null @@ -1,105 +0,0 @@ -require 'rails_helper' - -describe Idv::JurisdictionController do - describe 'before_actions' do - it 'includes authentication before_action' do - expect(subject).to have_actions( - :before, - :confirm_two_factor_authenticated, - :confirm_idv_attempts_allowed, - :confirm_idv_needed, - ) - end - end - - before do - stub_sign_in - stub_analytics - allow(@analytics).to receive(:track_event) - end - - let(:supported_jurisdiction) { 'WA' } - let(:unsupported_jurisdiction) { 'CA' } - - describe '#new' do - it 'tracks analytics' do - get :new - expect(@analytics).to have_received(:track_event).with( - Analytics::IDV_JURISDICTION_VISIT, - ) - end - - it 'renders the `new` template' do - get :new - expect(response).to render_template :new - end - end - - describe '#create' do - it 'tracks analytics' do - result = { success: true, errors: {} } - - post( - :create, - params: { - jurisdiction: { state: supported_jurisdiction, ial2_consent_given: true }, - }, - ) - - expect(@analytics).to have_received(:track_event).with( - Analytics::IDV_JURISDICTION_FORM, result - ) - end - - it 'puts the jurisdiction into the user session' do - post( - :create, - params: { - jurisdiction: { state: supported_jurisdiction, ial2_consent_given: true }, - }, - ) - - expect(controller.user_session[:idv][:selected_jurisdiction]).to eq(supported_jurisdiction) - end - - context 'with an unsupported jurisdiction' do - it 'redirects to the unsupported jurisdiction fail page' do - post( - :create, - params: { - jurisdiction: { state: unsupported_jurisdiction, ial2_consent_given: true }, - }, - ) - - expect(response).to redirect_to(idv_jurisdiction_failure_url(:unsupported_jurisdiction)) - end - end - - context 'when the form is valid' do - it 'redirects to the profile page' do - post( - :create, - params: { - jurisdiction: { state: supported_jurisdiction, ial2_consent_given: true }, - }, - ) - - expect(response).to redirect_to(idv_session_url) - end - end - end - - describe '#failure' do - let(:reason) { 'unsupported_jurisdiction' } - - before do - controller.user_session[:idv] = { selected_jurisdiction: supported_jurisdiction } - end - - it 'renders the `_failure` template' do - get :failure, params: { reason: reason } - - expect(response).to render_template('shared/_failure') - end - end -end diff --git a/spec/controllers/idv/recovery_controller_spec.rb b/spec/controllers/idv/recovery_controller_spec.rb index f76748ec694..f5aed410c35 100644 --- a/spec/controllers/idv/recovery_controller_spec.rb +++ b/spec/controllers/idv/recovery_controller_spec.rb @@ -13,7 +13,6 @@ end before do |example| - enable_doc_auth stub_sign_in unless example.metadata[:skip_sign_in] stub_analytics allow(@analytics).to receive(:track_event) diff --git a/spec/controllers/idv/sessions_controller_spec.rb b/spec/controllers/idv/sessions_controller_spec.rb deleted file mode 100644 index 248b54a3ea2..00000000000 --- a/spec/controllers/idv/sessions_controller_spec.rb +++ /dev/null @@ -1,190 +0,0 @@ -require 'rails_helper' - -describe Idv::SessionsController do - include IdvHelper - - let(:max_attempts) { idv_max_attempts } - let(:user) { create(:user, :signed_up, email: 'old_email@example.com') } - let(:user_attrs) do - { - first_name: 'Some', - last_name: 'One', - ssn: '666-66-1234', - dob: '19720329', - address1: '123 Main St', - address2: '', - city: 'Somewhere', - state: 'VA', - zipcode: '66044', - state_id_type: 'drivers_license', - state_id_number: '123456789', - } - end - let(:idv_session) do - Idv::Session.new(user_session: subject.user_session, current_user: user, issuer: nil) - end - - describe 'before_actions' do - it 'includes before_actions from AccountStateChecker' do - expect(subject).to have_actions( - :before, - :confirm_two_factor_authenticated, - :confirm_idv_attempts_allowed, - :confirm_idv_needed, - :confirm_step_needed, - ) - end - end - - before do - stub_sign_in(user) - allow(subject).to receive(:idv_session).and_return(idv_session) - stub_analytics - allow(@analytics).to receive(:track_event) - end - - describe '#new' do - it 'starts a new proofing session' do - get :new - - expect(response.status).to eq 200 - end - - context 'the user has already completed the step' do - it 'redirects to the success step' do - idv_session.profile_confirmation = true - idv_session.resolution_successful = true - - get :new - - expect(response).to redirect_to idv_session_success_path - end - end - - context 'max attempts exceeded' do - it 'redirects to fail' do - create_maxed_throttle - - get :new - - result = { - request_path: idv_session_path, - } - - expect(@analytics).to have_received(:track_event). - with(Analytics::IDV_MAX_ATTEMPTS_EXCEEDED, result) - expect(response).to redirect_to idv_session_errors_failure_url - end - end - end - - describe '#create' do - it 'assigns a UUID to the applicant' do - post :create, params: { profile: user_attrs } - - expect(subject.idv_session.applicant['uuid']).to eq subject.current_user.uuid - end - - it 'renders the forms if there are missing fields' do - partial_attrs = user_attrs.tap { |attrs| attrs.delete :first_name } - - result = { - success: false, - errors: { first_name: [t('errors.messages.blank')] }, - } - - expect(@analytics).to receive(:track_event). - with(Analytics::IDV_BASIC_INFO_SUBMITTED_FORM, result) - - expect { post :create, params: { profile: partial_attrs } }. - to_not change(user, :idv_attempts) - - expect(response).to render_template(:new) - expect(flash[:warning]).to be_nil - expect(idv_session.profile_confirmation).to be_falsy - expect(idv_session.resolution_successful).to be_falsy - end - - it 'redirects to the warning page and increments attempts when verification fails' do - user_attrs[:first_name] = 'Bad' - - context = { stages: [{ resolution: 'ResolutionMock' }] } - result = { - success: false, - idv_attempts_exceeded: false, - errors: { - first_name: ['Unverified first name.'], - }, - vendor: { messages: [], context: context, exception: nil, timed_out: false }, - } - - expect(@analytics).to receive(:track_event).ordered. - with(Analytics::IDV_BASIC_INFO_SUBMITTED_FORM, hash_including(success: true)) - expect(@analytics).to receive(:track_event).ordered. - with(Analytics::IDV_BASIC_INFO_SUBMITTED_VENDOR, result) - - post :create, params: { profile: user_attrs } - - expect(response).to redirect_to(idv_session_errors_warning_url) - expect(idv_session.profile_confirmation).to be_falsy - expect(idv_session.resolution_successful).to be_falsy - end - - it 'redirects to the success page when verification succeeds' do - context = { stages: [{ resolution: 'ResolutionMock' }, { state_id: 'StateIdMock' }] } - result = { - success: true, - idv_attempts_exceeded: false, - errors: {}, - vendor: { messages: [], context: context, exception: nil, timed_out: false }, - } - - expect(@analytics).to receive(:track_event).ordered. - with(Analytics::IDV_BASIC_INFO_SUBMITTED_FORM, hash_including(success: true)) - expect(@analytics).to receive(:track_event).ordered. - with(Analytics::IDV_BASIC_INFO_SUBMITTED_VENDOR, result) - - post :create, params: { profile: user_attrs } - - expect(response).to redirect_to(idv_session_success_url) - expect(idv_session.profile_confirmation).to eq(true) - expect(idv_session.resolution_successful).to eq(true) - end - - it 'redirects to the fail page when max attempts are exceeded' do - create_maxed_throttle - - post :create, params: { profile: user_attrs } - - result = { - request_path: idv_session_path, - } - - expect(@analytics).to have_received(:track_event). - with(Analytics::IDV_MAX_ATTEMPTS_EXCEEDED, result) - expect(response).to redirect_to idv_session_errors_failure_url - expect(idv_session.profile_confirmation).to be_falsy - expect(idv_session.resolution_successful).to be_falsy - end - end - - describe '#destroy' do - it 'tracks an analytics event' do - stub_analytics - - expect(@analytics).to receive(:track_event). - with(Analytics::IDV_VERIFICATION_ATTEMPT_CANCELLED) - - delete(:destroy) - end - end - - def create_maxed_throttle(attempted_at = Time.zone.now) - Throttle.create( - throttle_type: 5, - user_id: user.id, - attempts: 3, - attempted_at: attempted_at, - ) - end -end diff --git a/spec/controllers/idv_controller_spec.rb b/spec/controllers/idv_controller_spec.rb index 26402f79841..9ea937efef8 100644 --- a/spec/controllers/idv_controller_spec.rb +++ b/spec/controllers/idv_controller_spec.rb @@ -2,10 +2,6 @@ describe IdvController do describe '#index' do - before do - allow(FeatureManagement).to receive(:doc_auth_enabled?).and_return(false) - end - it 'tracks page visit' do stub_sign_in stub_analytics @@ -53,8 +49,6 @@ it 'redirects to doc auth if doc auth is enabled and exclusive' do stub_sign_in - allow(FeatureManagement).to receive(:doc_auth_enabled?).and_return(true) - allow(FeatureManagement).to receive(:doc_auth_exclusive?).and_return(true) get :index diff --git a/spec/features/idv/account_creation_spec.rb b/spec/features/idv/account_creation_spec.rb index 62e815c4737..58c1104349e 100644 --- a/spec/features/idv/account_creation_spec.rb +++ b/spec/features/idv/account_creation_spec.rb @@ -2,6 +2,7 @@ describe 'IAL2 account creation' do include IdvHelper + include DocAuthHelper include SamlAuthHelper include WebAuthnHelper diff --git a/spec/features/idv/actions/reset_action_spec.rb b/spec/features/idv/actions/reset_action_spec.rb index be9a49f4722..71ea80bb11a 100644 --- a/spec/features/idv/actions/reset_action_spec.rb +++ b/spec/features/idv/actions/reset_action_spec.rb @@ -5,7 +5,6 @@ include DocAuthHelper before do - enable_doc_auth sign_in_and_2fa_user complete_doc_auth_steps_before_upload_step end diff --git a/spec/features/idv/cac/choose_method_step_spec.rb b/spec/features/idv/cac/choose_method_step_spec.rb index 41d7d060e59..9ff417537f8 100644 --- a/spec/features/idv/cac/choose_method_step_spec.rb +++ b/spec/features/idv/cac/choose_method_step_spec.rb @@ -6,7 +6,6 @@ let(:user) { user_with_2fa } before do - enable_doc_auth enable_cac_proofing sign_in_and_2fa_user(user) complete_cac_proofing_steps_before_choose_method_step diff --git a/spec/features/idv/cac/welcome_step_spec.rb b/spec/features/idv/cac/welcome_step_spec.rb index a6459190a08..716f86ce2a9 100644 --- a/spec/features/idv/cac/welcome_step_spec.rb +++ b/spec/features/idv/cac/welcome_step_spec.rb @@ -6,7 +6,6 @@ let(:user) { user_with_2fa } before do - enable_doc_auth enable_cac_proofing sign_in_and_2fa_user(user) complete_cac_proofing_steps_before_welcome_step diff --git a/spec/features/idv/doc_auth/address_step_spec.rb b/spec/features/idv/doc_auth/address_step_spec.rb index ede855e033b..9b5bdbf8e17 100644 --- a/spec/features/idv/doc_auth/address_step_spec.rb +++ b/spec/features/idv/doc_auth/address_step_spec.rb @@ -5,7 +5,6 @@ include DocAuthHelper before do - enable_doc_auth sign_in_and_2fa_user complete_doc_auth_steps_before_address_step end diff --git a/spec/features/idv/doc_auth/back_image_step_spec.rb b/spec/features/idv/doc_auth/back_image_step_spec.rb index 45a49f6db2c..2f003418e46 100644 --- a/spec/features/idv/doc_auth/back_image_step_spec.rb +++ b/spec/features/idv/doc_auth/back_image_step_spec.rb @@ -10,7 +10,6 @@ before do setup_acuant_simulator(enabled: simulate) - enable_doc_auth sign_in_and_2fa_user(user) complete_doc_auth_steps_before_back_image_step mock_assure_id_ok diff --git a/spec/features/idv/doc_auth/cancel_spec.rb b/spec/features/idv/doc_auth/cancel_spec.rb index 1ad6451ced6..69abc0dc228 100644 --- a/spec/features/idv/doc_auth/cancel_spec.rb +++ b/spec/features/idv/doc_auth/cancel_spec.rb @@ -5,7 +5,6 @@ include DocAuthHelper before do - enable_doc_auth sign_in_and_2fa_user complete_doc_auth_steps_before_doc_success_step end diff --git a/spec/features/idv/doc_auth/doc_success_step_spec.rb b/spec/features/idv/doc_auth/doc_success_step_spec.rb index 42b57db8c42..4746a2eaa9a 100644 --- a/spec/features/idv/doc_auth/doc_success_step_spec.rb +++ b/spec/features/idv/doc_auth/doc_success_step_spec.rb @@ -5,7 +5,6 @@ include DocAuthHelper before do - enable_doc_auth sign_in_and_2fa_user complete_doc_auth_steps_before_doc_success_step end diff --git a/spec/features/idv/doc_auth/email_sent_step_spec.rb b/spec/features/idv/doc_auth/email_sent_step_spec.rb index 424618f1087..37c98810f79 100644 --- a/spec/features/idv/doc_auth/email_sent_step_spec.rb +++ b/spec/features/idv/doc_auth/email_sent_step_spec.rb @@ -5,7 +5,6 @@ include DocAuthHelper before do - enable_doc_auth sign_in_and_2fa_user complete_doc_auth_steps_before_email_sent_step end diff --git a/spec/features/idv/doc_auth/finished_spec.rb b/spec/features/idv/doc_auth/finished_spec.rb index 88d99e3e3ac..b80c1e17297 100644 --- a/spec/features/idv/doc_auth/finished_spec.rb +++ b/spec/features/idv/doc_auth/finished_spec.rb @@ -5,7 +5,6 @@ include DocAuthHelper before do - enable_doc_auth sign_in_and_2fa_user complete_all_doc_auth_steps end diff --git a/spec/features/idv/doc_auth/front_image_step_spec.rb b/spec/features/idv/doc_auth/front_image_step_spec.rb index 7ac34b87660..54ee45e5a69 100644 --- a/spec/features/idv/doc_auth/front_image_step_spec.rb +++ b/spec/features/idv/doc_auth/front_image_step_spec.rb @@ -10,7 +10,6 @@ let(:user) { user_with_2fa } before do setup_acuant_simulator(enabled: simulate) - enable_doc_auth sign_in_and_2fa_user(user) complete_doc_auth_steps_before_front_image_step mock_assure_id_ok diff --git a/spec/features/idv/doc_auth/link_sent_step_spec.rb b/spec/features/idv/doc_auth/link_sent_step_spec.rb index 609c3b9c22a..84df4c4389c 100644 --- a/spec/features/idv/doc_auth/link_sent_step_spec.rb +++ b/spec/features/idv/doc_auth/link_sent_step_spec.rb @@ -10,7 +10,6 @@ before do setup_acuant_simulator(enabled: simulate) - enable_doc_auth user complete_doc_auth_steps_before_link_sent_step mock_assure_id_ok diff --git a/spec/features/idv/doc_auth/mobile_back_image_step_spec.rb b/spec/features/idv/doc_auth/mobile_back_image_step_spec.rb index f5f067914a7..cd84acee550 100644 --- a/spec/features/idv/doc_auth/mobile_back_image_step_spec.rb +++ b/spec/features/idv/doc_auth/mobile_back_image_step_spec.rb @@ -7,7 +7,6 @@ before do setup_acuant_simulator(enabled: simulate) - enable_doc_auth sign_in_and_2fa_user complete_doc_auth_steps_before_mobile_back_image_step mock_assure_id_ok diff --git a/spec/features/idv/doc_auth/mobile_front_image_step_spec.rb b/spec/features/idv/doc_auth/mobile_front_image_step_spec.rb index 5dfa938c351..5eb226ae583 100644 --- a/spec/features/idv/doc_auth/mobile_front_image_step_spec.rb +++ b/spec/features/idv/doc_auth/mobile_front_image_step_spec.rb @@ -7,7 +7,6 @@ before do setup_acuant_simulator(enabled: simulate) - enable_doc_auth sign_in_and_2fa_user complete_doc_auth_steps_before_mobile_front_image_step mock_assure_id_ok diff --git a/spec/features/idv/doc_auth/send_link_step_spec.rb b/spec/features/idv/doc_auth/send_link_step_spec.rb index 89143fdfb1d..f42aef5f4f8 100644 --- a/spec/features/idv/doc_auth/send_link_step_spec.rb +++ b/spec/features/idv/doc_auth/send_link_step_spec.rb @@ -5,7 +5,6 @@ include DocAuthHelper before do - enable_doc_auth sign_in_and_2fa_user complete_doc_auth_steps_before_send_link_step end diff --git a/spec/features/idv/doc_auth/ssn_step_spec.rb b/spec/features/idv/doc_auth/ssn_step_spec.rb index f33b093a29d..541c93cb6d9 100644 --- a/spec/features/idv/doc_auth/ssn_step_spec.rb +++ b/spec/features/idv/doc_auth/ssn_step_spec.rb @@ -5,7 +5,6 @@ include DocAuthHelper before do - enable_doc_auth sign_in_and_2fa_user complete_doc_auth_steps_before_ssn_step end diff --git a/spec/features/idv/doc_auth/test_credentials_spec.rb b/spec/features/idv/doc_auth/test_credentials_spec.rb index 39507ddf290..9b69c17201e 100644 --- a/spec/features/idv/doc_auth/test_credentials_spec.rb +++ b/spec/features/idv/doc_auth/test_credentials_spec.rb @@ -8,7 +8,6 @@ before do setup_acuant_simulator(enabled: simulate) sign_in_and_2fa_user - enable_doc_auth end it 'proceeds to the next page after front_image with valid test credentials' do diff --git a/spec/features/idv/doc_auth/verify_step_spec.rb b/spec/features/idv/doc_auth/verify_step_spec.rb index c1342820b1b..d352febbda3 100644 --- a/spec/features/idv/doc_auth/verify_step_spec.rb +++ b/spec/features/idv/doc_auth/verify_step_spec.rb @@ -7,7 +7,6 @@ let(:max_attempts) { idv_max_attempts } before do - enable_doc_auth sign_in_and_2fa_user complete_doc_auth_steps_before_verify_step end diff --git a/spec/features/idv/doc_auth/welcome_step_spec.rb b/spec/features/idv/doc_auth/welcome_step_spec.rb index 1166403005b..ba78b615556 100644 --- a/spec/features/idv/doc_auth/welcome_step_spec.rb +++ b/spec/features/idv/doc_auth/welcome_step_spec.rb @@ -9,7 +9,6 @@ def expect_doc_auth_upload_step context 'button is disabled when JS is enabled', :js do before do - enable_doc_auth sign_in_and_2fa_user complete_doc_auth_steps_before_welcome_step end @@ -19,7 +18,6 @@ def expect_doc_auth_upload_step context 'button is clickable when JS is disabled' do before do - enable_doc_auth sign_in_and_2fa_user complete_doc_auth_steps_before_welcome_step end diff --git a/spec/features/idv/doc_capture/capture_complete_step_spec.rb b/spec/features/idv/doc_capture/capture_complete_step_spec.rb index 28b148441be..38ec6d517bc 100644 --- a/spec/features/idv/doc_capture/capture_complete_step_spec.rb +++ b/spec/features/idv/doc_capture/capture_complete_step_spec.rb @@ -6,7 +6,6 @@ include DocCaptureHelper before do - enable_doc_auth complete_doc_capture_steps_before_capture_complete_step end diff --git a/spec/features/idv/doc_capture/mobile_back_image_step_spec.rb b/spec/features/idv/doc_capture/mobile_back_image_step_spec.rb index f794b6e278a..cedce3aaf94 100644 --- a/spec/features/idv/doc_capture/mobile_back_image_step_spec.rb +++ b/spec/features/idv/doc_capture/mobile_back_image_step_spec.rb @@ -8,7 +8,6 @@ before do setup_acuant_simulator(enabled: simulate) - enable_doc_auth complete_doc_capture_steps_before_mobile_back_image_step mock_assure_id_ok end diff --git a/spec/features/idv/doc_capture/mobile_front_image_step_spec.rb b/spec/features/idv/doc_capture/mobile_front_image_step_spec.rb index 3b998178cc2..d5e2a4cdf03 100644 --- a/spec/features/idv/doc_capture/mobile_front_image_step_spec.rb +++ b/spec/features/idv/doc_capture/mobile_front_image_step_spec.rb @@ -9,7 +9,6 @@ token = nil before do setup_acuant_simulator(enabled: simulate) - enable_doc_auth token = complete_doc_capture_steps_before_mobile_front_image_step mock_assure_id_ok end diff --git a/spec/features/idv/phone_otp_rate_limiting_spec.rb b/spec/features/idv/phone_otp_rate_limiting_spec.rb index 3e369bd4d1f..3d068cdc649 100644 --- a/spec/features/idv/phone_otp_rate_limiting_spec.rb +++ b/spec/features/idv/phone_otp_rate_limiting_spec.rb @@ -99,7 +99,8 @@ def expect_rate_limit_circumvention_to_be_disallowed(user) end def expect_rate_limit_to_expire(user) - # Returning after session and lockout expires allows you to try again + Throttle.where(throttle_type: :idv_acuant).destroy_all + retry_minutes = Figaro.env.lockout_period_in_minutes.to_i + 1 Timecop.travel retry_minutes.minutes.from_now do start_idv_from_sp diff --git a/spec/features/idv/recovery/back_image_step_spec.rb b/spec/features/idv/recovery/back_image_step_spec.rb index 18c94ce6c79..7903fba37ed 100644 --- a/spec/features/idv/recovery/back_image_step_spec.rb +++ b/spec/features/idv/recovery/back_image_step_spec.rb @@ -16,7 +16,6 @@ select_user = example.metadata[:no_phone] ? user_no_phone : user setup_acuant_simulator(enabled: simulate) sign_in_before_2fa(user) - enable_doc_auth complete_recovery_steps_before_back_image_step(select_user) mock_assure_id_ok end diff --git a/spec/features/idv/recovery/front_image_step_spec.rb b/spec/features/idv/recovery/front_image_step_spec.rb index 7d0bb734a7b..367d5f9f5b1 100644 --- a/spec/features/idv/recovery/front_image_step_spec.rb +++ b/spec/features/idv/recovery/front_image_step_spec.rb @@ -12,7 +12,6 @@ before do setup_acuant_simulator(enabled: simulate) sign_in_before_2fa(user) - enable_doc_auth complete_recovery_steps_before_front_image_step(user) mock_assure_id_ok end diff --git a/spec/features/idv/recovery/overview_step_spec.rb b/spec/features/idv/recovery/overview_step_spec.rb index 68a23326d63..9b57bb30bbb 100644 --- a/spec/features/idv/recovery/overview_step_spec.rb +++ b/spec/features/idv/recovery/overview_step_spec.rb @@ -16,7 +16,6 @@ def expect_doc_auth_upload_step context 'button is disabled when JS is enabled', :js do before do sign_in_before_2fa(user) - enable_doc_auth mock_assure_id_ok complete_recovery_steps_before_overview_step(user) end @@ -27,7 +26,6 @@ def expect_doc_auth_upload_step context 'button is clickable when JS is disabled' do before do sign_in_before_2fa(user) - enable_doc_auth mock_assure_id_ok complete_recovery_steps_before_overview_step(user) end diff --git a/spec/features/idv/recovery/recover_fail_step_spec.rb b/spec/features/idv/recovery/recover_fail_step_spec.rb index c37a071e2fd..11ed0e69db7 100644 --- a/spec/features/idv/recovery/recover_fail_step_spec.rb +++ b/spec/features/idv/recovery/recover_fail_step_spec.rb @@ -12,7 +12,6 @@ before do sign_in_before_2fa(user) - enable_doc_auth mock_assure_id_ok allow_any_instance_of(Idv::Steps::RecoverVerifyStep).to receive(:saved_pii). and_return(bad_pii.to_json) diff --git a/spec/features/idv/recovery/recover_step_spec.rb b/spec/features/idv/recovery/recover_step_spec.rb index 291fad182af..2babf0f8020 100644 --- a/spec/features/idv/recovery/recover_step_spec.rb +++ b/spec/features/idv/recovery/recover_step_spec.rb @@ -12,7 +12,6 @@ before do setup_acuant_simulator(enabled: simulate) - enable_doc_auth sign_in_before_2fa(user) token = complete_recovery_steps_before_recover_step(user) mock_assure_id_ok diff --git a/spec/features/idv/recovery/ssn_step_spec.rb b/spec/features/idv/recovery/ssn_step_spec.rb index a35cd86113d..b2ba5ff7f9d 100644 --- a/spec/features/idv/recovery/ssn_step_spec.rb +++ b/spec/features/idv/recovery/ssn_step_spec.rb @@ -10,7 +10,6 @@ before do sign_in_before_2fa(user) - enable_doc_auth complete_recovery_steps_before_ssn_step(user) mock_assure_id_ok end diff --git a/spec/features/idv/recovery/upload_step_spec.rb b/spec/features/idv/recovery/upload_step_spec.rb index 1a1dc195753..d425cd93b2a 100644 --- a/spec/features/idv/recovery/upload_step_spec.rb +++ b/spec/features/idv/recovery/upload_step_spec.rb @@ -9,7 +9,6 @@ let(:profile) { build(:profile, :active, :verified, user: user, pii: { ssn: '1234' }) } before do - enable_doc_auth sign_in_before_2fa(user) complete_recovery_steps_before_upload_step(user) end diff --git a/spec/features/idv/recovery/verify_step_spec.rb b/spec/features/idv/recovery/verify_step_spec.rb index fe67dd47bde..78441b5f82a 100644 --- a/spec/features/idv/recovery/verify_step_spec.rb +++ b/spec/features/idv/recovery/verify_step_spec.rb @@ -13,7 +13,6 @@ before do profile sign_in_before_2fa(user) - enable_doc_auth mock_assure_id_ok end diff --git a/spec/features/idv/steps/jurisdiction_step_spec.rb b/spec/features/idv/steps/jurisdiction_step_spec.rb deleted file mode 100644 index f8a51ad374b..00000000000 --- a/spec/features/idv/steps/jurisdiction_step_spec.rb +++ /dev/null @@ -1,71 +0,0 @@ -require 'rails_helper' - -feature 'idv jurisdiction step' do - include IdvStepHelper - - context 'when on the jurisdiction page' do - before do - start_idv_from_sp - complete_idv_steps_before_jurisdiction_step - end - - it 'is on the correct page' do - expect(page).to have_current_path(idv_jurisdiction_path) - expect(page).to have_content(t('idv.messages.jurisdiction.why')) - end - - context 'and selecting a supported jurisdiction' do - it 'allows the user to continue to the profile step' do - select 'Virginia', from: 'jurisdiction_state' - page.find('#jurisdiction_ial2_consent_given').click - click_idv_continue - - expect(page).to have_current_path(idv_session_path) - expect(page).to have_content(t('idv.titles.sessions')) - end - end - - context 'and selecting an unsupported jurisdiction' do - it 'fails the user' do - select 'Alabama', from: 'jurisdiction_state' - page.find('#jurisdiction_ial2_consent_given').click - click_idv_continue - - expect(page). - to have_current_path(idv_jurisdiction_failure_path(reason: :unsupported_jurisdiction)) - expect(page).to have_content(t('idv.titles.unsupported_jurisdiction', state: 'Alabama')) - end - end - - context 'when the user does not have a state-issued ID' do - it 'renders the `no_id` fail page' do - click_on t('idv.messages.jurisdiction.no_id') - - expect(page).to have_current_path(idv_jurisdiction_failure_path(reason: :no_id)) - expect(page).to have_content(t('idv.titles.no_id')) - end - end - - describe 'data sharing consent' do - it 'requires the user to consent to advance' do - select 'Virginia', from: 'jurisdiction_state' - click_idv_continue - - expect(page).to have_current_path(idv_jurisdiction_path) - expect(page).to have_content(t('errors.doc_auth.consent_form')) - - page.find('#jurisdiction_ial2_consent_given').click - click_idv_continue - - expect(page).to have_current_path(idv_session_path) - expect(page).to_not have_content(t('errors.doc_auth.consent_form')) - end - end - end - - context 'cancelling idv' do - it_behaves_like 'cancel at idv step', :jurisdiction - it_behaves_like 'cancel at idv step', :jurisdiction, :oidc - it_behaves_like 'cancel at idv step', :jurisdiction, :saml - end -end diff --git a/spec/features/idv/steps/profile_step_spec.rb b/spec/features/idv/steps/profile_step_spec.rb deleted file mode 100644 index ef76d534093..00000000000 --- a/spec/features/idv/steps/profile_step_spec.rb +++ /dev/null @@ -1,97 +0,0 @@ -require 'rails_helper' - -feature 'idv profile step' do - include IdvStepHelper - - context 'with valid information' do - before do - start_idv_from_sp - end - - it 'populates the state from the jurisdiction selection' do - complete_idv_steps_before_jurisdiction_step - - abbrev = 'WA' - state = 'Washington' - select state, from: 'jurisdiction_state' - page.find('label[for=jurisdiction_ial2_consent_given]').click - click_idv_continue - - expect(page).to have_selector("option[selected='selected'][value='#{abbrev}']") - end - - it 'requires the user to complete to continue to the address step and is not re-entrant' do - complete_idv_steps_before_profile_step - - # Try to skip ahead to phone step - visit idv_phone_path - - # Get redirected to the profile step - expect(page).to have_current_path(idv_session_path) - - # Complete the idv form - fill_out_idv_form_ok - click_idv_continue - - # Expect to be on the success step - expect(page).to have_content(t('idv.titles.session.success')) - expect(page).to have_current_path(idv_session_success_path) - - # Attempt to go back to profile step - visit idv_session_path - - # Get redirected to the success step - expect(page).to have_content(t('idv.titles.session.success')) - expect(page).to have_current_path(idv_session_success_path) - - # Then continue to the phone step - click_idv_continue - - expect(page).to have_content(t('idv.titles.session.phone')) - expect(page).to have_current_path(idv_phone_path) - end - end - - context "when the user's information cannot be verified" do - it_behaves_like 'fail to verify idv info', :profile - - context 'after the warning modal is dismissed' do - let(:state) { 'Washington' } - let(:abbrev) { 'WA' } - - before do - start_idv_from_sp - complete_idv_steps_before_profile_step - fill_out_idv_form_fail(state: state) - click_continue - click_on t('idv.failure.button.warning') - end - - it 'populates the state from the form' do - expect(page).to have_selector("option[selected='selected'][value='#{abbrev}']") - end - end - end - - context 'cancelling IdV' do - it_behaves_like 'cancel at idv step', :profile - it_behaves_like 'cancel at idv step', :profile, :oidc - it_behaves_like 'cancel at idv step', :profile, :saml - end - - context 'cancelling IdV after profile success' do - it_behaves_like 'cancel at idv step', :profile_success - it_behaves_like 'cancel at idv step', :profile_success, :oidc - it_behaves_like 'cancel at idv step', :profile_success, :saml - end - - context 'when the IdV background job fails' do - it_behaves_like 'failed idv job', :profile - end - - context 'after the max number of attempts' do - it_behaves_like 'verification step max attempts', :profile - it_behaves_like 'verification step max attempts', :profile, :oidc - it_behaves_like 'verification step max attempts', :profile, :saml - end -end diff --git a/spec/features/sp_cost_tracking_spec.rb b/spec/features/sp_cost_tracking_spec.rb index 83b8b1203bd..ef73a9bc958 100644 --- a/spec/features/sp_cost_tracking_spec.rb +++ b/spec/features/sp_cost_tracking_spec.rb @@ -7,10 +7,6 @@ include DocAuthHelper include IdvFromSpHelper - before do - enable_doc_auth - end - let(:issuer) { 'urn:gov:gsa:openidconnect:sp:server' } let(:agency_id) { 2 } let(:email) { 'test@test.com' } diff --git a/spec/features/users/sign_in_spec.rb b/spec/features/users/sign_in_spec.rb index a882b514353..b4153ae1799 100644 --- a/spec/features/users/sign_in_spec.rb +++ b/spec/features/users/sign_in_spec.rb @@ -839,7 +839,6 @@ context 'ial2 param on sign up screen' do before do - enable_doc_auth visit root_path(ial: 2) end diff --git a/spec/lib/feature_management_spec.rb b/spec/lib/feature_management_spec.rb index 9f1e47b717a..95e5705a31d 100644 --- a/spec/lib/feature_management_spec.rb +++ b/spec/lib/feature_management_spec.rb @@ -312,34 +312,6 @@ end end - describe '#doc_auth_enabled?' do - it 'returns true when Figaro setting is true' do - allow(Figaro.env).to receive(:doc_auth_enabled) { 'true' } - - expect(FeatureManagement.doc_auth_enabled?).to eq(true) - end - - it 'returns false when Figaro setting is false' do - allow(Figaro.env).to receive(:doc_auth_enabled) { 'false' } - - expect(FeatureManagement.doc_auth_enabled?).to eq(false) - end - end - - describe '#doc_auth_exclusive?' do - it 'returns true when Figaro setting is true' do - allow(Figaro.env).to receive(:doc_auth_exclusive) { 'true' } - - expect(FeatureManagement.doc_auth_exclusive?).to eq(true) - end - - it 'returns false when Figaro setting is false' do - allow(Figaro.env).to receive(:doc_auth_exclusive) { 'false' } - - expect(FeatureManagement.doc_auth_exclusive?).to eq(false) - end - end - describe '#disallow_ial2_recovery?' do it 'returns true when Figaro setting is true' do allow(Figaro.env).to receive(:disallow_ial2_recovery) { 'true' } diff --git a/spec/support/features/doc_auth_helper.rb b/spec/support/features/doc_auth_helper.rb index 5ec1dabbcaa..2946a7e33a2 100644 --- a/spec/support/features/doc_auth_helper.rb +++ b/spec/support/features/doc_auth_helper.rb @@ -118,6 +118,7 @@ def complete_doc_auth_steps_before_welcome_step def complete_doc_auth_steps_before_upload_step visit idv_doc_auth_welcome_step unless current_path == idv_doc_auth_welcome_step + binding.pry find('label', text: t('doc_auth.instructions.consent')).click click_on t('doc_auth.buttons.continue') end @@ -222,11 +223,6 @@ def mock_assure_id_fail and_return([false, '']) end - def enable_doc_auth - allow(FeatureManagement).to receive(:doc_auth_enabled?).and_return(true) - allow(FeatureManagement).to receive(:doc_auth_exclusive?).and_return(true) - end - def setup_acuant_simulator(enabled:) allow(Figaro.env).to receive(:acuant_simulator).and_return(enabled ? 'true' : 'false') end diff --git a/spec/support/features/idv_helper.rb b/spec/support/features/idv_helper.rb index 1a77d98e1d6..7c0834a1110 100644 --- a/spec/support/features/idv_helper.rb +++ b/spec/support/features/idv_helper.rb @@ -15,38 +15,6 @@ def user_password Features::SessionHelper::VALID_PASSWORD end - def fill_out_idv_form_ok - fill_in 'profile_first_name', with: 'José' - fill_in 'profile_last_name', with: 'One' - fill_in 'profile_address1', with: '123 Main St' - fill_in 'profile_city', with: 'Nowhere' - select 'Virginia', from: 'profile_state' - fill_in 'profile_zipcode', with: '66044' - fill_in 'profile_dob', with: '01/02/1980' - fill_in 'profile_ssn', with: '666-66-1234' - find("label[for='profile_state_id_type_drivers_permit']").click - fill_in 'profile_state_id_number', with: '123456789' - end - - def fill_out_idv_form_fail(state: 'Virginia') - fill_in 'profile_first_name', with: 'Bad' - fill_in 'profile_last_name', with: 'User' - fill_in 'profile_address1', with: '123 Main St' - fill_in 'profile_city', with: 'Nowhere' - select state, from: 'profile_state' - fill_in 'profile_zipcode', with: '00000' - fill_in 'profile_dob', with: '01/02/1900' - fill_in 'profile_ssn', with: '666-66-6666' - find("label[for='profile_state_id_type_drivers_permit']").click - fill_in 'profile_state_id_number', with: '123456789' - end - - def fill_out_idv_jurisdiction_ok - select 'Washington', from: 'jurisdiction_state' - page.find('label[for=jurisdiction_ial2_consent_given]').click - expect(page).to have_no_content t('idv.errors.unsupported_jurisdiction') - end - def fill_out_phone_form_ok(phone = '415-555-0199') fill_in :idv_phone_form_phone, with: phone end @@ -75,15 +43,6 @@ def choose_idv_otp_delivery_method_voice click_on t('idv.buttons.send_confirmation_code') end - def complete_idv_profile_ok(_user, password = user_password) - fill_out_idv_form_ok - click_idv_continue - click_idv_continue - click_idv_continue - fill_in 'Password', with: password - click_continue - end - def visit_idp_from_sp_with_ial2(sp) if sp == :saml settings = ial2_with_bundle_saml_settings diff --git a/spec/support/features/idv_step_helper.rb b/spec/support/features/idv_step_helper.rb index 31ca6e2f3c1..0c52b7ff755 100644 --- a/spec/support/features/idv_step_helper.rb +++ b/spec/support/features/idv_step_helper.rb @@ -4,6 +4,7 @@ def self.included(base) include IdvHelper include JavascriptDriverHelper include SamlAuthHelper + include DocAuthHelper end end @@ -15,35 +16,9 @@ def start_idv_from_sp(sp = :oidc) end end - def complete_idv_steps_before_jurisdiction_step(user = user_with_2fa) - sign_in_and_2fa_user(user) - visit idv_jurisdiction_path unless current_path == idv_jurisdiction_path - end - - def complete_idv_steps_before_profile_step(user = user_with_2fa) - complete_idv_steps_before_jurisdiction_step(user) - select 'Virginia', from: 'jurisdiction_state' - page.find('label[for=jurisdiction_ial2_consent_given]').click - click_idv_continue - end - - def complete_idv_steps_before_profile_success_step(user = user_with_2fa) - complete_idv_steps_before_profile_step(user) - fill_out_idv_form_ok - click_idv_continue - end - - def complete_idv_steps_before_address_step(user = user_with_2fa) - complete_idv_steps_before_profile_success_step(user) - click_idv_continue - end - def complete_idv_steps_before_phone_step(user = user_with_2fa) - complete_idv_steps_before_profile_step(user) - - fill_out_idv_form_ok - click_idv_continue - click_idv_continue + sign_in_and_2fa_user(user) + complete_all_doc_auth_steps end def complete_idv_steps_before_usps_step(user = user_with_2fa) diff --git a/spec/support/idv_examples/cancel_at_idv_step.rb b/spec/support/idv_examples/cancel_at_idv_step.rb index 9c44528153e..f8bb44a784f 100644 --- a/spec/support/idv_examples/cancel_at_idv_step.rb +++ b/spec/support/idv_examples/cancel_at_idv_step.rb @@ -44,7 +44,7 @@ # After visiting /verify, expect to redirect to the jurisdiction step, # the first step in the IdV flow visit idv_path - expect(current_path).to eq(idv_jurisdiction_path) + expect(current_path).to eq(doc_auth_step_path(:welcome)) end end @@ -65,7 +65,7 @@ # After visiting /verify, expect to redirect to the jurisdiction step, # the first step in the IdV flow visit idv_path - expect(current_path).to eq(idv_jurisdiction_path) + expect(current_path).to eq(doc_auth_step_path(:welcome)) end end end diff --git a/spec/support/idv_examples/clearing_and_restarting.rb b/spec/support/idv_examples/clearing_and_restarting.rb index 5630183cb52..4a36e932b39 100644 --- a/spec/support/idv_examples/clearing_and_restarting.rb +++ b/spec/support/idv_examples/clearing_and_restarting.rb @@ -4,12 +4,7 @@ expect(user.reload.decorate.pending_profile?).to eq(false) - fill_out_idv_jurisdiction_ok - click_idv_continue - fill_out_idv_form_ok - fill_in 'profile_address1', with: '8484 Peachtree St' - click_idv_continue - click_idv_continue + complete_all_doc_auth_steps click_idv_continue fill_in 'Password', with: user.password click_idv_continue @@ -24,12 +19,7 @@ expect(user.reload.decorate.pending_profile?).to eq(false) - fill_out_idv_jurisdiction_ok - click_idv_continue - fill_out_idv_form_ok - fill_in 'profile_address1', with: '8484 Peachtree St' - click_idv_continue - click_idv_continue + complete_all_doc_auth_steps click_on t('idv.form.activate_by_mail') if page.has_button?(t('idv.buttons.mail.send')) click_on t('idv.buttons.mail.send') @@ -46,7 +36,7 @@ expect(page).to have_current_path(idv_come_back_later_path) expect(user.reload.decorate.identity_verified?).to eq(false) expect(user.decorate.pending_profile?).to eq(true) - expect(usps_confirmation.entry[:address1]).to eq('8484 Peachtree St') + expect(usps_confirmation.entry[:address1]).to eq('1 Street') end it 'deletes decrypted PII from the session and does not display it on the account page' do diff --git a/spec/support/idv_examples/sp_requested_attributes.rb b/spec/support/idv_examples/sp_requested_attributes.rb index 6b4e9c2c582..906e16f11ed 100644 --- a/spec/support/idv_examples/sp_requested_attributes.rb +++ b/spec/support/idv_examples/sp_requested_attributes.rb @@ -1,6 +1,6 @@ shared_examples 'sp requesting attributes' do |sp| include SamlAuthHelper - include IdvHelper + include IdvStepHelper let(:user) { user_with_2fa } let(:good_ssn) { '666-66-1234' } @@ -14,11 +14,9 @@ fill_in_code_with_last_phone_otp click_submit_default - expect(current_path).to eq idv_jurisdiction_path + expect(current_path).to eq idv_doc_auth_step_path(step: :welcome) - fill_out_idv_jurisdiction_ok - click_idv_continue - complete_idv_profile_ok(user) + complete_idv_steps_with_phone_before_confirmation_step(user) click_acknowledge_personal_key expect(current_path).to eq(sign_up_completed_path) @@ -45,9 +43,7 @@ uncheck(t('forms.messages.remember_device')) fill_in_code_with_last_phone_otp click_submit_default - fill_out_idv_jurisdiction_ok - click_idv_continue - complete_idv_profile_ok(user) + complete_idv_steps_with_phone_before_confirmation_step(user) click_acknowledge_personal_key click_agree_and_continue visit account_path diff --git a/spec/support/shared_examples/account_creation.rb b/spec/support/shared_examples/account_creation.rb index b9bf1b727c8..66b96bc280a 100644 --- a/spec/support/shared_examples/account_creation.rb +++ b/spec/support/shared_examples/account_creation.rb @@ -45,11 +45,8 @@ it 'does not prompt for recovery code before IdV flow', email: true, idv_job: true do visit_idp_from_sp_with_ial2(sp) register_user_with_authenticator_app - fill_out_idv_jurisdiction_ok - click_idv_continue - fill_out_idv_form_ok - click_idv_continue - click_idv_continue + expect(page).to have_current_path(idv_doc_auth_step_path(step: :welcome)) + complete_all_doc_auth_steps fill_out_phone_form_ok click_idv_continue choose_idv_otp_delivery_method_sms @@ -104,11 +101,8 @@ select_2fa_option('webauthn') fill_in_nickname_and_click_continue mock_press_button_on_hardware_key_on_setup - fill_out_idv_jurisdiction_ok - click_idv_continue - fill_out_idv_form_ok - click_idv_continue - click_idv_continue + expect(page).to have_current_path(idv_doc_auth_step_path(step: :welcome)) + complete_all_doc_auth_steps fill_out_phone_form_ok click_idv_continue choose_idv_otp_delivery_method_sms From 1aeb8d434c4fa351a3acf6f3e2a4fdb8b0bf709b Mon Sep 17 00:00:00 2001 From: Jonathan Hooper Date: Tue, 31 Mar 2020 14:40:37 -0400 Subject: [PATCH 02/11] cleanup sp requested attributes spec --- spec/support/features/doc_auth_helper.rb | 1 - .../idv_examples/sp_requested_attributes.rb | 16 +++++++++++++--- 2 files changed, 13 insertions(+), 4 deletions(-) diff --git a/spec/support/features/doc_auth_helper.rb b/spec/support/features/doc_auth_helper.rb index 2946a7e33a2..c09a0ac4b1a 100644 --- a/spec/support/features/doc_auth_helper.rb +++ b/spec/support/features/doc_auth_helper.rb @@ -118,7 +118,6 @@ def complete_doc_auth_steps_before_welcome_step def complete_doc_auth_steps_before_upload_step visit idv_doc_auth_welcome_step unless current_path == idv_doc_auth_welcome_step - binding.pry find('label', text: t('doc_auth.instructions.consent')).click click_on t('doc_auth.buttons.continue') end diff --git a/spec/support/idv_examples/sp_requested_attributes.rb b/spec/support/idv_examples/sp_requested_attributes.rb index 906e16f11ed..aebdb8e3b15 100644 --- a/spec/support/idv_examples/sp_requested_attributes.rb +++ b/spec/support/idv_examples/sp_requested_attributes.rb @@ -16,7 +16,12 @@ expect(current_path).to eq idv_doc_auth_step_path(step: :welcome) - complete_idv_steps_with_phone_before_confirmation_step(user) + complete_all_doc_auth_steps + click_idv_continue + click_idv_continue + click_idv_continue + fill_in 'Password', with: user.password + click_continue click_acknowledge_personal_key expect(current_path).to eq(sign_up_completed_path) @@ -27,7 +32,7 @@ expect(page).to_not have_content t('help_text.requested_attributes.address') expect(page).to_not have_content t('help_text.requested_attributes.birthdate') expect(page).to have_content t('help_text.requested_attributes.full_name') - expect(page).to have_content 'José One' + expect(page).to have_content 'Jane Doe' expect(page).to have_content t('help_text.requested_attributes.phone') expect(page).to have_content '+1 202-555-1212' expect(page).to have_content t('help_text.requested_attributes.social_security_number') @@ -43,7 +48,12 @@ uncheck(t('forms.messages.remember_device')) fill_in_code_with_last_phone_otp click_submit_default - complete_idv_steps_with_phone_before_confirmation_step(user) + complete_all_doc_auth_steps + click_idv_continue + click_idv_continue + click_idv_continue + fill_in 'Password', with: user.password + click_continue click_acknowledge_personal_key click_agree_and_continue visit account_path From ab72e7bb1eaa92062d02f0410c567527ec7fe6be Mon Sep 17 00:00:00 2001 From: Jonathan Hooper Date: Tue, 31 Mar 2020 14:55:58 -0400 Subject: [PATCH 03/11] fix ial2 saml spec --- .../{ial3_sso_spec.rb => ial2_sso_spec.rb} | 24 ++++++------------- .../idv_examples/cancel_at_idv_step.rb | 4 ++-- 2 files changed, 9 insertions(+), 19 deletions(-) rename spec/features/saml/{ial3_sso_spec.rb => ial2_sso_spec.rb} (91%) diff --git a/spec/features/saml/ial3_sso_spec.rb b/spec/features/saml/ial2_sso_spec.rb similarity index 91% rename from spec/features/saml/ial3_sso_spec.rb rename to spec/features/saml/ial2_sso_spec.rb index 19bd2d2c626..1d5877b4641 100644 --- a/spec/features/saml/ial3_sso_spec.rb +++ b/spec/features/saml/ial2_sso_spec.rb @@ -2,7 +2,7 @@ feature 'IAL2 Single Sign On' do include SamlAuthHelper - include IdvHelper + include IdvStepHelper include DocAuthHelper def perform_id_verification_with_usps_without_confirming_code(user) @@ -12,11 +12,7 @@ def perform_id_verification_with_usps_without_confirming_code(user) uncheck(t('forms.messages.remember_device')) fill_in_code_with_last_phone_otp click_submit_default - fill_out_idv_jurisdiction_ok - click_idv_continue - fill_out_idv_form_ok - click_idv_continue - click_idv_continue + complete_all_doc_auth_steps click_on t('idv.form.activate_by_mail') click_on t('idv.buttons.mail.send') fill_in :user_password, with: user.password @@ -171,7 +167,7 @@ def sign_out_user fill_out_address_form_resolution_fail click_on t('idv.buttons.mail.resend') expect(current_path).to eq idv_usps_path - expect(page).to have_content(strip_tags(t('idv.failure.sessions.fail'))) + expect(page).to have_content(strip_tags(t('idv.failure.sessions.heading'))) end end end @@ -183,19 +179,13 @@ def sign_out_user visit saml_authn_request sign_in_live_with_2fa(user) - fill_out_idv_jurisdiction_ok - click_idv_continue - fill_out_idv_form_ok - click_idv_continue + complete_all_doc_auth_steps click_on t('links.cancel') click_on t('forms.buttons.cancel') visit saml_authn_request - fill_out_idv_jurisdiction_ok - click_idv_continue - fill_out_idv_form_ok - click_idv_continue + complete_all_doc_auth_steps - expect(current_path).to eq idv_session_success_path + expect(current_path).to eq idv_phone_path end end end @@ -207,7 +197,7 @@ def sign_out_user visit ial2_authnrequest visit sign_up_completed_path - expect(current_path).to eq idv_jurisdiction_path + expect(current_path).to eq idv_doc_auth_step_path(step: :welcome) end end end diff --git a/spec/support/idv_examples/cancel_at_idv_step.rb b/spec/support/idv_examples/cancel_at_idv_step.rb index f8bb44a784f..53da86aec94 100644 --- a/spec/support/idv_examples/cancel_at_idv_step.rb +++ b/spec/support/idv_examples/cancel_at_idv_step.rb @@ -44,7 +44,7 @@ # After visiting /verify, expect to redirect to the jurisdiction step, # the first step in the IdV flow visit idv_path - expect(current_path).to eq(doc_auth_step_path(:welcome)) + expect(current_path).to eq(doc_auth_step_path(step: :welcome)) end end @@ -65,7 +65,7 @@ # After visiting /verify, expect to redirect to the jurisdiction step, # the first step in the IdV flow visit idv_path - expect(current_path).to eq(doc_auth_step_path(:welcome)) + expect(current_path).to eq(doc_auth_step_path(step: :welcome)) end end end From 6134c82fa0a766b0f516f334b28b460d9ae79ac5 Mon Sep 17 00:00:00 2001 From: Jonathan Hooper Date: Tue, 31 Mar 2020 17:07:21 -0400 Subject: [PATCH 04/11] fix tests --- spec/features/accessibility/idv_pages_spec.rb | 21 ++-- spec/features/idv/sp_handoff_spec.rb | 2 +- spec/features/idv/state_id_data_spec.rb | 95 ------------------- .../idv_examples/cancel_at_idv_step.rb | 4 +- spec/support/idv_examples/sp_handoff.rb | 38 ++++---- spec/support/sp_auth_helper.rb | 6 +- 6 files changed, 32 insertions(+), 134 deletions(-) delete mode 100644 spec/features/idv/state_id_data_spec.rb diff --git a/spec/features/accessibility/idv_pages_spec.rb b/spec/features/accessibility/idv_pages_spec.rb index 1d2cbb3f544..6c207acd1ab 100644 --- a/spec/features/accessibility/idv_pages_spec.rb +++ b/spec/features/accessibility/idv_pages_spec.rb @@ -3,7 +3,7 @@ feature 'Accessibility on IDV pages', :js do describe 'IDV pages' do - include IdvHelper + include IdvStepHelper scenario 'home page' do sign_in_and_2fa_user @@ -33,10 +33,8 @@ scenario 'phone info' do sign_in_and_2fa_user - visit idv_session_path - fill_out_idv_form_ok - click_idv_continue - click_idv_continue + visit idv_path + complete_all_doc_auth_steps expect(current_path).to eq idv_phone_path expect(page).to be_accessible @@ -44,11 +42,9 @@ scenario 'review page' do sign_in_and_2fa_user - visit idv_session_path - fill_out_idv_form_ok - click_idv_continue - click_idv_continue - click_button t('forms.buttons.continue') + visit idv_path + complete_all_doc_auth_steps + click_continue expect(current_path).to eq idv_review_path expect(page).to be_accessible @@ -56,9 +52,8 @@ scenario 'personal key / confirmation page' do sign_in_and_2fa_user - visit idv_session_path - fill_out_idv_form_ok - click_idv_continue + visit idv_path + complete_all_doc_auth_steps click_idv_continue click_idv_continue fill_in :user_password, with: Features::SessionHelper::VALID_PASSWORD diff --git a/spec/features/idv/sp_handoff_spec.rb b/spec/features/idv/sp_handoff_spec.rb index 62ed8302980..ebb702737ca 100644 --- a/spec/features/idv/sp_handoff_spec.rb +++ b/spec/features/idv/sp_handoff_spec.rb @@ -2,7 +2,7 @@ feature 'IdV SP handoff', :email do include SamlAuthHelper - include IdvHelper + include IdvStepHelper context 'with oidc' do it_behaves_like 'sp handoff after identity verification', :oidc diff --git a/spec/features/idv/state_id_data_spec.rb b/spec/features/idv/state_id_data_spec.rb deleted file mode 100644 index 85a81732200..00000000000 --- a/spec/features/idv/state_id_data_spec.rb +++ /dev/null @@ -1,95 +0,0 @@ -require 'rails_helper' - -feature 'idv state id data entry' do - include IdvStepHelper - - let(:locale) { LinkLocaleResolver.locale } - - before do - start_idv_from_sp - complete_idv_steps_before_profile_step - fill_out_idv_form_ok - end - - it 'renders an error for unverifiable state id number', :email do - fill_in :profile_state_id_number, with: '000000000' - click_idv_continue - - expect(page).to have_content t('idv.failure.sessions.warning') - expect(current_path).to eq(idv_session_errors_warning_path(locale: locale)) - end - - it 'renders an error for blank state id number and does not attempt to proof', :email do - expect(Idv::Proofer).to_not receive(:get_vendor) - - fill_in :profile_state_id_number, with: '' - click_idv_continue - - expect(page).to have_content t('errors.messages.blank') - expect(current_path).to eq(idv_session_path) - end - - it 'renders an error for unsupported jurisdiction and does not submit a job', :email do - expect(Idv::Proofer).to_not receive(:get_vendor) - - select 'Alabama', from: 'profile_state' - click_idv_continue - - expect(page).to have_content t('idv.errors.unsupported_jurisdiction') - expect(current_path).to eq(idv_session_path) - end - - it 'renders an error for a state id that is too long and does not submit a job', :email do - expect(Idv::Proofer).to_not receive(:get_vendor) - - fill_in 'profile_state_id_number', with: '8' * 26 - click_idv_continue - - expect(page).to have_content t('idv.errors.pattern_mismatch.state_id_number') - expect(current_path).to eq(idv_session_path) - end - - it 'allows selection of different state id types', :email do - choose 'profile_state_id_type_drivers_permit' - click_idv_continue - - expect(page).to have_content(t('idv.messages.sessions.success')) - expect(current_path).to eq(idv_session_success_path) - end -end - -feature 'idv unsuported state selection' do - include IdvStepHelper - - let(:locale) { LinkLocaleResolver.locale } - - it 'it allows the SP user to get back to state selection', :email do - start_idv_from_sp - complete_idv_steps_before_jurisdiction_step - - select 'Alabama', from: 'jurisdiction_state' - page.find('#jurisdiction_ial2_consent_given').click - click_idv_continue - - expect(page).to have_content t('idv.messages.jurisdiction.unsupported_jurisdiction_failure', - state: 'Alabama') - - visit idv_jurisdiction_path - expect(page).to have_content t('idv.messages.jurisdiction.where') - end - - it 'it allows the user to get back to state selection', :email do - sign_in_and_2fa_user - visit idv_jurisdiction_url - - select 'Alabama', from: 'jurisdiction_state' - page.find('#jurisdiction_ial2_consent_given').click - click_idv_continue - - expect(page).to have_content t('idv.messages.jurisdiction.unsupported_jurisdiction_failure', - state: 'Alabama') - - visit idv_jurisdiction_path - expect(page).to have_content t('idv.messages.jurisdiction.where') - end -end diff --git a/spec/support/idv_examples/cancel_at_idv_step.rb b/spec/support/idv_examples/cancel_at_idv_step.rb index 53da86aec94..5020f3e22b9 100644 --- a/spec/support/idv_examples/cancel_at_idv_step.rb +++ b/spec/support/idv_examples/cancel_at_idv_step.rb @@ -44,7 +44,7 @@ # After visiting /verify, expect to redirect to the jurisdiction step, # the first step in the IdV flow visit idv_path - expect(current_path).to eq(doc_auth_step_path(step: :welcome)) + expect(current_path).to eq(idv_doc_auth_step_path(step: :welcome)) end end @@ -65,7 +65,7 @@ # After visiting /verify, expect to redirect to the jurisdiction step, # the first step in the IdV flow visit idv_path - expect(current_path).to eq(doc_auth_step_path(step: :welcome)) + expect(current_path).to eq(idv_doc_auth_step_path(step: :welcome)) end end end diff --git a/spec/support/idv_examples/sp_handoff.rb b/spec/support/idv_examples/sp_handoff.rb index 5aa2c54f2a5..fb11de29085 100644 --- a/spec/support/idv_examples/sp_handoff.rb +++ b/spec/support/idv_examples/sp_handoff.rb @@ -11,14 +11,12 @@ visit_idp_from_sp_with_ial2(sp) register_user(email) - expect(current_path).to eq idv_jurisdiction_path + expect(current_path).to eq idv_doc_auth_step_path(step: :welcome) - fill_out_idv_jurisdiction_ok - click_idv_continue - - expect(current_path).to eq idv_session_path - - complete_idv_profile_ok(user) + complete_all_doc_auth_steps + click_continue + fill_in 'Password', with: Features::SessionHelper::VALID_PASSWORD + click_continue click_acknowledge_personal_key expect(page).to have_content t( @@ -44,11 +42,12 @@ fill_in_code_with_last_phone_otp click_submit_default - expect(current_path).to eq idv_jurisdiction_path + expect(current_path).to eq idv_doc_auth_step_path(step: :welcome) - fill_out_idv_jurisdiction_ok - click_idv_continue - complete_idv_profile_ok(user) + complete_all_doc_auth_steps + click_continue + fill_in 'Password', with: user.password + click_continue click_acknowledge_personal_key expect(page).to have_content t( @@ -70,8 +69,10 @@ before do sign_in_and_2fa_user(user) - visit idv_session_path - complete_idv_profile_ok(user) + complete_all_doc_auth_steps + click_continue + fill_in 'Password', with: user.password + click_continue click_acknowledge_personal_key first(:link, t('links.sign_out')).click end @@ -101,9 +102,10 @@ fill_in_code_with_last_phone_otp click_submit_default - fill_out_idv_jurisdiction_ok - click_idv_continue - complete_idv_profile_ok(user) + complete_all_doc_auth_steps + click_continue + fill_in 'Password', with: user.password + click_continue click_acknowledge_personal_key click_agree_and_continue visit account_path @@ -174,7 +176,7 @@ def expect_successful_oidc_handoff expect(decoded_id_token[:acr]).to eq(Saml::Idp::Constants::IAL2_AUTHN_CONTEXT_CLASSREF) expect(decoded_id_token[:iss]).to eq(root_url) expect(decoded_id_token[:email]).to eq(user.email) - expect(decoded_id_token[:given_name]).to eq('José') + expect(decoded_id_token[:given_name]).to eq('Jane') expect(decoded_id_token[:social_security_number]).to eq('666-66-1234') access_token = token_response[:access_token] @@ -188,7 +190,7 @@ def expect_successful_oidc_handoff expect(userinfo_response[:sub]).to eq(sub) expect(AgencyIdentity.where(user_id: user.id, agency_id: 2).first.uuid).to eq(sub) expect(userinfo_response[:email]).to eq(user.email) - expect(userinfo_response[:given_name]).to eq('José') + expect(userinfo_response[:given_name]).to eq('Jane') expect(userinfo_response[:social_security_number]).to eq('666-66-1234') end diff --git a/spec/support/sp_auth_helper.rb b/spec/support/sp_auth_helper.rb index c4538256562..ed23cd41899 100644 --- a/spec/support/sp_auth_helper.rb +++ b/spec/support/sp_auth_helper.rb @@ -17,11 +17,7 @@ def create_ial2_account_go_back_to_sp_and_sign_out(sp) fill_in_credentials_and_submit(user.email, user.password) fill_in_code_with_last_phone_otp click_submit_default - fill_out_idv_jurisdiction_ok - click_idv_continue - fill_out_idv_form_ok - click_idv_continue - click_idv_continue + complete_all_doc_auth_steps fill_out_phone_form_ok(MfaContext.new(user).phone_configurations.detect(&:mfa_enabled?).phone) click_idv_continue fill_in :user_password, with: user.password From 520ebeb19431eb05f184ff8e87632a9116588ef4 Mon Sep 17 00:00:00 2001 From: Jonathan Hooper Date: Tue, 31 Mar 2020 18:14:42 -0400 Subject: [PATCH 05/11] fix more tests including phone step tests --- app/controllers/concerns/idv_session.rb | 4 +- app/controllers/idv/review_controller.rb | 2 +- app/controllers/idv/usps_controller.rb | 2 +- app/controllers/idv_controller.rb | 1 + app/helpers/application_helper.rb | 2 +- app/views/idv/jurisdiction/new.html.erb | 44 ---------- app/views/idv/sessions/new.html.slim | 86 ------------------- app/views/idv/sessions/success.html.slim | 16 ---- app/views/users/piv_cac_login/error.html.slim | 1 - spec/features/idv/steps/phone_step_spec.rb | 21 ++--- spec/support/idv_examples/max_attempts.rb | 59 +++---------- 11 files changed, 22 insertions(+), 216 deletions(-) delete mode 100644 app/views/idv/jurisdiction/new.html.erb delete mode 100644 app/views/idv/sessions/new.html.slim delete mode 100644 app/views/idv/sessions/success.html.slim diff --git a/app/controllers/concerns/idv_session.rb b/app/controllers/concerns/idv_session.rb index 5159dcfbb3b..398fd7f2e6f 100644 --- a/app/controllers/concerns/idv_session.rb +++ b/app/controllers/concerns/idv_session.rb @@ -2,7 +2,7 @@ module IdvSession extend ActiveSupport::Concern def confirm_idv_session_started - redirect_to idv_session_url if idv_session.applicant.blank? + redirect_to idv_doc_auth_url if idv_session.applicant.blank? end def confirm_idv_attempts_allowed @@ -17,7 +17,7 @@ def confirm_idv_needed def confirm_idv_vendor_session_started return if flash[:allow_confirmations_continue] - redirect_to idv_session_url unless idv_session.proofing_started? + redirect_to idv_doc_auth_url unless idv_session.proofing_started? end def idv_session diff --git a/app/controllers/idv/review_controller.rb b/app/controllers/idv/review_controller.rb index 75a5ef61d77..c11a48a07bd 100644 --- a/app/controllers/idv/review_controller.rb +++ b/app/controllers/idv/review_controller.rb @@ -10,7 +10,7 @@ class ReviewController < ApplicationController before_action :confirm_current_password, only: [:create] def confirm_idv_steps_complete - return redirect_to(idv_session_url) unless idv_profile_complete? + return redirect_to(idv_doc_auth_url) unless idv_profile_complete? return redirect_to(idv_phone_url) unless idv_address_complete? end diff --git a/app/controllers/idv/usps_controller.rb b/app/controllers/idv/usps_controller.rb index ba348d6b1bd..0911212368c 100644 --- a/app/controllers/idv/usps_controller.rb +++ b/app/controllers/idv/usps_controller.rb @@ -103,7 +103,7 @@ def confirm_user_completed_idv_profile_step return if current_user.decorate.pending_profile_requires_verification? return if idv_session.profile_confirmation == true - redirect_to idv_session_url + redirect_to idv_doc_auth_url end def resend_letter diff --git a/app/controllers/idv_controller.rb b/app/controllers/idv_controller.rb index ea4cf932559..07f95729b8c 100644 --- a/app/controllers/idv_controller.rb +++ b/app/controllers/idv_controller.rb @@ -29,6 +29,7 @@ def fail private def verify_identity + analytics.track_event(Analytics::IDV_INTRO_VISIT) if proof_with_cac? redirect_to idv_cac_url else diff --git a/app/helpers/application_helper.rb b/app/helpers/application_helper.rb index 1cbd966f605..df7f0eaf36f 100644 --- a/app/helpers/application_helper.rb +++ b/app/helpers/application_helper.rb @@ -61,7 +61,7 @@ def sign_up_or_idv_no_js_link if user_signing_up? destroy_user_path elsif user_verifying_identity? - idv_session_path + idv_doc_auth_url end end diff --git a/app/views/idv/jurisdiction/new.html.erb b/app/views/idv/jurisdiction/new.html.erb deleted file mode 100644 index 53d790907fe..00000000000 --- a/app/views/idv/jurisdiction/new.html.erb +++ /dev/null @@ -1,44 +0,0 @@ -<% title t('idv.titles.jurisdiction') %> -<%= image_tag(asset_url('state-id-none@3x.png'), alt: '', width: 210) %> -

<%= t('idv.messages.jurisdiction.why') %>

- -

- <%= t('idv.messages.jurisdiction.where') %> -

- -<%= simple_form_for(@jurisdiction_form, url: idv_jurisdiction_path, - html: { autocomplete: 'off', role: 'form', class: 'mt2' }) do |f| %> - <%= f.error_notification %> -
-
- <%= f.input :state, collection: us_states_territories, - label: false, required: true, - selected: @jurisdiction_form.state, prompt: t('forms.select'), - wrapper_html: { class: 'jurisdiction-select' }, - input_html: { 'aria-labelledBy': 'jurisdiction-label' } %> -
-
-
- - <% if @jurisdiction_form.errors[:ial2_consent_given?].any? %> -
- <%= @jurisdiction_form.errors[:ial2_consent_given?].first %> -
- <% end %> -
-

<%= link_to t('idv.messages.jurisdiction.no_id'), idv_jurisdiction_failure_path(:no_id) %>

- <%= f.button :submit, - t('forms.buttons.continue'), - class: 'btn btn-primary btn-wide sm-col-6 col-6 mt4 no-auto-enable' %> -<% end %> - -
- <%= link_to t('links.cancel'), idv_cancel_path, class: 'h5' %> -
diff --git a/app/views/idv/sessions/new.html.slim b/app/views/idv/sessions/new.html.slim deleted file mode 100644 index 3922f160cb4..00000000000 --- a/app/views/idv/sessions/new.html.slim +++ /dev/null @@ -1,86 +0,0 @@ -- title t('idv.titles.sessions') - -h1.h3 = t('idv.titles.sessions') - -p = link_to t('links.access_help'), - 'https://login.gov/help/privacy-and-security/how-does-logingov-protect-my-data/', - target: :_blank - -= simple_form_for(@idv_form, url: idv_session_path, - html: { autocomplete: 'off', method: :put, role: 'form' }) do |f| - = f.error_notification - fieldset.ml0.p0.border-none - = f.input :first_name, label: t('idv.form.first_name'), required: true, maxlength: 255 - = f.input :last_name, label: t('idv.form.last_name'), required: true, maxlength: 255 - .clearfix.mxn1 - .sm-col.sm-col-6.px1 - / using :tel for mobile numeric keypad - = f.input :dob, as: :tel, - label: t('idv.form.dob'), required: true, - hint: t('idv.form.dob_hint'), hint_html: { id: 'dob-instructs', class: 'mb1' }, - pattern: '(0[1-9]|1[012])/(0[1-9]|1[0-9]|2[0-9]|3[01])/[0-9]{4}', - input_html: { class: 'dob', - value: @idv_form.dob, - 'aria-describedby': 'dob-instructs' } - .clearfix.mxn1 - .sm-col.sm-col-6.px1 - / using :tel for mobile numeric keypad - = f.input :ssn, as: :tel, - label: t('idv.form.ssn_label_html'), required: true, - pattern: '^\d{3}-?\d{2}-?\d{4}$', - input_html: { class: 'ssn', value: @idv_form.ssn } - - h2.h3 = t('idv.messages.sessions.id_information_subtitle') - p = t('idv.messages.sessions.id_information_message') - - fieldset.m0.p0.border-none - .mb2 - = f.label :state_id_type, label: t('idv.form.state_id_type_label'), class: 'bold', - id: 'profile_state_id_type_label', required: true - - state_id_types.each do |state_id_type| - = f.label 'profile[state_id_type]', class: 'block mb1', - for: "profile_state_id_type_#{state_id_type[1]}" - .radio - = radio_button_tag 'profile[state_id_type]', state_id_type[1], - state_id_type[1] == 'drivers_license', - 'aria-labelledby': 'profile_state_id_type_label' - span.indicator - .block = state_id_type[0] - = f.input :state_id_number, label: t('idv.form.state_id'), - hint: t('idv.form.state_id_tip'), hint_html: { class: 'inline pl1' }, - required: true, - pattern: '^.{0,25}$', - input_html: { class: 'sm-col-8 state_id_number', value: @idv_form.state_id_number } - = f.input :address1, label: t('idv.form.address1'), wrapper_html: { class: 'mb1' }, - required: true, maxlength: 255 - = f.input :address2, label: t('idv.form.address2'), maxlength: 255 - = f.input :city, label: t('idv.form.city'), required: true, maxlength: 255 - - .clearfix.mxn1 - .sm-col.sm-col-8.px1 - - if decorated_session.sp_name - -sp_error = t('idv.errors.unsupported_jurisdiction_sp', - sp_name: decorated_session.sp_name) - -data_attrs = { "data-supported-jurisdictions": supported_jurisdictions, - "data-error-message": t('idv.errors.unsupported_jurisdiction'), - "data-error-message-sp": sp_error,\ - } - - selected_state = @idv_form.state || @selected_state - = f.input :state, collection: us_states_territories, - label: t('idv.form.state'), required: true, - input_html: data_attrs, selected: selected_state, - prompt: '- Select -' - - .sm-col.sm-col-4.px1 - / using :tel for mobile numeric keypad - = f.input :zipcode, as: :tel, - label: t('idv.form.zipcode'), required: true, - pattern: '(\d{5}([\-]\d{4})?)', - input_html: { class: 'zipcode', value: @idv_form.zipcode } - - .mt3 - button type='submit' class='btn btn-primary btn-wide sm-col-6 col-12' - = t('forms.buttons.continue') - -.mt2.pt1.border-top - = link_to t('links.cancel'), idv_cancel_path, class: 'h5' diff --git a/app/views/idv/sessions/success.html.slim b/app/views/idv/sessions/success.html.slim deleted file mode 100644 index af45c59e4a7..00000000000 --- a/app/views/idv/sessions/success.html.slim +++ /dev/null @@ -1,16 +0,0 @@ -- title t('idv.titles.session.success') - -= image_tag(asset_url('state-id-confirm@3x.png'), width: 210) - -h1.h3.mb2.mt3.my0 = t('idv.titles.session.success') - -.col-2 - hr.mt3.mb3.bw4.border-green.rounded - -h2.h3.mb6.my0 = t('idv.messages.sessions.success') - -= link_to t('forms.buttons.continue'), idv_phone_path, - class: 'btn btn-primary btn-wide sm-col-6 col-12' - -.mt2.pt1.border-top - = link_to t('links.cancel'), idv_cancel_path, class: 'h5' diff --git a/app/views/users/piv_cac_login/error.html.slim b/app/views/users/piv_cac_login/error.html.slim index da594c90abd..62180f583e5 100644 --- a/app/views/users/piv_cac_login/error.html.slim +++ b/app/views/users/piv_cac_login/error.html.slim @@ -7,7 +7,6 @@ p.mt-tiny.mb3 = @presenter.description - link = account_path -/ TODO: This link will 404 if sign_up_or_idv_no_js_link is not nil - cancel = sign_up_or_idv_no_js_link || link .mt2.pt1.border-top = link_to t('forms.piv_cac_setup.choose_different_certificate'), diff --git a/spec/features/idv/steps/phone_step_spec.rb b/spec/features/idv/steps/phone_step_spec.rb index be9bc4b1a13..74b2051aa78 100644 --- a/spec/features/idv/steps/phone_step_spec.rb +++ b/spec/features/idv/steps/phone_step_spec.rb @@ -105,26 +105,15 @@ expect(page).to have_current_path(idv_phone_path) end - it 'requires the user to complete the profile step before completing' do + it 'requires the user to complete the doc auth before completing' do start_idv_from_sp - complete_idv_steps_before_profile_step + sign_in_and_2fa_user(user_with_2fa) # Try to advance ahead to the phone step visit idv_phone_path - # Expect to land on the profile step - expect(page).to have_content(t('idv.titles.sessions')) - expect(page).to have_current_path(idv_session_path) - - # Try to submit and fail - fill_out_idv_form_fail - click_idv_continue - - # Try to advance ahead to the phone step - visit idv_phone_path - - # Expect to land on the profile step - expect(page).to have_content(t('idv.titles.sessions')) - expect(page).to have_current_path(idv_session_path) + # Expect to land on doc auth + expect(page).to have_content(t('doc_auth.headings.welcome')) + expect(page).to have_current_path(idv_doc_auth_step_path(step: :welcome)) end context 'cancelling IdV' do diff --git a/spec/support/idv_examples/max_attempts.rb b/spec/support/idv_examples/max_attempts.rb index 030a33f033d..e42980b95e1 100644 --- a/spec/support/idv_examples/max_attempts.rb +++ b/spec/support/idv_examples/max_attempts.rb @@ -13,37 +13,17 @@ context 'after completing the max number of attempts' do before do - if step == :profile - perfom_maximum_allowed_idv_step_attempts { fill_out_idv_form_fail } - elsif step == :phone - perfom_maximum_allowed_idv_step_attempts { fill_out_phone_form_fail } - end + perfom_maximum_allowed_idv_step_attempts { fill_out_phone_form_fail } end scenario 'more than 3 attempts in 24 hours prevents further attempts' do # Blocked if visiting verify directly visit idv_url - if step == :phone - advance_to_phone_step - expect_user_to_fail_at_phone_step - else - expect_user_to_fail_at_profile_step - end + expect_user_to_fail_at_phone_step # Blocked if visiting from an SP visit_idp_from_sp_with_ial2(:oidc) - if step == :phone - advance_to_phone_step - expect_user_to_fail_at_phone_step - else - expect_user_to_fail_at_profile_step - end - - if step == :sessions - user.reload - - expect(user.idv_attempted_at).to_not be_nil - end + expect_user_to_fail_at_phone_step end scenario 'after 24 hours the user can retry and complete idv' do @@ -56,11 +36,12 @@ sign_in_live_with_2fa(user) expect(page).to_not have_content(t("idv.failure.#{step_locale_key}.heading")) - expect(current_url).to eq(idv_jurisdiction_url) + expect(current_url).to eq(idv_doc_auth_step_url(step: :welcome)) - fill_out_idv_jurisdiction_ok + complete_all_doc_auth_steps + click_idv_continue + fill_in 'Password', with: user.password click_idv_continue - complete_idv_profile_ok(user) click_acknowledge_personal_key click_agree_and_continue @@ -77,23 +58,16 @@ context 'after completing one less than the max attempts' do it 'allows the user to continue if their last attempt is successful' do max_attempts_less_one.times do - fill_out_idv_form_fail if step == :profile - fill_out_phone_form_fail if step == :phone + fill_out_phone_form_fail click_continue click_on t('idv.failure.button.warning') end - fill_out_idv_form_ok if step == :profile - fill_out_phone_form_ok if step == :phone + fill_out_phone_form_ok click_continue - if step == :profile - expect(page).to have_content(t('idv.titles.session.success')) - expect(page).to have_current_path(idv_session_success_path) - elsif step == :phone - expect(page).to have_content(t('idv.titles.otp_delivery_method')) - expect(page).to have_current_path(idv_otp_delivery_method_path) - end + expect(page).to have_content(t('idv.titles.otp_delivery_method')) + expect(page).to have_current_path(idv_otp_delivery_method_path) end end @@ -107,20 +81,9 @@ def perfom_maximum_allowed_idv_step_attempts click_idv_continue end - def expect_user_to_fail_at_profile_step - expect(page).to have_content(t('idv.titles.hardfail', app: 'login.gov')) - expect(current_url).to eq(idv_fail_url) - end - def expect_user_to_fail_at_phone_step expect(page).to have_content(t("idv.failure.#{step_locale_key}.heading")) expect(current_url).to eq(idv_phone_errors_failure_url(locale: locale)) expect(page).to have_link(t('idv.form.activate_by_mail')) end - - def advance_to_phone_step - # Currently on the session success path - # Click continue to advance to the phone step - click_idv_continue - end end From f99e2d45d247f8720e94e52f2929bd0cb7d36507 Mon Sep 17 00:00:00 2001 From: Jonathan Hooper Date: Wed, 1 Apr 2020 11:13:15 -0400 Subject: [PATCH 06/11] fix some more tests --- spec/controllers/concerns/idv_step_concern_spec.rb | 4 ++-- .../users/password_recovery_via_recovery_code_spec.rb | 11 ++++++----- 2 files changed, 8 insertions(+), 7 deletions(-) diff --git a/spec/controllers/concerns/idv_step_concern_spec.rb b/spec/controllers/concerns/idv_step_concern_spec.rb index 86a2efce449..5ae47b7824a 100644 --- a/spec/controllers/concerns/idv_step_concern_spec.rb +++ b/spec/controllers/concerns/idv_step_concern_spec.rb @@ -94,10 +94,10 @@ def show allow(subject).to receive(:confirm_idv_attempts_allowed).and_return(true) end - it 'redirects to idv session url' do + it 'redirects to idv doc auth url' do get :show - expect(response).to redirect_to(idv_session_url) + expect(response).to redirect_to(idv_doc_auth_url) end end diff --git a/spec/features/users/password_recovery_via_recovery_code_spec.rb b/spec/features/users/password_recovery_via_recovery_code_spec.rb index b06ac1fb6d3..47803e1d3a8 100644 --- a/spec/features/users/password_recovery_via_recovery_code_spec.rb +++ b/spec/features/users/password_recovery_via_recovery_code_spec.rb @@ -2,7 +2,7 @@ feature 'Password recovery via personal key' do include PersonalKeyHelper - include IdvHelper + include IdvStepHelper include SamlAuthHelper include SpAuthHelper @@ -43,9 +43,10 @@ click_link t('account.index.reactivation.link') click_on t('links.account.reactivate.without_key') click_on t('forms.buttons.continue') - fill_out_idv_jurisdiction_ok - click_idv_continue - complete_idv_profile_ok(user, new_password) + complete_all_doc_auth_steps + click_continue + fill_in 'Password', with: new_password + click_continue acknowledge_and_confirm_personal_key click_agree_and_continue @@ -93,7 +94,7 @@ click_on t('links.account.reactivate.with_key') click_on t('links.reverify') - expect(current_path).to eq(idv_jurisdiction_path) + expect(current_path).to eq(idv_doc_auth_step_path(step: :welcome)) end scenario 'resets password, view modal and close it', email: true, js: true do From 261d85080cdb8206c79c412939da4ada2fb228b2 Mon Sep 17 00:00:00 2001 From: Jonathan Hooper Date: Wed, 1 Apr 2020 11:18:23 -0400 Subject: [PATCH 07/11] fix phone remember device tests --- spec/features/remember_device/phone_spec.rb | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/spec/features/remember_device/phone_spec.rb b/spec/features/remember_device/phone_spec.rb index 36f26253521..ab59919da65 100644 --- a/spec/features/remember_device/phone_spec.rb +++ b/spec/features/remember_device/phone_spec.rb @@ -1,7 +1,7 @@ require 'rails_helper' feature 'Remembering a phone' do - include IdvHelper + include IdvStepHelper before do allow(Figaro.env).to receive(:otp_delivery_blocklist_maxretry).and_return('1000') @@ -50,10 +50,8 @@ def remember_device_and_sign_out_user check :remember_device fill_in_code_with_last_phone_otp click_submit_default - visit idv_session_path - fill_out_idv_form_ok - click_idv_continue - click_idv_continue + visit idv_path + complete_all_doc_auth_steps fill_out_phone_form_ok('2022603829') click_idv_continue choose_idv_otp_delivery_method_sms From 06b815aed0757d25c4d5f80cfaf9c0ea53ff58d7 Mon Sep 17 00:00:00 2001 From: Jonathan Hooper Date: Wed, 1 Apr 2020 11:42:41 -0400 Subject: [PATCH 08/11] fix all tests except i18n ones --- spec/features/idv/steps/review_step_spec.rb | 10 +++++----- spec/features/idv/steps/usps_step_spec.rb | 4 ++-- spec/features/users/user_profile_spec.rb | 7 ++++--- 3 files changed, 11 insertions(+), 10 deletions(-) diff --git a/spec/features/idv/steps/review_step_spec.rb b/spec/features/idv/steps/review_step_spec.rb index 9709c062038..856220b0087 100644 --- a/spec/features/idv/steps/review_step_spec.rb +++ b/spec/features/idv/steps/review_step_spec.rb @@ -13,11 +13,11 @@ start_idv_from_sp complete_idv_steps_before_review_step - expect(page).to have_content('José') - expect(page).to have_content('One') - expect(page).to have_content('123 Main St') - expect(page).to have_content('Nowhere, VA 6604') - expect(page).to have_content('January 02, 1980') + expect(page).to have_content('Jane') + expect(page).to have_content('Doe') + expect(page).to have_content('1 Street') + expect(page).to have_content('New York, NY 11364') + expect(page).to have_content('October 05, 1938') expect(page).to have_content('666-66-1234') expect(page).to have_content('+1 202-555-1212') diff --git a/spec/features/idv/steps/usps_step_spec.rb b/spec/features/idv/steps/usps_step_spec.rb index 007e5ebee35..4f32e07b5c2 100644 --- a/spec/features/idv/steps/usps_step_spec.rb +++ b/spec/features/idv/steps/usps_step_spec.rb @@ -18,8 +18,8 @@ click_on t('idv.messages.clear_and_start_over') - expect(page).to have_content(t('idv.messages.jurisdiction.why')) - expect(page).to have_current_path(idv_jurisdiction_path) + expect(page).to have_content(t('doc_auth.headings.welcome')) + expect(page).to have_current_path(idv_doc_auth_step_path(step: :welcome)) end context 'the user has sent a letter but not verified an OTP' do diff --git a/spec/features/users/user_profile_spec.rb b/spec/features/users/user_profile_spec.rb index 7bbb10b7f47..bfb99b42b71 100644 --- a/spec/features/users/user_profile_spec.rb +++ b/spec/features/users/user_profile_spec.rb @@ -1,7 +1,7 @@ require 'rails_helper' feature 'User profile' do - include IdvHelper + include IdvStepHelper include PersonalKeyHelper include PushNotificationsHelper @@ -144,9 +144,10 @@ fill_in_code_with_last_phone_otp click_submit_default click_on t('links.account.reactivate.without_key') - fill_out_idv_jurisdiction_ok + complete_all_doc_auth_steps + click_idv_continue + fill_in 'Password', with: user_password click_idv_continue - complete_idv_profile_ok(user) click_acknowledge_personal_key expect(current_path).to eq(sign_up_completed_path) From 73eea850e42244ec8464b5d4bc5f9513aa4634f0 Mon Sep 17 00:00:00 2001 From: Jonathan Hooper Date: Wed, 1 Apr 2020 12:51:18 -0400 Subject: [PATCH 09/11] Remove forms and other fun things --- app/forms/idv/jurisdiction_form.rb | 39 ---- app/forms/idv/profile_form.rb | 54 ------ app/helpers/form_helper.rb | 10 -- app/services/idv/steps/verify_base_step.rb | 8 +- .../idv/form_jurisdiction_validator.rb | 22 --- app/validators/idv/form_state_id_validator.rb | 17 -- config/locales/forms/en.yml | 1 - config/locales/forms/es.yml | 1 - config/locales/forms/fr.yml | 1 - config/locales/idv/en.yml | 20 --- config/locales/idv/es.yml | 23 --- config/locales/idv/fr.yml | 23 --- config/locales/links/en.yml | 1 - config/locales/links/es.yml | 1 - config/locales/links/fr.yml | 1 - .../features/idv/doc_auth/verify_step_spec.rb | 8 +- spec/forms/idv/jurisdiction_form_spec.rb | 46 ----- spec/forms/idv/profile_form_spec.rb | 170 ------------------ 18 files changed, 10 insertions(+), 436 deletions(-) delete mode 100644 app/forms/idv/jurisdiction_form.rb delete mode 100644 app/forms/idv/profile_form.rb delete mode 100644 app/validators/idv/form_jurisdiction_validator.rb delete mode 100644 app/validators/idv/form_state_id_validator.rb delete mode 100644 spec/forms/idv/jurisdiction_form_spec.rb delete mode 100644 spec/forms/idv/profile_form_spec.rb diff --git a/app/forms/idv/jurisdiction_form.rb b/app/forms/idv/jurisdiction_form.rb deleted file mode 100644 index 0df1c9f224a..00000000000 --- a/app/forms/idv/jurisdiction_form.rb +++ /dev/null @@ -1,39 +0,0 @@ -module Idv - class JurisdictionForm - include ActiveModel::Model - include FormJurisdictionValidator - - validates :ial2_consent_given?, acceptance: { message: I18n.t('errors.doc_auth.consent_form') } - - ATTRIBUTES = %i[state ial2_consent_given].freeze - - attr_accessor :state, :ial2_consent_given - - def self.model_name - ActiveModel::Name.new(self, nil, 'Jurisdiction') - end - - def submit(params) - consume_params(params) - - FormResponse.new(success: valid?, errors: errors.messages) - end - - def ial2_consent_given? - @ial2_consent_given == 'true' - end - - private - - def consume_params(params) - params.each do |key, value| - raise_invalid_jurisdiction_parameter_error(key) unless ATTRIBUTES.include?(key.to_sym) - send("#{key}=", value) - end - end - - def raise_invalid_jurisdiction_parameter_error(key) - raise ArgumentError, "#{key} is an invalid jurisdiction attribute" - end - end -end diff --git a/app/forms/idv/profile_form.rb b/app/forms/idv/profile_form.rb deleted file mode 100644 index dcfb0878586..00000000000 --- a/app/forms/idv/profile_form.rb +++ /dev/null @@ -1,54 +0,0 @@ -module Idv - class ProfileForm - include ActiveModel::Model - include FormProfileValidator - include FormStateIdValidator - - PROFILE_ATTRIBUTES = [ - :state_id_number, - :state_id_type, - :state_id_jurisdiction, - *Pii::Attributes.members, - ].freeze - - attr_reader :user - attr_accessor(*PROFILE_ATTRIBUTES) - - def self.model_name - ActiveModel::Name.new(self, nil, 'Profile') - end - - def initialize(user:, previous_params:) - @user = user - consume_params(previous_params) if previous_params.present? - end - - def submit(params) - consume_params(params) - - FormResponse.new(success: valid?, errors: errors.messages) - end - - def add_sp_unsupported_jurisdiction_error(sp_name) - error_message = [ - I18n.t('idv.errors.unsupported_jurisdiction'), - I18n.t('idv.errors.unsupported_jurisdiction_sp', sp_name: sp_name), - ].join(' ') - errors.delete(:state) - errors.add(:state, error_message) - end - - private - - def consume_params(params) - params.each do |key, value| - raise_invalid_profile_parameter_error(key) unless PROFILE_ATTRIBUTES.include?(key.to_sym) - send("#{key}=", value) - end - end - - def raise_invalid_profile_parameter_error(key) - raise ArgumentError, "#{key} is an invalid profile attribute" - end - end -end diff --git a/app/helpers/form_helper.rb b/app/helpers/form_helper.rb index 2b0a295ddc8..105061c0ec9 100644 --- a/app/helpers/form_helper.rb +++ b/app/helpers/form_helper.rb @@ -1,10 +1,4 @@ module FormHelper - def state_id_types - Idv::FormStateIdValidator::STATE_ID_TYPES.map do |state_id_type| - [t("idv.form.state_id_type.#{state_id_type}"), state_id_type] - end - end - # rubocop:disable MethodLength # rubocop:disable Style/WordArray # This method is single statement spread across many lines for readability @@ -85,10 +79,6 @@ def international_phone_codes end end - def supported_jurisdictions - Idv::FormJurisdictionValidator::SUPPORTED_JURISDICTIONS - end - def state_name_for_abbrev(abbrev) us_states_territories.find([]) { |state| state.second == abbrev }.first end diff --git a/app/services/idv/steps/verify_base_step.rb b/app/services/idv/steps/verify_base_step.rb index 7dfe923b3d4..0896e7a54b0 100644 --- a/app/services/idv/steps/verify_base_step.rb +++ b/app/services/idv/steps/verify_base_step.rb @@ -1,6 +1,11 @@ module Idv module Steps class VerifyBaseStep < DocAuthBaseStep + AAMVA_SUPPORTED_JURISDICTIONS = %w[ + AR AZ CO CT DC DE FL GA IA ID IL IN KY MA MD ME MI MO MS MT ND NE NJ NM + PA RI SC SD TX VA VT WA WI WY + ].freeze + private def perform_resolution_and_check_ssn @@ -82,8 +87,7 @@ def should_use_aamva?(pii_from_doc) end def aamva_state?(pii_from_doc) - Idv::FormJurisdictionValidator::SUPPORTED_JURISDICTIONS. - include? pii_from_doc['state_id_jurisdiction'] + AAMVA_SUPPORTED_JURISDICTIONS.include? pii_from_doc['state_id_jurisdiction'] end def aamva_disallowed_for_service_provider? diff --git a/app/validators/idv/form_jurisdiction_validator.rb b/app/validators/idv/form_jurisdiction_validator.rb deleted file mode 100644 index 56a12106d8a..00000000000 --- a/app/validators/idv/form_jurisdiction_validator.rb +++ /dev/null @@ -1,22 +0,0 @@ -module Idv - module FormJurisdictionValidator - extend ActiveSupport::Concern - - SUPPORTED_JURISDICTIONS = %w[ - AR AZ CO CT DC DE FL GA IA ID IL IN KY MA MD ME MI MO MS MT ND NE NJ NM PA - RI SC SD TX VA VT WA WI WY - ].freeze - - included do - validates :state, - inclusion: { - in: SUPPORTED_JURISDICTIONS, - message: I18n.t('idv.errors.unsupported_jurisdiction'), - } - end - - def unsupported_jurisdiction? - !SUPPORTED_JURISDICTIONS.include?(state) - end - end -end diff --git a/app/validators/idv/form_state_id_validator.rb b/app/validators/idv/form_state_id_validator.rb deleted file mode 100644 index 8f56542efd7..00000000000 --- a/app/validators/idv/form_state_id_validator.rb +++ /dev/null @@ -1,17 +0,0 @@ -module Idv - module FormStateIdValidator - extend ActiveSupport::Concern - include Idv::FormJurisdictionValidator - - STATE_ID_TYPES = %w[drivers_license drivers_permit state_id_card].freeze - - included do - validates :state_id_number, presence: true, - length: { - maximum: 25, - message: I18n.t('idv.errors.pattern_mismatch.state_id_number'), - } - validates :state_id_type, inclusion: { in: STATE_ID_TYPES } - end - end -end diff --git a/config/locales/forms/en.yml b/config/locales/forms/en.yml index 7dcb4c630fe..9e6e6acdc2b 100644 --- a/config/locales/forms/en.yml +++ b/config/locales/forms/en.yml @@ -116,7 +116,6 @@ en: registration: labels: email: Email address - select: "- Select -" totp_delete: caution: If you remove your authentication app you won't be able to use it to access your login.gov account. diff --git a/config/locales/forms/es.yml b/config/locales/forms/es.yml index 01ac976ac45..f55b299a53a 100644 --- a/config/locales/forms/es.yml +++ b/config/locales/forms/es.yml @@ -124,7 +124,6 @@ es: registration: labels: email: Email - select: "- Seleccionar -" totp_delete: caution: Si elimina su aplicación de autenticación, no podrá usarla para acceder a su cuenta login.gov. diff --git a/config/locales/forms/fr.yml b/config/locales/forms/fr.yml index 40288590651..4e7343491a1 100644 --- a/config/locales/forms/fr.yml +++ b/config/locales/forms/fr.yml @@ -129,7 +129,6 @@ fr: registration: labels: email: Adresse courriel - select: "- Sélectionner -" totp_delete: caution: Si vous supprimez votre application d'authentification, vous ne pourrez plus l'utiliser pour accéder à votre compte login.gov. diff --git a/config/locales/idv/en.yml b/config/locales/idv/en.yml index 3f6704266d9..701c807a32e 100644 --- a/config/locales/idv/en.yml +++ b/config/locales/idv/en.yml @@ -26,8 +26,6 @@ en: ssn: 'Your Social Security Number must be entered in as ###-##-####' state_id_number: Your ID number cannot be more than 25 characters. zipcode: 'Your zipcode must be entered in as #####-####' - unsupported_jurisdiction: Sorry, we can't verify people from this state. - unsupported_jurisdiction_sp: Please visit %{sp_name} to access your account. unsupported_otp_delivery_method: Select a method to receive a code. failure: attempts_html: @@ -75,23 +73,12 @@ en: address1: Address address2: Address (optional) city: City - dob: Date of birth - dob_hint: 'example: 01/17/1964' - first_name: First name - last_name: Last name no_alternate_phone_html: "%{link} We'll mail you a letter with a code in it." password: Password phone: Phone Number ssn_label_html: Social Security Number state: State - state_id: ID number - state_id_tip: do not include spaces or dashes - state_id_type: - drivers_license: Driver's license - drivers_permit: Driver's permit - state_id_card: State ID - state_id_type_label: ID type zipcode: ZIP Code index: id: @@ -121,9 +108,6 @@ en: no_id_failure: We're working hard to add more ways to verify your identity. unsupported_jurisdiction_failure: We're working hard to add more states and hope to support %{state} soon. - where: Where was your driver's license, driver's permit, or state ID issued? - why: To verify your identity, you'll need information from your state-issued - ID. mail_sent: Your letter is on its way otp_delivery_method: phone_number_html: We'll send a code to %{phone} @@ -149,13 +133,10 @@ en: select_verification_without_sp: To protect you from identity fraud, we will contact you to confirm that this account is legitimate. sessions: - id_information_message: as it appears on your state-issued ID - id_information_subtitle: ID Information no_pii: TEST SITE - Do not use real personal information (demo purposes only) - TEST SITE review_message: When you re-enter your password, login.gov will encrypt your data to make sure no one else can access it. - success: Next, we'll need a phone number. usps: address_on_file: We will mail a letter with a confirmation code to your verified address on file. @@ -190,6 +171,5 @@ en: session: phone: Enter a phone number with your name on the plan review: Re-enter your login.gov password to encrypt your data - success: We've verified the information on your state-issued ID. sessions: Information about you unsupported_jurisdiction: We're sorry, login.gov doesn't support %{state} yet. diff --git a/config/locales/idv/es.yml b/config/locales/idv/es.yml index 6a49faa3998..d4dc9c75d77 100644 --- a/config/locales/idv/es.yml +++ b/config/locales/idv/es.yml @@ -27,9 +27,6 @@ es: ssn: 'Su número de Seguro Social debe ser ingresado como ### - ## - ####' state_id_number: Su número de ID no puede tener más de 25 caracteres zipcode: 'Su código postal debe ser ingresado como #####-####' - unsupported_jurisdiction: Lo sentimos, no podemos verificar personas de este - estado. - unsupported_jurisdiction_sp: Visita %{sp_name} para acceder a tu cuenta. unsupported_otp_delivery_method: Seleccione una manera de recibir un código. failure: attempts_html: @@ -78,23 +75,12 @@ es: address1: Dirección address2: Dirección (opcional) city: Ciudad - dob: Fecha de nacimiento - dob_hint: 'Ejemplo: 01/17/1964' - first_name: Nombre - last_name: Apellido no_alternate_phone_html: "%{link} Le enviaremos una carta con un código." password: Contraseña phone: Teléfono ssn_label_html: Número de Seguro Social state: Estado - state_id: Número de identificación - state_id_tip: sin espacios ni guiones - state_id_type: - drivers_license: Licencia de conducir - drivers_permit: Permiso de conducir - state_id_card: Identificación del estado - state_id_type_label: Tipo de número de identificación zipcode: Código postal index: id: @@ -124,10 +110,6 @@ es: su identidad. unsupported_jurisdiction_failure: Estamos trabajando duro para agregar más estados y esperamos apoyar a %{state} pronto. - where: "¿Dónde se emitió su licencia de conducir, permiso de conducir o identificación - del estado?" - why: Para verificar su identidad, necesitará información de su identificación - emitida por el estado. mail_sent: Su carta está en camino otp_delivery_method: phone_number_html: Te enviaremos un código a %{phone} @@ -155,13 +137,10 @@ es: select_verification_without_sp: Para proteger su cuenta de robo de identidad, su perfil no se activará hasta que ingrese un código de confirmación. sessions: - id_information_message: como aparece en su identificación emitida por el estado - id_information_subtitle: Información de identificación no_pii: SITIO DE PRUEBA - No utilice información personal real (sólo para propósitos de demostración) - SITIO DE PRUEBA review_message: Cuando vuelva a ingresar su contraseña, login.gov cifrará sus datos para asegurarse de que nadie más pueda acceder a ellos. - success: A continuación, necesitaremos un número de teléfono. usps: address_on_file: Le enviaremos una carta con un código de confirmación a su dirección verificada en el archivo. @@ -197,8 +176,6 @@ es: session: phone: Ingresa un número de teléfono para ayudar a verificar tu identidad review: Vuelve a ingresar tu contraseña de login.gov para encriptar tus datos - success: Hemos verificado la información en su identificación emitida por - el estado. sessions: Información acerca de ti unsupported_jurisdiction: No podemos verificar identidades usando ID emitidos desde %{state} diff --git a/config/locales/idv/fr.yml b/config/locales/idv/fr.yml index 754cce3afb0..9440930b907 100644 --- a/config/locales/idv/fr.yml +++ b/config/locales/idv/fr.yml @@ -29,10 +29,6 @@ fr: ###-##-####' state_id_number: Votre numéro d'identification ne peut excéder 25 caractères zipcode: 'Votre code ZIP doit être inscrit de cette façon : #####-####' - unsupported_jurisdiction: Désolé, nous ne pouvons pas vérifier les personnes - de cet état. - unsupported_jurisdiction_sp: Veuillez visiter %{sp_name} pour accéder à votre - compte. unsupported_otp_delivery_method: Sélectionnez une méthode pour recevoir un code. failure: attempts_html: @@ -85,23 +81,12 @@ fr: address1: Adresse address2: Adresse (optional) city: Ville - dob: Date de naissance - dob_hint: 'exemple : 01/17/1964' - first_name: Prénom - last_name: Nom de famille no_alternate_phone_html: "%{link} Nous vous ferons parvenir une lettre contenant un code." password: Mot de passe phone: Numéro de téléphone ssn_label_html: Numéro de sécurité sociale state: État - state_id: Numéro d'identification - state_id_tip: sans espaces ou tirets - state_id_type: - drivers_license: Permis de conduire - drivers_permit: Permis d'apprenti - state_id_card: Identification d'état - state_id_type_label: Type de numéro d'identification zipcode: Code ZIP index: id: @@ -134,10 +119,6 @@ fr: votre identité. unsupported_jurisdiction_failure: Nous travaillons dur pour ajouter plus d'états et espérons pouvoir bientôt prendre en charge %{state}. - where: Où a été délivré votre permis de conduire, votre permis de conduire - ou votre carte d'identité? - why: Pour vérifier votre identité, vous aurez besoin d'informations provenant - de votre carte d'identité officielle. mail_sent: Votre lettre est en route otp_delivery_method: phone_number_html: Nous enverrons un code au %{phone} @@ -168,13 +149,10 @@ fr: à l'identité, votre profil ne sera pas activé tant que vous n'aurez pas entré votre code de confirmation. sessions: - id_information_message: tel qu'il apparaît sur votre carte d'identité officielle - id_information_subtitle: Informations d'identification no_pii: SITE DE TEST - N'utilisez pas de véritables données personnelles (il s'agit d'une démonstration seulement) - SITE DE TEST review_message: Lorsque vous entrez à nouveau votre mot de passe, login.gov crypte vos données pour vous assurer que personne ne peut y accéder. - success: Ensuite, nous aurons besoin d'un numéro de téléphone. usps: address_on_file: Nous posterons une lettre à l'adresse vérifiée dans nos dossiers. Celle-ci contient un code de confirmation. @@ -210,7 +188,6 @@ fr: session: phone: Entrez un numéro de téléphone pour vous aider à vérifier votre identité review: Entrez à nouveau votre mot de passe login.gov pour crypter vos données - success: Nous avons vérifié les informations sur votre ID d'état. sessions: Informations sur vous unsupported_jurisdiction: Nous ne sommes pas en mesure de vérifier les identités à l'aide d'identifiants provenant de %{state} diff --git a/config/locales/links/en.yml b/config/locales/links/en.yml index de11c4c308e..d630b0d6766 100644 --- a/config/locales/links/en.yml +++ b/config/locales/links/en.yml @@ -1,7 +1,6 @@ --- en: links: - access_help: How login.gov protects your data. account: reactivate: with_key: I have my key diff --git a/config/locales/links/es.yml b/config/locales/links/es.yml index 152440b3061..a7119b69941 100644 --- a/config/locales/links/es.yml +++ b/config/locales/links/es.yml @@ -1,7 +1,6 @@ --- es: links: - access_help: Cómo login.gov protege sus datos. account: reactivate: with_key: Tengo mi clave diff --git a/config/locales/links/fr.yml b/config/locales/links/fr.yml index 665b12bc965..63098062df8 100644 --- a/config/locales/links/fr.yml +++ b/config/locales/links/fr.yml @@ -1,7 +1,6 @@ --- fr: links: - access_help: Comment login.gov protège vos données. account: reactivate: with_key: J'ai ma clé diff --git a/spec/features/idv/doc_auth/verify_step_spec.rb b/spec/features/idv/doc_auth/verify_step_spec.rb index d352febbda3..021fd36b390 100644 --- a/spec/features/idv/doc_auth/verify_step_spec.rb +++ b/spec/features/idv/doc_auth/verify_step_spec.rb @@ -120,8 +120,8 @@ ) stub_const( - 'Idv::FormJurisdictionValidator::SUPPORTED_JURISDICTIONS', - Idv::FormJurisdictionValidator::SUPPORTED_JURISDICTIONS + + 'Idv::Steps::VerifyBaseStep::AAMVA_SUPPORTED_JURISDICTIONS', + Idv::Steps::VerifyBaseStep::AAMVA_SUPPORTED_JURISDICTIONS + [DocAuthHelper::ACUANT_RESULTS_TO_PII[:state_id_jurisdiction]], ) @@ -142,8 +142,8 @@ ) stub_const( - 'Idv::FormJurisdictionValidator::SUPPORTED_JURISDICTIONS', - Idv::FormJurisdictionValidator::SUPPORTED_JURISDICTIONS - + 'Idv::Steps::VerifyBaseStep::AAMVA_SUPPORTED_JURISDICTIONS', + Idv::Steps::VerifyBaseStep::AAMVA_SUPPORTED_JURISDICTIONS - [DocAuthHelper::ACUANT_RESULTS_TO_PII[:state_id_jurisdiction]], ) diff --git a/spec/forms/idv/jurisdiction_form_spec.rb b/spec/forms/idv/jurisdiction_form_spec.rb deleted file mode 100644 index 4446a5f5180..00000000000 --- a/spec/forms/idv/jurisdiction_form_spec.rb +++ /dev/null @@ -1,46 +0,0 @@ -require 'rails_helper' - -describe Idv::JurisdictionForm do - let(:supported_jurisdiction) { 'WA' } - let(:unsupported_jurisdiction) { 'CA' } - - let(:subject) { Idv::JurisdictionForm.new } - - describe '#submit' do - context 'when the form is valid' do - it 'returns a successful form response' do - result = subject.submit(state: supported_jurisdiction, ial2_consent_given: 'true') - - expect(result).to be_kind_of(FormResponse) - expect(result.success?).to eq(true) - expect(result.errors).to be_empty - end - end - - context 'when the form is invalid' do - it 'returns an unsuccessful form response' do - result = subject.submit(state: unsupported_jurisdiction, ial2_consent_given: 'true') - - expect(result).to be_kind_of(FormResponse) - expect(result.success?).to eq(false) - expect(result.errors).to include(:state) - end - end - end - - describe 'presence validations' do - it 'is invalid when required attribute is not present' do - subject.submit(state: nil, ial2_consent_given: 'true') - - expect(subject).to_not be_valid - end - end - - describe 'jurisdiction validity' do - it 'populates error for unsupported jurisdiction ' do - subject.submit(state: unsupported_jurisdiction, ial2_consent_given: 'true') - expect(subject.valid?).to eq false - expect(subject.errors[:state]).to eq [I18n.t('idv.errors.unsupported_jurisdiction')] - end - end -end diff --git a/spec/forms/idv/profile_form_spec.rb b/spec/forms/idv/profile_form_spec.rb deleted file mode 100644 index a532b372eda..00000000000 --- a/spec/forms/idv/profile_form_spec.rb +++ /dev/null @@ -1,170 +0,0 @@ -require 'rails_helper' - -describe Idv::ProfileForm do - let(:password) { 'a really long sekrit' } - let(:ssn) { '123-11-1234' } - let(:user) { create(:user, password: password) } - let(:subject) { Idv::ProfileForm.new(user: user, previous_params: {}) } - let(:profile_attrs) do - { - first_name: 'Some', - last_name: 'One', - ssn: '666661234', - dob: '19720329', - address1: '123 Main St', - address2: '', - city: 'Somewhere', - state: 'VA', - zipcode: '66044', - state_id_number: '123456789', - state_id_type: 'drivers_license', - } - end - - describe '#initialize' do - context 'when there are params from a previous submission' do - it 'assigns those params to the form' do - form = Idv::ProfileForm.new(user: user, previous_params: profile_attrs) - - expect(form.first_name).to eq('Some') - expect(form.last_name).to eq('One') - end - end - end - - describe '#submit' do - context 'when the form is valid' do - it 'returns a successful form response' do - result = subject.submit(profile_attrs) - expect(result).to be_kind_of(FormResponse) - expect(result.success?).to eq(true) - expect(result.errors).to be_empty - end - end - - context 'when the form is invalid' do - before { profile_attrs[:dob] = nil } - - it 'returns an unsuccessful form response' do - result = subject.submit(profile_attrs) - expect(result).to be_kind_of(FormResponse) - expect(result.success?).to eq(false) - expect(result.errors).to include(:dob) - end - end - - context 'when the form has invalid attributes' do - let(:profile_attrs) { super().merge(im_invalid: 'foobar') } - - it 'raises an error' do - expect { subject.submit(profile_attrs) }.to raise_error( - ArgumentError, 'im_invalid is an invalid profile attribute' - ) - end - end - end - - describe 'presence validations' do - it 'is invalid when required attribute is not present' do - %i[ - first_name last_name ssn dob address1 city state zipcode - state_id_number state_id_type - ].each do |attr| - subject.submit(profile_attrs.merge(attr => nil)) - expect(subject).to_not be_valid - end - end - end - - describe 'dob validity' do - context 'when dob is not parse-able' do - it 'is invalid' do - subject.submit(profile_attrs.merge(dob: '00000000')) - - expect(subject.valid?).to eq false - expect(subject.errors[:dob]).to eq [t('idv.errors.bad_dob')] - end - end - - context 'when dob is in the future' do - it 'is invalid' do - subject.submit(profile_attrs.merge(dob: (Time.zone.today + 1).strftime('%Y-%m-%d'))) - - expect(subject.valid?).to eq false - expect(subject.errors[:dob]).to eq [t('idv.errors.bad_dob')] - end - end - end - - describe 'zipcode validity' do - it 'accepts 9 numbers with optional `-` delimiting the 5th and 6th position' do - %w[12345 123454567 12345-1234].each do |valid_zip| - subject.submit(profile_attrs.merge(zipcode: valid_zip)) - expect(subject.valid?).to eq true - end - end - - it 'populates error for :zipcode when invalid' do - %w[1234 123Ac-1234 1234B].each do |invalid_zip| - subject.submit(profile_attrs.merge(zipcode: invalid_zip)) - expect(subject.valid?).to eq false - expect(subject.errors[:zipcode]).to eq [I18n.t('idv.errors.pattern_mismatch.zipcode')] - end - end - end - - describe 'ssn validity' do - it 'accepts 9 numbers with optional `-` delimiters' do - %w[123411111 123-11-1123].each do |valid_ssn| - subject.submit(profile_attrs.merge(ssn: valid_ssn)) - expect(subject.valid?).to eq true - end - end - - it 'populates errors for :ssn when invalid' do - %w[1234 123-1-1111 abc-11-1123].each do |invalid_ssn| - subject.submit(profile_attrs.merge(ssn: invalid_ssn)) - expect(subject.valid?).to eq false - expect(subject.errors[:ssn]).to eq [I18n.t('idv.errors.pattern_mismatch.ssn')] - end - end - end - - describe 'state id jurisdction validity' do - it 'populates error for unsupported jurisdiction ' do - subject.submit(profile_attrs.merge(state: 'AL')) - expect(subject.valid?).to eq false - expect(subject.errors[:state]).to eq [I18n.t('idv.errors.unsupported_jurisdiction')] - end - end - - describe 'state id type validity' do - it 'populates error for invalid state id type ' do - subject.submit(profile_attrs.merge(state_id_type: 'passport')) - expect(subject.valid?).to eq false - expect(subject.errors).to include(:state_id_type) - end - end - - describe 'state id number length validity' do - it 'populates error for invalid state id number length' do - subject.submit(profile_attrs.merge(state_id_number: '8' * 26)) - expect(subject.valid?).to eq false - expect(subject.errors).to include(:state_id_number) - end - end - - describe 'field lengths' do - it 'populates error for invalid lengths' do - %i[city first_name last_name address1 address2]. each do |symbol| - max_length(symbol) - end - end - end - - def max_length(symbol) - subject.submit(profile_attrs.merge(symbol => 'a' * 256)) - expect(subject.valid?).to eq false - expect(subject.errors).to include(symbol) - end -end From 4ecfe2af85cff3ba7c5c05e22f920f26f05ea73c Mon Sep 17 00:00:00 2001 From: Jonathan Hooper Date: Wed, 1 Apr 2020 15:35:30 -0400 Subject: [PATCH 10/11] pull out some unused code --- .../idv/session_errors_controller.rb | 8 -------- app/views/idv/session_errors/jobfail.html.erb | 19 ------------------- .../session_errors/recovery_warning.html.erb | 2 +- app/views/idv/session_errors/timeout.html.erb | 19 ------------------- app/views/idv/session_errors/warning.html.erb | 2 +- config/routes.rb | 2 -- spec/features/accessibility/idv_pages_spec.rb | 9 --------- .../idv/steps/confirmation_step_spec.rb | 3 ++- 8 files changed, 4 insertions(+), 60 deletions(-) delete mode 100644 app/views/idv/session_errors/jobfail.html.erb delete mode 100644 app/views/idv/session_errors/timeout.html.erb diff --git a/app/controllers/idv/session_errors_controller.rb b/app/controllers/idv/session_errors_controller.rb index 06dea87b133..86e06b98eec 100644 --- a/app/controllers/idv/session_errors_controller.rb +++ b/app/controllers/idv/session_errors_controller.rb @@ -9,14 +9,6 @@ def warning @remaining_step_attempts = remaining_step_attempts end - def timeout - @remaining_step_attempts = remaining_step_attempts - end - - def jobfail - @remaining_step_attempts = remaining_step_attempts - end - def failure; end private diff --git a/app/views/idv/session_errors/jobfail.html.erb b/app/views/idv/session_errors/jobfail.html.erb deleted file mode 100644 index 2fd9227798f..00000000000 --- a/app/views/idv/session_errors/jobfail.html.erb +++ /dev/null @@ -1,19 +0,0 @@ -<% title t("idv.failure.sessions.heading") %> - -<%= image_tag('alert/warning-lg.svg', alt: '', width: 54) %> - -

<%= t("idv.failure.sessions.heading") %>

- -

<%= t("idv.failure.sessions.jobfail") %>

- -
- -

<%= t('idv.failure.attempts_html', count: @remaining_step_attempts) %>

- -<%= render 'idv/shared/back_to_sp_link' %> - -
- <%= link_to t("idv.failure.button.jobfail"), idv_session_path %> -
- -<%= render 'idv/doc_auth/in_person_proofing_option' %> diff --git a/app/views/idv/session_errors/recovery_warning.html.erb b/app/views/idv/session_errors/recovery_warning.html.erb index 6ad1126a691..61cc10f2212 100644 --- a/app/views/idv/session_errors/recovery_warning.html.erb +++ b/app/views/idv/session_errors/recovery_warning.html.erb @@ -13,7 +13,7 @@ <%= render 'idv/shared/reset_your_account' %>
- <%= link_to t("idv.failure.button.warning"), idv_session_path %> + <%= link_to t("idv.failure.button.warning"), idv_doc_auth_path %>
<%= render 'idv/doc_auth/in_person_proofing_option' %> diff --git a/app/views/idv/session_errors/timeout.html.erb b/app/views/idv/session_errors/timeout.html.erb deleted file mode 100644 index 9a2b6ebaba5..00000000000 --- a/app/views/idv/session_errors/timeout.html.erb +++ /dev/null @@ -1,19 +0,0 @@ -<% title t("idv.failure.sessions.heading") %> - -<%= image_tag('alert/warning-lg.svg', alt: '', width: 54) %> - -

<%= t("idv.failure.sessions.heading") %>

- -

<%= t("idv.failure.sessions.timeout") %>

- -
- -

<%= t('idv.failure.attempts_html', count: @remaining_step_attempts) %>

- -<%= render 'idv/shared/back_to_sp_link' %> - -
- <%= link_to t("idv.failure.button.timeout"), idv_session_path %> -
- -<%= render 'idv/doc_auth/in_person_proofing_option' %> diff --git a/app/views/idv/session_errors/warning.html.erb b/app/views/idv/session_errors/warning.html.erb index f2da62bb93c..8a6a8362cac 100644 --- a/app/views/idv/session_errors/warning.html.erb +++ b/app/views/idv/session_errors/warning.html.erb @@ -13,7 +13,7 @@ <%= render 'idv/shared/back_to_sp_link' %>
- <%= link_to t("idv.failure.button.warning"), idv_session_path %> + <%= link_to t("idv.failure.button.warning"), idv_doc_auth_path %>
<%= render 'idv/doc_auth/in_person_proofing_option' %> diff --git a/config/routes.rb b/config/routes.rb index e634058c126..42b26c82762 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -271,8 +271,6 @@ get '/review' => 'review#new' put '/review' => 'review#create' get '/session/errors/warning' => 'session_errors#warning' - get '/session/errors/timeout' => 'session_errors#timeout' - get '/session/errors/jobfail' => 'session_errors#jobfail' get '/session/errors/failure' => 'session_errors#failure' get '/session/errors/throttled' => 'session_errors#throttled' get '/session/errors/recovery_failure' => 'session_errors#recovery_failure' diff --git a/spec/features/accessibility/idv_pages_spec.rb b/spec/features/accessibility/idv_pages_spec.rb index 6c207acd1ab..263ca453d20 100644 --- a/spec/features/accessibility/idv_pages_spec.rb +++ b/spec/features/accessibility/idv_pages_spec.rb @@ -13,15 +13,6 @@ expect(page).to be_accessible end - scenario 'basic info' do - sign_in_and_2fa_user - - visit idv_session_path - - expect(current_path).to eq idv_session_path - expect(page).to be_accessible - end - scenario 'cancel idv' do sign_in_and_2fa_user diff --git a/spec/features/idv/steps/confirmation_step_spec.rb b/spec/features/idv/steps/confirmation_step_spec.rb index 0d11ab90b9a..00856f6a75f 100644 --- a/spec/features/idv/steps/confirmation_step_spec.rb +++ b/spec/features/idv/steps/confirmation_step_spec.rb @@ -12,7 +12,8 @@ personal_key = 'a1b2c3d4e5f6g7h8' @user = sign_in_and_2fa_user - visit idv_session_path + + visit idv_path allow(RandomPhrase).to receive(:to_s).and_return(personal_key) complete_idv_steps_before_confirmation_step(@user) From 9bc96cc5c0c240a031d1944f9c879390b709cf3f Mon Sep 17 00:00:00 2001 From: Jonathan Hooper Date: Thu, 2 Apr 2020 10:20:39 -0400 Subject: [PATCH 11/11] get it all green --- config/locales/idv/en.yml | 3 --- config/locales/idv/es.yml | 3 --- config/locales/idv/fr.yml | 3 --- .../idv/session_errors_controller_spec.rb | 14 -------------- 4 files changed, 23 deletions(-) diff --git a/config/locales/idv/en.yml b/config/locales/idv/en.yml index 701c807a32e..a869d4fb94b 100644 --- a/config/locales/idv/en.yml +++ b/config/locales/idv/en.yml @@ -52,9 +52,6 @@ en: fail_html: For your security, identity verification for your account is locked for 24 hours. heading: We could not find records matching your personal information. - jobfail: Something went wrong and we cannot process your request at this time. - Please try again tomorrow. - timeout: Our request to verify your information timed out. warning: Please check the information you entered. Common mistakes are an incorrect Social Security Number, ZIP Code, or date of birth. forgot_password: diff --git a/config/locales/idv/es.yml b/config/locales/idv/es.yml index d4dc9c75d77..0cc96e1365f 100644 --- a/config/locales/idv/es.yml +++ b/config/locales/idv/es.yml @@ -55,9 +55,6 @@ es: bloqueada durante 24 horas. heading: No hemos podido encontrar registros que coincidan con su información personal. - jobfail: Algo ha fallado y no podemos procesar tu solicitud en este momento. - Vuelve a intentarlo mañana. - timeout: Nuestra solicitud para verificar tu información ha caducado. warning: Compruebe la información que ingresó. Los errores comunes son números incorrectos de Seguro Social, código postal o fecha de nacimiento. forgot_password: diff --git a/config/locales/idv/fr.yml b/config/locales/idv/fr.yml index 9440930b907..e23bb3903b4 100644 --- a/config/locales/idv/fr.yml +++ b/config/locales/idv/fr.yml @@ -58,9 +58,6 @@ fr: est verrouillée pendant 24 heures. heading: Nous ne trouvons pas de données qui correspondent à vos informations téléphoniques. - jobfail: Un problème s'est produit et nous ne pouvons pas traiter votre demande - pour le moment. Veuillez réessayer demain. - timeout: Notre demande de vérification de vos renseignements a expiré. warning: Veuillez vérifier l'information que vous avez fournie. Un numéro de sécurité sociale, un code ZIP ou une date de naissance mal écrits sont des erreurs communes. diff --git a/spec/controllers/idv/session_errors_controller_spec.rb b/spec/controllers/idv/session_errors_controller_spec.rb index 758ae7986c4..4275f20818d 100644 --- a/spec/controllers/idv/session_errors_controller_spec.rb +++ b/spec/controllers/idv/session_errors_controller_spec.rb @@ -60,20 +60,6 @@ it_behaves_like 'an idv session errors controller action' end - describe '#timeout' do - let(:action) { :timeout } - let(:template) { 'idv/session_errors/timeout' } - - it_behaves_like 'an idv session errors controller action' - end - - describe '#jobfail' do - let(:action) { :jobfail } - let(:template) { 'idv/session_errors/jobfail' } - - it_behaves_like 'an idv session errors controller action' - end - describe '#failure' do let(:action) { :failure } let(:template) { 'idv/session_errors/failure' }