Preparing for Rails 6 Upgrade

Gemfile

@@ -96,7 +96,7 @@ group :development, :test do
   gem 'pry-byebug'
   gem 'psych'
   gem 'puma'
-  gem 'rspec-rails', '~> 3.9', '>= 3.9.1'
+  gem 'rspec-rails', '~> 4.0'
   gem 'rubocop', '~> 0.91.0', require: false
   gem 'rubocop-rails', '>= 2.5.2', require: false
   gem 'slim_lint'

Gemfile.lock

@@ -278,7 +278,7 @@ GEM
     enumerable-statistics (2.0.1)
     equalizer (0.0.11)
     errbase (0.2.0)
-    erubi (1.9.0)
+    erubi (1.10.0)
     exception_notification (4.4.3)
       actionmailer (>= 4.0, < 7)
       activesupport (>= 4.0, < 7)
@@ -538,20 +538,20 @@ GEM
       rspec-mocks (~> 3.9.0)
     rspec-core (3.9.3)
       rspec-support (~> 3.9.3)
-    rspec-expectations (3.9.2)
+    rspec-expectations (3.9.4)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.9.0)
     rspec-mocks (3.9.1)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.9.0)
-    rspec-rails (3.9.1)
-      actionpack (>= 3.0)
-      activesupport (>= 3.0)
-      railties (>= 3.0)
-      rspec-core (~> 3.9.0)
-      rspec-expectations (~> 3.9.0)
-      rspec-mocks (~> 3.9.0)
-      rspec-support (~> 3.9.0)
+    rspec-rails (4.0.1)
+      actionpack (>= 4.2)
+      activesupport (>= 4.2)
+      railties (>= 4.2)
+      rspec-core (~> 3.9)
+      rspec-expectations (~> 3.9)
+      rspec-mocks (~> 3.9)
+      rspec-support (~> 3.9)
     rspec-support (3.9.4)
     rubocop (0.91.0)
       parallel (~> 1.10)
@@ -645,7 +645,7 @@ GEM
     temple (0.8.2)
     terminal-table (1.8.0)
       unicode-display_width (~> 1.1, >= 1.1.1)
-    thor (0.20.3)
+    thor (1.0.1)
     thread_safe (0.3.6)
     tilt (2.0.10)
     timecop (0.9.2)
@@ -659,7 +659,7 @@ GEM
       rails (>= 3.1.1)
       randexp
       rotp (>= 3.2.0)
-    tzinfo (1.2.7)
+    tzinfo (1.2.8)
       thread_safe (~> 0.1)
     uglifier (3.2.0)
       execjs (>= 0.3.0, < 3)
@@ -801,7 +801,7 @@ DEPENDENCIES
   redis-session-store (>= 0.11.3)
   rotp (~> 3.3.1)
   rqrcode
-  rspec-rails (~> 3.9, >= 3.9.1)
+  rspec-rails (~> 4.0)
   rubocop (~> 0.91.0)
   rubocop-rails (>= 2.5.2)
   ruby-progressbar

app/controllers/application_controller.rb

@@ -5,7 +5,7 @@ class ApplicationController < ActionController::Base
   include UserSessionContext
   include VerifyProfileConcern
   include LocaleHelper
-  include VerifySPAttributesConcern
+  include VerifySpAttributesConcern
 
   FLASH_KEYS = %w[error info success warning other].freeze
   FLASH_KEY_MAP = { 'notice' => 'info', 'alert' => 'error' }.freeze

app/controllers/concerns/secure_headers_concern.rb

@@ -28,7 +28,7 @@ def csp_uris
   end
 
   def authorize_params
-    URIService.params(stored_url_for_user)
+    UriService.params(stored_url_for_user)
   end
 
   private

app/controllers/concerns/verify_sp_attributes_concern.rb

@@ -1,4 +1,4 @@
-module VerifySPAttributesConcern
+module VerifySpAttributesConcern
   def needs_completions_screen?
     sp_session[:issuer].present? &&
       (sp_session_identity.nil? ||

app/controllers/users/piv_cac_login_controller.rb

@@ -1,7 +1,7 @@
 module Users
   class PivCacLoginController < ApplicationController
     include PivCacConcern
-    include VerifySPAttributesConcern
+    include VerifySpAttributesConcern
     include TwoFactorAuthenticatableMethods
 
     def new

app/decorators/service_provider_session_decorator.rb

@@ -104,7 +104,7 @@ def sp_name
 
   def sp_return_url
     if sp.redirect_uris.present? && valid_oidc_request?
-      URIService.add_params(
+      UriService.add_params(
         oidc_redirect_uri,
         error: 'access_denied',
         state: request_params[:state],
@@ -185,6 +185,6 @@ def oidc_redirect_uri
   end
 
   def request_params
-    @request_params ||= URIService.params(request_url)
+    @request_params ||= UriService.params(request_url)
   end
 end

app/forms/openid_connect_authorize_form.rb

@@ -83,7 +83,7 @@ def success_redirect_uri
     uri = redirect_uri unless errors.include?(:redirect_uri)
     code = identity&.session_uuid
 
-    URIService.add_params(uri, code: code, state: state) if code
+    UriService.add_params(uri, code: code, state: state) if code
   end
 
   def ial_values
@@ -189,7 +189,7 @@ def result_uri
   def error_redirect_uri
     uri = redirect_uri unless errors.include?(:redirect_uri)
 
-    URIService.add_params(
+    UriService.add_params(
       uri,
       error: 'invalid_request',
       error_description: errors.full_messages.join(' '),

app/forms/openid_connect_logout_form.rb

@@ -80,13 +80,13 @@ def redirect_uri
   def logout_redirect_uri
     uri = post_logout_redirect_uri unless errors.include?(:redirect_uri)
 
-    URIService.add_params(uri, state: state)
+    UriService.add_params(uri, state: state)
   end
 
   def error_redirect_uri
     uri = post_logout_redirect_uri unless errors.include?(:redirect_uri)
 
-    URIService.add_params(
+    UriService.add_params(
       uri,
       error: 'invalid_request',
       error_description: errors.full_messages.join(' '),

app/helpers/session_timeout_warning_helper.rb

@@ -12,7 +12,7 @@ def warning
   end
 
   def timeout_refresh_path
-    URIService.add_params(
+    UriService.add_params(
       request.original_fullpath,
       timeout: true,
     )&.html_safe # rubocop:disable Rails/OutputSafety

app/services/completions_decider.rb

@@ -22,6 +22,6 @@ def client
   end
 
   def redirect_uri
-    @redirect_uri ||= URIService.params(request_url)[:redirect_uri]
+    @redirect_uri ||= UriService.params(request_url)[:redirect_uri]
   end
 end

app/services/encryption/kms_client.rb

@@ -119,7 +119,7 @@ def encryptor
     end
 
     def multi_aws_client
-      @multi_aws_client ||= MultiRegionKMSClient.new
+      @multi_aws_client ||= MultiRegionKmsClient.new
     end
   end
 end

app/services/encryption/multi_region_kms_client.rb

@@ -1,6 +1,6 @@
 require 'json'
 module Encryption
-  class MultiRegionKMSClient
+  class MultiRegionKmsClient
     def initialize
       @aws_clients = {}
       # Instantiate an array of aws clients based on the provided regions in the environment

app/services/uri_service.rb

@@ -1,4 +1,4 @@
-module URIService
+module UriService
   def self.params(original_uri)
     uri = URI(original_uri)
     Rack::Utils.parse_nested_query(uri.query).with_indifferent_access

config/application.rb

@@ -2,6 +2,7 @@
 require 'rails/all'
 require_relative '../lib/upaya_log_formatter'
 require_relative '../lib/app_config'
+require_relative '../lib/fingerprinter'
 
 Bundler.require(*Rails.groups)
 
@@ -10,8 +11,11 @@
 module Upaya
   class Application < Rails::Application
     AppConfig.setup(YAML.safe_load(File.read(Rails.root.join('config', 'application.yml'))))
+
+    config.load_defaults '5.2'
+    config.active_record.belongs_to_required_by_default = false
+
     config.active_job.queue_adapter = 'inline'
-    config.autoload_paths << Rails.root.join('app', 'mailers', 'concerns')
     config.time_zone = 'UTC'
 
     config.i18n.load_path += Dir[Rails.root.join('config', 'locales', '**', '*.{yml}')]

config/initializers/idv_proofer.rb

@@ -1,2 +1 @@
-Dir[Rails.root.join('lib', 'proofer_mocks', '*')].sort.each { |file| require file }
 Idv::Proofer.validate_vendors!

config/initializers/saml_idp.rb

@@ -1,5 +1,4 @@
 require 'feature_management'
-require 'service_provider'
 
 SamlIdp.configure do |config|
   protocol = Rails.env.development? ? 'http://' : 'https://'

spec/controllers/concerns/verify_sp_attributes_concern_spec.rb

@@ -1,8 +1,8 @@
 require 'rails_helper'
 
-RSpec.describe VerifySPAttributesConcern do
+RSpec.describe VerifySpAttributesConcern do
   controller ApplicationController do
-    # ApplicationController already includes VerifySPAttributesConcern
+    # ApplicationController already includes VerifySpAttributesConcern
   end
 
   describe '#consent_has_expired?' do

spec/controllers/openid_connect/authorization_controller_spec.rb

@@ -40,7 +40,7 @@
 
           expect(response).to redirect_to(/^#{params[:redirect_uri]}/)
 
-          redirect_params = URIService.params(response.location)
+          redirect_params = UriService.params(response.location)
 
           expect(redirect_params[:code]).to be_present
           expect(redirect_params[:state]).to eq(params[:state])
@@ -124,7 +124,7 @@
 
             expect(response).to redirect_to(/^#{params[:redirect_uri]}/)
 
-            redirect_params = URIService.params(response.location)
+            redirect_params = UriService.params(response.location)
 
             expect(redirect_params[:code]).to be_present
             expect(redirect_params[:state]).to eq(params[:state])
@@ -140,7 +140,7 @@
 
           expect(response).to redirect_to(/^#{params[:redirect_uri]}/)
 
-          redirect_params = URIService.params(response.location)
+          redirect_params = UriService.params(response.location)
 
           expect(redirect_params[:error]).to eq('invalid_request')
           expect(redirect_params[:error_description]).to be_present

spec/controllers/voice/otp_controller_spec.rb

@@ -83,7 +83,7 @@
           doc = Nokogiri::XML(response.body)
           gather = doc.css('Gather').first
 
-          params = URIService.params(gather[:action])
+          params = UriService.params(gather[:action])
           expect(params[:locale]).to eq('es')
         end
       end
@@ -106,7 +106,7 @@
           doc = Nokogiri::XML(response.body)
           gather = doc.css('Gather').first
 
-          params = URIService.params(gather[:action])
+          params = UriService.params(gather[:action])
           expect(params[:locale]).to eq('fr')
         end
       end
@@ -125,7 +125,7 @@
 
         doc = Nokogiri::XML(response.body)
         gather = doc.css('Gather').first
-        params = URIService.params(gather[:action])
+        params = UriService.params(gather[:action])
 
         expect(cipher.decrypt(params[:encrypted_code])).to eq(code)
       end

spec/features/openid_connect/openid_connect_spec.rb

@@ -221,7 +221,7 @@
       verified_within: '1w',
     )
 
-    redirect_params = URIService.params(current_url)
+    redirect_params = UriService.params(current_url)
 
     expect(redirect_params[:error]).to eq('invalid_request')
     expect(redirect_params[:error_description]).

spec/forms/openid_connect_logout_form_spec.rb

@@ -39,7 +39,7 @@
       end
 
       it 'has a redirect URI without errors' do
-        expect(URIService.params(result.extra[:redirect_uri])).to_not have_key(:error)
+        expect(UriService.params(result.extra[:redirect_uri])).to_not have_key(:error)
       end
 
       it 'has a successful response' do
@@ -55,7 +55,7 @@
       end
 
       it 'has an error code in the redirect URI' do
-        expect(URIService.params(result.extra[:redirect_uri])[:error]).to eq('invalid_request')
+        expect(UriService.params(result.extra[:redirect_uri])[:error]).to eq('invalid_request')
       end
     end
   end

spec/services/encryption/multi_region_kms_client_spec.rb

@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Encryption::MultiRegionKMSClient do
+describe Encryption::MultiRegionKmsClient do
   before do
     stub_mapped_aws_kms_client(
       'a' * 3000 => 'kms1',

spec/services/uri_service_spec.rb

@@ -1,11 +1,11 @@
 require 'rails_helper'
 
-RSpec.describe URIService do
+RSpec.describe UriService do
   describe '.params' do
     it 'parses params out as a hash from a URI' do
       uri = 'https://example.com/foo/bar?a=b&c=d'
 
-      params = URIService.params(uri)
+      params = UriService.params(uri)
 
       expect(params).to eq('a' => 'b', 'c' => 'd')
       expect(params).to include(a: 'b', c: 'd'), 'also supports indifferent access'
@@ -15,32 +15,32 @@
   describe '.add_params' do
     it 'adds params to uris and escapes them correctly' do
       original_uri = 'https://example.com/foo/bar/'
-      uri = URIService.add_params(original_uri, query: 'two words')
+      uri = UriService.add_params(original_uri, query: 'two words')
 
       expect(uri).to eq('https://example.com/foo/bar/?query=two+words')
     end
 
     it 'appends to existing query parameters' do
       original_uri = 'https://example.com/foo/bar/?a=b&c=d'
-      uri = URIService.add_params(original_uri, e: 'f')
+      uri = UriService.add_params(original_uri, e: 'f')
 
       expect(uri).to eq('https://example.com/foo/bar/?a=b&c=d&e=f')
     end
 
     it 'is nil with a nil uri' do
-      uri = URIService.add_params(nil, foo: 'bar')
+      uri = UriService.add_params(nil, foo: 'bar')
 
       expect(uri).to be_nil
     end
 
     it 'is nil with a blank string uri' do
-      uri = URIService.add_params('', foo: 'bar')
+      uri = UriService.add_params('', foo: 'bar')
 
       expect(uri).to be_nil
     end
 
     it 'is nil with a bad uri' do
-      uri = URIService.add_params('https://example.com/new.2;;9429"{+![$]`}9839')
+      uri = UriService.add_params('https://example.com/new.2;;9429"{+![$]`}9839')
 
       expect(uri).to be_nil
     end