Merged
Conversation
* Use doc auth result value from document if present **Why**: So that it is available from when response values are checked (e.g. for result type) * Include doc_auth_result in async form extra Consistency with ApiImageUploadForm, and availability to check if failure type * LG-6625: Hide IPP troubleshooting option for failures **Why**: So that the option to proof in person is only extended to those who would be successful in proofing. changelog: Upcoming Features, In-person proofing, Hide troubleshooting option for document capture failure results * LG-6625: Fix and expand coverage for doc auth controller tests * LG-6625: Fix image upload controller tests * LG-6625: Remove global config from test * LG-6625: Fix and expand coverage for image upload response presenter tests * LG-6625: Expand tests to cover new field for verification form * LG-6625: Expand tests to cover troubleshooting options change * LG-6625: Add changelog commit changelog: Upcoming features, In-person proofing, Hide IPP troubleshooting option for failures * Add specs for explicit mock doc_auth_result control * Use code constant for failed https://github.com/18F/identity-idp/pull/6597/files#r923796328 * Add test case for error isFailedResult * Use constant names for doc_auth_result_from_success Similar to d165e88 * Set PII assertion to exact expected array https://github.com/18F/identity-idp/pull/6597/files#r930062965 Co-authored-by: Tim Bradley <timothy.bradley@gsa.gov>
[skip changelog]
* Allow SAMEORIGIN frames for environments with mailer previews enabled * LG-6343: Implement email template for "Ready to verify" changelog: Upcoming Features, In-Person Proofing, Implement "Ready to verify" email notification * Add BarcodeComponent * Use BarcodeComponent in "ready to verify" views * Add label to table element * Remove unnecessary require statements from presenter * Downgrade markup for email compatibility Should have same semantics in supported browsers Resources: - https://www.caniemail.com/features/html-semantics/ - https://developer.mozilla.org/en-US/docs/Web/Accessibility/ARIA/Roles/figure_role See: https://github.com/18F/identity-idp/pull/6585/files#r922457944 * Fix table spacing in web display * Sync markup to ready_to_verify controller * Add translations for ready to verify email * Use distinct header for ready to verify email * Parameterize greeting name * Add Spanish intro text for ready to verify email * Delete specs for removed methods * Add specs for BarcodeComponent * Simplify email markup for template Semantics would be nice, but won't want to risk content being hidden due to lack of support * Adjust heading styles * Tighten up padding * Use raster version of info icon Better email support See included README.md See: #6585 (comment) * Standardize font size for alert, retail hours headings See: - #6585 (comment) - #6585 (comment) * Remove unused/redundant enrollment delegate See: https://github.com/18F/identity-idp/pull/6585/files#r930104152 * Hide selected location when absent https://github.com/18F/identity-idp/pull/6585/files#r930142047 * Try nudging parallelization GitLab crashing again * Parallelize 8 * turn it up to 11
**Why**: As a public user trying to proof online I want to see the details of my newly scheduled in-person proofing visit to the USPS as an email so that I can reference it later. changelog: Upcoming Features, In-Person Proofing, Implement "Ready to verify" email notification
* changelog: Bug Fixes, Authentication, Fix redirect bugs related to regenerating backup codes and add Content Security Policy headers to when user skips adding MFA (LG-6992) Co-authored-by: Mitchell Henke <mitchell.henke@gsa.gov>
* LG-6437: Show "Ready to verify" page for pending IPP profile **Why**: So that a user who is directed to verify their identity while already having begun an in-person proofing attempt will have the opportunity to view the instructions to proof in person again. changelog: Upcoming Features, In-person proofing, Show in-person instructions on repeat visits * LG-6897/LG-6868/LG-6437: Set pending profile state for IPP * Fix "clear and start over" with pending enrollment * Assert that account is not verified * Fix password confirm controller spec considering GPO pending * Clarify reproofing instruction spec comment Co-authored-by: Sheldon Bachstein <sheldon.bachstein@gsa.gov> * Rename verification_pending to gpo_verification_pending See: #6634 (comment) * Initialize profile with nil deactivation_reason So that we don't have to worry about "initial pending" being conflated with "gpo verification pending", and instead defer to `active: false` as indicator See: #6634 (comment) * Add feature flag guard for IPP Co-authored-by: Sheldon Bachstein <sheldon.bachstein@gsa.gov>
* new locations controller * location components * update proofer & post office * update step * update usps locations controller with new proofer file * update mock proofer * usps locations controller pilot facilities test * add and use pilot USPS locations * successfully sends selected location to controller * reads & writes location from session * update translations * show nothing if no location * pass empty locations on error * pull selected location from session * fix feature test by clicking the first Select * add changelog changelog: Upcoming Features, In-Person Proofing, Add the location page to the IPP flow (LG-6089) * persist location selection * add controller tests * fix & add tests * mailer uses selected_location_details format Co-authored-by: Shannon Alexander <shannonalexander@Shannons-MBP.fios-router.home> Co-authored-by: Shannon A <20867088+svalexander@users.noreply.github.com> Co-authored-by: Tim Bradley <timothy.bradley@gsa.gov>
* LG_6949 Add AttemptsAPI Logout: SessionsController changelog: Internal, Attempts API, Track additional events
[skip changelog]
* Initialize IPP pii_from_user with user UUID **Why**: Because it's a required attribute for the real resolution vendor implementation, which otherwise fails without it. changelog: Upcoming Features, In-person proofing, Add missing user UUID attribute for proofing jobs * Include UUID in GPO resolution call * Update agent_spec specs to use passable applicant data
**Why**: Consolidating documentation and removing links that may not be referenced frequently [skip changelog]
* Create enrollment even in FSM v1 config * Fix broken helper * LG-6437: Show "Ready to verify" page for pending IPP profile **Why**: So that a user who is directed to verify their identity while already having begun an in-person proofing attempt will have the opportunity to view the instructions to proof in person again. changelog: Upcoming Features, In-person proofing, Show in-person instructions on repeat visits * Use correct user pii session data * Ensure IPP profiles don't get activated in fsm v1 * LG-6897/LG-6868/LG-6437: Set pending profile state for IPP * Fix lint failure changelog: Upcoming features, In-person proofing, enroll users in USPS IPP in FSM v1 flow * Fix "clear and start over" with pending enrollment * Add specs for IPP users * Assert that account is not verified * Fix password confirm controller spec considering GPO pending * Move enrollment-creation to profile creation form * Clarify reproofing instruction spec comment Co-authored-by: Sheldon Bachstein <sheldon.bachstein@gsa.gov> * Rename verification_pending to gpo_verification_pending See: #6634 (comment) * Initialize profile with nil deactivation_reason So that we don't have to worry about "initial pending" being conflated with "gpo verification pending", and instead defer to `active: false` as indicator See: #6634 (comment) * Use proofing component to check IPP status * Remove conflict error message * Remove lint error message * Fix merge conflicts * Use proofing component instead of enrollment * Save same_address_as_id to PII * Stub PII using user profile * Mock user session for profile creation form * Fix line length lint error * Use pii from session instead of user_session * Only check the current GPO profile for IPP Only checks the current pending profile for proofing components related to IPP, just in case the user manages to create additional profiles while they are awaiting GPO verification Co-authored-by: Andrew Duthie <andrew.duthie@gsa.gov>
* LG-7004-configs-threatmatrix changelog: Upcoming Features, Config, Add ThreatMatrix configs - LG-7004 * Update config/application.yml.default Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com> * Fixed name spelling Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com>
* Use selected location details from session **Why**: Because the user's selection should be respected. changelog: Upcoming Features, In-person proofing, Use user's selected location for USPS enrollment * Add regression feature spec * Specs
* change third process circle number * remove notification of sent email from email copy [skip changelog]
* upgrade to rails 7 * fix N+1 * allow external redirect to PIVCAC changelog: Internal, Dependencies, Update to Rails 7
* LG-7035: Clear in-person proofing session when starting over **Why**: So that a user can start over from the beginning and not be skipped past other steps. changelog: Upcoming Features, In-person proofing, Implement "Start Over" for in-person proofing * Add missing sign in
…6651) **Why**: The user's profile is not verified until they finish proofing in person. changelog: Upcoming Features, In-person proofing, Avoid sending account verified email for in-person proofing
changelog: Upcoming Features, Config, Add feature flags for Device Profiling * proofing_device_profiling_collecting_enabled enables the device profiling integration with ThreatMetrix * proofing_device_profiling_decisioning_enabled enables decisioning based on the results from ThreatMetrix
**Why**: The description was copy-pasted from another linter, causing more confusion [skip changelog]
**Why**: So that a Spanish user sees Spanish content, not French. changelog: Upcoming Features, In-person proofing, Fix Spanish label for "Retail hours"
* add precision values to schema * changelog [skip changelog]
#6632) * Updates from design QA changelog: Improvements, In-person proofing, translation updates * Normalize YAML Co-authored-by: Andrew Duthie <andrew.duthie@gsa.gov>
**Why**: Per designs, a user should have an opportunity to cancel or start over at any point in the flow. changelog: Upcoming Features, In-person proofing, Add "Cancel" link to every step
* Retrieve PII from VA Inherited Proofing API changelog: Upcoming Features, Inherited Proofing, VA User Request and Response for PII (LG-6797) * Lg 6797 services specs and clean up (#6648) * Retrieve PII from VA Inherited Proofing API Add a spec helper to get the private key we need for our tests * Set up service specs * Update uri * Spec clean up Co-authored-by: gangelo <web.gma@gmail.com> * Use IdentityConfig.store for VA IP base url * Remove Identity::Hostdata.in_datacenter? guard * Linting and cleanup Co-authored-by: Melissa Miller <lis.d.miller@gmail.com> Co-authored-by: Melissa Miller <melissa.miller@gsa.gov>
* pass location selection between pages * don't show the alert if there's no location passed [skip changelog]
And specs. changelog: Upcoming Features, Inherited Proofing, Validate incoming VA inherited proofing fields in payload (LG-6899)
changelog: Internal, Continuous Integration, Add Pinpoint Check to GitLab CI
changelog: Internal, Configuration, Enable Numeric OTP by default
[skip changelog]
…6661) * db changes * set enrollment established at * account for existing enrollment when scheduling - rename save_in_person_enrollment to schedule_in_person_enrollment - update an existing establishing enrollment * make EnrollmentHelper methods class methods * store location in enrollment instead of session * Convert document-capture-polling to TypeScript * Use effective user for USPS location Because it may be called in the hybrid session * Detect capture doc status for IPP opt-in redirect * Cancel previous enrollments early in IDV flow * Support non-patch value update from steps So we can avoid close-tab prompt when user finishes * Add switch back UI for hybrid IPP opt-in * changelog: Upcoming Features, In-person proofing, Add support for hybrid document capture in-person opt-in * Add text alternative for switch back image * Use switch back heading content for IPP * Fix hybrid switch back prompt on navigate * Fix/update document-capture-poling specs * Account for nil session in revised redirect_url logic * Add spec for doc capture status IPP opt-in * Add spec for FormSteps onChange patch option * Add WelcomeStep service specs * Fix lint error * Add hybrid feature spec * Avoid (redundant) stale cancellation Also avoids creating a new establishing record each request * Update UspsLocationsController specs * Remove schedule_in_person_enrollment selected location concerns Should be set by the time we reach here, via document capture step * Associate profile with enrollment at completion of IdV Since it needs to be pre-assigned by the time we call schedule_in_person_enrollment from GPO confirmation, where enrollment is still establishing * Allow profile associated with establishing enrollment We assign the profile at initial creation (password entry) so that it's available later when GPO code is verified, since enrollment would still be establishing at that point, and we would not otherwise know which profile is associated with the enrollment * Update PasswordConfirmController specs for updated behavior Primarily, we're expecting that the enrollment record is already created by the time this controller is called, where previously it was assumed to be created during the controller call itself * Assert redirect URL on capture doc status controller response https: //github.com//pull/6661#discussion_r934777283 Co-Authored-By: Tomas Apodaca <45415133+tomas-nava@users.noreply.github.com> * Update "pending" enrollment to reference establishing Enrollment doesn't become pending until we actually schedule with USPS' API. At the point of these test cases, we expect the enrollment to still be establishing Co-Authored-By: Tomas Apodaca <45415133+tomas-nava@users.noreply.github.com> * Update GpoVerifyForm specs Enrollment now already exists, should be set to pending Co-authored-by: Tomas Apodaca <thomas.apodaca@gsa.gov> Co-authored-by: Tomas Apodaca <45415133+tomas-nava@users.noreply.github.com>
* Initial commit of files/settings for acuant 11.7.0 sdk * Updating AcuantDocumentState to reflect new sdk changes -- What The new 11.7.0 sdk adds a property to the AcuantDocumentState called `BIG_DOCUMENT`, which is an indication that the image is too close to the document. Note also that the enum values have changed as a result. This is described in the migration doc: https://github.com/Acuant/JavascriptWebSDKV11/blob/master/docs/MigrationDetails.md changelog: Improvement, SDK, Updating Acuant SDK to 11.7.0 (LG-6785) * Adding Acuant SDK DOM Loading Tests -- What There appears to be some difference in how the 11.7 and 11.5 SDKs load the AcuantJavascriptWebSdk object into the browser's global namespace once the script tag has been loaded and `loadAcuantSdk` has been called. I wrote a s few tests that confirm the behavior I was seeing in my personal browser interactions and debugging sessions. changelog: Improvement, SDK, Updating Acuant SDK to 11.7.0 (LG-6785) * Updating Acuant components to use new globals -- What In a previous (11.5.0) version of the SDK, objects like AcuantJavascriptWebSdk and AcuantCamera were placed onto the browser's global window object. But in the new (11.7.0) SDK, they are no longer present on window -- instead, they reside alone in the global namespace via `let` declarations at the highest scope. This commit represents elementary changes to two files that reference these objects in the global namspace, rather than on window where they don't exist anymore (and were therefore erroring). The type annotations still need to be dealt with appropriately. However, the acuant sdk now loads and appears to work properly in the local manual testing environment. changelog: Improvements, SDK update, Updating the Acuant SDK * Switching acuant context file to typescript * Adding French and Spanish localizations for BIG_DOCUMENT -- What The new Acuant SDK image warning BIG_DOCUMENT, which specifies that the camera is "too close" to the document, has messages that have now been localized into French and Spanish, as well as the original English. * Updating window object checking and fixing tests -- What Because of the discrepancy between the 11.5.x and 11.7.x SDKs in how they declare globals like AcuantJavascriptWebSdk and AcuantCameraUI, I have now included a check in the acuant.jsx context file that will try to find those objects on the global window object and, if not present, simply return the result of using those variables at the global scope (which is how 11.7.x defines them). The benefit of this approach is that we don't have to rewrite or edit a bunch of the frontend tests. changelog: Improvements, Acuant SDK upgrade, dealing with variable declarations * Fixing AcuantCamera and AcuantCameraUI global checks -- What We were checking for the AcuantCamera and AcuantCameraUI objects at the wrong moment in the flow, which was causing errors when attempting to load the actual camera. This is now resolved. changelog: Improvements, SDK upgrade, fixing remaining global variable issues * Updating comment formatting and adding guards for globals -- What - Switching property and function description comments to use docblock format, which is better for VSCode users; - Adding guards to global Acuant SDK variable getter methods - Removing leftover type annotations from acuant.tsx file changelog: Improvements, Formatting, Acuant SDK upgrade comment formatting and guards * Fixing typo in localization yaml config * Update app/javascript/packages/document-capture/components/acuant-camera.jsx Co-authored-by: Andrew Duthie <andrew.duthie@gsa.gov> * Removing tests for 11.5.0 Acuant SDK loading * Excluding acuant sdk directories from code-climate checks * Removing symlinked fr dir in public folder * Fixing caught eslint errors -- Notes I have included an ignore line in acuant-camera.jsx where we refer to the global AcuantCameraUI without first declaring it. This is due to the new behavior Acuant introduced in the 11.7.0 SDK, where they are declaring variables in the global scope (but not in the window) * Updating acuant-camera to tsx and associated typescript changes -- What Several problems swirled together in the type system that necessitated refactoring the acuant-camera component to be a tsx/typescript file. First, the typechecker could not handle an undefined global AcuantCameraUI reference, and the JSDoc type annotations seem to not have a way to deal with this while plain typescript does. Second, the change to using a guard clause for trying to reason about the presence of the global variable also threw off the typechecker. In this commit we've opted for a different approach, which is to simply log the condition where neither the window nor the global namespace has a reference to the importan Acuant globals when they are needed (AcuantJavascriptWebSdk, AcuantCamera, etc). This might not be the ideal choice, but for the moment it beats fighting with the typechecker. * Adding normalized yaml localization files * Update app/javascript/packages/document-capture/components/acuant-camera.tsx Co-authored-by: Andrew Duthie <andrew.duthie@gsa.gov> * Updating definition of exports in tsx files Co-authored-by: Andrew Duthie <andrew.duthie@gsa.gov> Co-authored-by: Eric Gade <ecgade@macbook-m1.lan>
#6663) * LG-6998: add additional logging for mfa setup path * update attribute name * update spec * update backup controller * setup form * totp setup form spec * clean up analytics events * LG-6998: update more rspecs * LG-6998: fix two factor setup spec * changelog: Internal, Logging, Added additional logs to ensure when users go through flow, we can better track movements LG-6998 * changelog: Internal, Logging, Add additional logging for account creation flow (LG-6998) * rubocop * add enabled method count
… set to passed (#6665) * add styles to email stylesheet * add heading strings * add verified email strings * add route * create verified email and show in preview * add send verified email to jobs * lint fix * fix urls? and normalize yaml * can hide title in layout, added to new template * use rasterized header image & add padding * use the standard email button size * use existing sample enrollment data for preview * send email in job, remove user's first name * rename presenter methods * tests * add changelog changelog: Upcoming Features, In-Person Proofing, Implement "You verified" email notification * fix i18n test failures * LG-6434: Create template for "Your identity could not be verified" email, and send when status is set to failed (#6676) * add strings * fr strings added * refactor presenter * add failure email ui * update spec to use refactored presenter * failure email * normalize yaml, split list into steps * email styles: no header image, bold list opener * mover lower part of both emails into a partial * Interpolate app_name Required by tests for single point of update * styling changes Co-authored-by: Shannon Alexander <shannonalexander@Shannons-MBP.fios-router.home> Co-authored-by: Andrew Duthie <andrew.duthie@gsa.gov> Co-authored-by: Shannon Alexander <shannonalexander@Shannons-MBP.fios-router.home> Co-authored-by: Andrew Duthie <andrew.duthie@gsa.gov>
…Flow (#6675) * LG-6845: Make back link work on SSN page of IPP flow * LG-6845: Fix try again button behavior for IPP flow * LG-6845: Update session errors controller unit test * changelog: Upcoming Features, In-person proofing, Fix "Try again" button and SSN "< Back" link/button for IPP Flow * LG-6845: Remove commented out code * LG-6845: Fix test and lint issues * LG-6845: Implement peer review suggestions - Switch to using @step_url in shared back button/link ERB template - Switch from referrer to query param for try again path * LG-6845: Remove extra unused param from SSN template and usages * LG-6845: Use path instead of full URL for try again button * LG-6845: Fix existing tests to account for new URI parameter
Resolves LG-7075 Adds a new security event for when users change their passwords, both for account recovery as well as for intentional password changes. Also updates the default SP config to include a push notification URL for the local Dashboard in development. changelog: Improvements, Security, Add security event for password resets
* hide broken help links * add changelog [skip changelog] * lint & test fixes
#6673) * Validate data from VA IP API which amounts to presence: true changelog: Upcoming Features, Inherited Proofing, Validate incoming VA inherited proofing data is present in payload (LG-6902)
* Retrieve PII from VA Inherited Proofing API changelog: Upcoming Features, Inherited Proofing, VA User Request and Response for PII (LG-6797) * Saving work * saving work things are working * Specs to confirm decryption behavior * Break out context for clarity plus additional comments * Clean up * Remove unneeded file * More clean up * nonsense * Encrypted data using test key for testing Co-authored-by: gangelo <web.gma@gmail.com>
* Fix 500 error when handling unsafe redirects changelog: Bug Fixes, Security, Fix 500 error when handling unsafe redirects * Update app/controllers/application_controller.rb Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com> Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com>
…ction for pivcac (LG-7020) (#6678)
* LG-6668 safeguard failed message
* LG-7132: Make the date parsing in TrueID Response more robust. changelog: Bug Fixes, Document Authentication, Don't throw an exception on a bad DOB/Expiraton. Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com>
changelog: Internal, Logging, Instrument HTTP requests for In-Person-Proofing
mitchellhenke
approved these changes
Aug 3, 2022
[skip changelog]
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
15 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Improvements
Bug Fixes
Internal
Upcoming Features