diff --git a/app/controllers/users/two_factor_authentication_setup_controller.rb b/app/controllers/users/two_factor_authentication_setup_controller.rb index 15f9273c1de..5a01f50e029 100644 --- a/app/controllers/users/two_factor_authentication_setup_controller.rb +++ b/app/controllers/users/two_factor_authentication_setup_controller.rb @@ -16,6 +16,10 @@ def index def create result = submit_form analytics.user_registration_2fa_setup(**result.to_h) + irs_attempts_api_tracker.mfa_enroll_options_selected( + success: result.success?, + mfa_device_types: @two_factor_options_form.selection, + ) if result.success? process_valid_form diff --git a/app/services/irs_attempts_api/tracker_events.rb b/app/services/irs_attempts_api/tracker_events.rb index 9edae76218a..5fa90dd3f9d 100644 --- a/app/services/irs_attempts_api/tracker_events.rb +++ b/app/services/irs_attempts_api/tracker_events.rb @@ -20,6 +20,17 @@ def logout_initiated(success:) ) end + # @param [Boolean] success True if selection was valid + # @param [Array] mfa_device_types List of MFA options users selected on account creation + # A user has selected MFA options + def mfa_enroll_options_selected(success:, mfa_device_types:) + track_event( + :mfa_enroll_options_selected, + success: success, + mfa_device_types: mfa_device_types, + ) + end + # Tracks when the user has attempted to enroll the Backup Codes MFA method to their account # @param [Boolean] success def mfa_enroll_backup_code(success:) diff --git a/config/application.yml.default b/config/application.yml.default index 14c34670fee..7b632bf285d 100644 --- a/config/application.yml.default +++ b/config/application.yml.default @@ -321,6 +321,8 @@ development: kantara_2fa_phone_existing_user_restriction: true kantara_restriction_enforcement_date: '2022-07-01' irs_attempt_api_public_key: MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAyut9Uio5XxsIUVrXARqCoHvcMVYT0p6WyU1BnbhxLRW4Q60p+4Bn32vVOt9nzeih7qvauYM5M0PZdKEmwOHflqPP+ABfKhL+6jxBhykN5P5UY375wTFBJZ20Fx8jOJbRhJD02oUQ49YKlDu3MG5Y0ApyD4ER4WKgxuB2OdyQKd9vg2ZZa+P2pw1HkFPEin0h8KBUFBeLGDZni8PIJdHBP6dA+xbayGBxSM/8xQC0JIg6KlGTcLql37QJIhP2oSv0nAJNb6idFPAz0uMCQDQWKKWV5FUDCsFVH7VuQz8xUCwnPn/SdaratB+29bwUpVhgHXrHdJ0i8vjBEX7smD7pI8CcFHuVgACt86NMlBnNCVkwumQgZNAAxe2mJoYcotEWOnhCuMc6MwSj985bj8XEdFlbf4ny9QO9rETd5aYcwXBiV/T6vd637uvHb0KenghNmlb1Tv9LMj2b9ZwNc9C6oeCnbN2YAfxSDrb8Ik+yq4hRewOvIK7f0CcpZYDXK25aHXnHm306Uu53KIwMGf1mha5T5LWTNaYy5XFoMWHJ9E+AnU/MUJSrwCAITH/S0JFcna5Oatn70aTE9pISATsqB5Iz1c46MvdrxD8hPoDjT7x6/EO316DZrxQfJhjbWsCB+R0QxYLkXPHczhB2Z0HPna9xB6RbJHzph7ifDizhZoMCAwEAAQ== + irs_attempt_api_enabled: true + irs_attempt_api_auth_tokens: 'abc123' liveness_checking_enabled: true logins_per_ip_limit: 5 logo_upload_enabled: true diff --git a/spec/controllers/users/two_factor_authentication_setup_controller_spec.rb b/spec/controllers/users/two_factor_authentication_setup_controller_spec.rb index 366a5b1d62c..a4181926249 100644 --- a/spec/controllers/users/two_factor_authentication_setup_controller_spec.rb +++ b/spec/controllers/users/two_factor_authentication_setup_controller_spec.rb @@ -73,7 +73,7 @@ expect(form).to receive(:submit). with(params.require(:two_factor_options_form).permit(:selection)). and_return(response) - expect(form).to receive(:selection).and_return(['voice']) + expect(form).to receive(:selection).twice.and_return(['voice']) patch :create, params: voice_params @@ -102,6 +102,21 @@ } end + it 'tracks IRS attempts event' do + stub_sign_in_before_2fa + stub_attempts_tracker + + expect(@irs_attempts_api_tracker).to receive(:track_event). + with(:mfa_enroll_options_selected, success: true, + mfa_device_types: ['voice', 'auth_app']) + + patch :create, params: { + two_factor_options_form: { + selection: ['voice', 'auth_app'], + }, + } + end + context 'when the selection is only phone and multi mfa is enabled' do before do allow(IdentityConfig.store).to receive(:select_multiple_mfa_options).and_return(true)