Skip to content

Enroll verify failure events #6772

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
ThatSpaceGuy merged 4 commits into from
Aug 18, 2022
Merged

Enroll verify failure events #6772

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
126e754
LG-6986 LG-7240 WebAuthn Enroll Failure logging
ThatSpaceGuy Aug 17, 2022
56a6fc5
Add Tests!
ThatSpaceGuy Aug 17, 2022
c6cce49
Lint fix!!!
ThatSpaceGuy Aug 18, 2022
5c04ddb
Remove comments
ThatSpaceGuy Aug 18, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 9 additions & 0 deletions app/controllers/users/webauthn_setup_controller.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,15 @@ def new
analytics.webauthn_setup_visit(**result.to_h)
save_challenge_in_session
@exclude_credentials = exclude_credentials

if !result.success?
if @platform_authenticator
irs_attempts_api_tracker.mfa_enroll_webauthn_platform(success: false)
else
irs_attempts_api_tracker.mfa_enroll_webauthn_roaming(success: false)
end
end

flash_error(result.errors) unless result.success?
end

Expand Down
45 changes: 45 additions & 0 deletions spec/controllers/users/webauthn_setup_controller_spec.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,7 @@
it 'tracks page visit' do
stub_sign_in
stub_analytics
stub_attempts_tracker

expect(@analytics).to receive(:track_event).
with(
Expand All @@ -53,6 +54,8 @@
success: true,
)

expect(@irs_attempts_api_tracker).not_to receive(:track_event)

get :new
end
end
Expand Down Expand Up @@ -272,6 +275,48 @@
patch :confirm, params: params
end
end

context 'with attestation response error' do
let(:mfa_selections) { ['webauthn_platform'] }
let(:params) do
{
attestation_object: attestation_object,
client_data_json: setup_client_data_json,
name: 'mykey',
platform_authenticator: 'true',
}
end
it 'should log expected events' do
allow(IdentityConfig.store).to receive(:domain_name).and_return('localhost:3000')
allow(WebAuthn::AttestationStatement).to receive(:from).and_raise(StandardError)

expect(@analytics).to receive(:track_event).with(
'Multi-Factor Authentication Setup',
{
enabled_mfa_methods_count: 0,
errors: { name: [I18n.t(
'errors.webauthn_platform_setup.attestation_error',
link: MarketingSite.contact_url,
)] },
error_details: { name: [I18n.t(
'errors.webauthn_platform_setup.attestation_error',
link: MarketingSite.contact_url,
)] },
in_multi_mfa_selection_flow: true,
mfa_method_counts: {},
multi_factor_auth_method: 'webauthn_platform',
pii_like_keypaths: [[:mfa_method_counts, :phone]],
success: false,
},
)

expect(@irs_attempts_api_tracker).to receive(:track_event).with(
:mfa_enroll_webauthn_platform, success: false
)

patch :confirm, params: params
end
end
end

context 'Multiple MFA options turned off' do
Expand Down