Skip to content

LG-7703: Force a user to re-verify their identity for IRS.#7167

Merged
solipet merged 2 commits intomainfrom
dprice-lg-7703-force-irs-reproofing
Oct 19, 2022
Merged

LG-7703: Force a user to re-verify their identity for IRS.#7167
solipet merged 2 commits intomainfrom
dprice-lg-7703-force-irs-reproofing

Conversation

@solipet
Copy link
Contributor

@solipet solipet commented Oct 18, 2022
edited
Loading

If a user proofed their identity with a non-IRS SP, then visits an IRS SP, they will be forced to reproof.

changelog: Improvements, Identity Verification, Require users to re-proof on first IRS visit.

🎫 Ticket

LG-7703: If active profile not verified for SP IRS, send user through reproofing

🛠 Summary of changes

If the SP the user is signing into is an IRS SP, we check to see if the user's active profile was initiated by an IRS SP. If not, we require them to re-proof to ensure that they are using the most up-to-date criteria.

📜 Testing Plan

The specs walk through this best, with the following scenarios:

  1. User verified by an IRS SP returns to the same SP - no reproofing
  2. User verified by an IRS SP visits a different IRS SP - no reproofing
  3. User verified by a non-IRS SP visits an IRS SP - reproofing required

These are repeated for both OIDC and SAML.

@solipet solipet force-pushed the dprice-lg-7703-force-irs-reproofing branch from fa03bcf to 436136a Compare October 18, 2022 21:08
@solipet solipet marked this pull request as ready for review October 19, 2022 20:18
@solipet solipet requested review from a team and jmhooper October 19, 2022 20:18
jmhooper
jmhooper reviewed Oct 19, 2022
View reviewed changes
@solipet solipet force-pushed the dprice-lg-7703-force-irs-reproofing branch from dadb578 to a86b78f Compare October 19, 2022 20:27
@solipet
LG-7703: Force a user to re-verify their identity for IRS.
d7ff0f9 
If a user proofed their identity with a non-IRS SP, then visits
an IRS SP, they will be forced to reproof.

changelog: Improvements, Identity Verification, Require users to re-proof on first IRS visit.
@solipet
working on the SAML side
b877d1f
@solipet solipet force-pushed the dprice-lg-7703-force-irs-reproofing branch from a86b78f to b877d1f Compare October 19, 2022 20:54
@solipet solipet merged commit 25aac6e into main Oct 19, 2022
@solipet solipet deleted the dprice-lg-7703-force-irs-reproofing branch October 19, 2022 21:16
This was referenced Oct 20, 2022
Closed
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@jmhooper jmhooper jmhooper approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

status - ready for review

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@solipet @jmhooper