Stop requesting selfies from the frontend

app/controllers/api/verify/document_capture_controller.rb

@@ -7,7 +7,7 @@ class DocumentCaptureController < BaseController
       def create
         result = Idv::ApiDocumentVerificationForm.new(
           verify_params,
-          liveness_checking_enabled: liveness_checking_enabled?,
+          liveness_checking_enabled: false,
           analytics: analytics,
           irs_attempts_api_tracker: irs_attempts_api_tracker,
           flow_path: params[:flow_path],
@@ -37,7 +37,7 @@ def enqueue_job
         }
         Idv::Agent.new(applicant).proof_document(
           verify_document_capture_session,
-          liveness_checking_enabled: liveness_checking_enabled?,
+          liveness_checking_enabled: false,
           trace_id: amzn_trace_id,
           image_metadata: image_metadata,
           analytics_data: {

app/controllers/idv/image_uploads_controller.rb

@@ -20,7 +20,7 @@ def create
     def image_upload_form
       @image_upload_form ||= Idv::ApiImageUploadForm.new(
         params,
-        liveness_checking_enabled: liveness_checking_enabled?,
+        liveness_checking_enabled: false,
         service_provider: current_sp,
         analytics: analytics,
         uuid_prefix: current_sp&.app_id,

app/views/idv/shared/_document_capture.html.erb

@@ -12,7 +12,7 @@
 %>
 <%= tag.div id: 'document-capture-form', data: {
       app_name: APP_NAME,
-      liveness_required: liveness_checking_enabled?.presence,
+      liveness_required: nil,
       mock_client: (DocAuthRouter.doc_auth_vendor(discriminator: session_id) == 'mock').presence,
       help_center_redirect_url: help_center_redirect_url(
         flow: :idv,

spec/controllers/api/verify/document_capture_controller_spec.rb

@@ -23,7 +23,6 @@
   let(:password) { 'iambatman' }
   let(:user) { create(:user, :signed_up) }
   let(:flow_path) { 'standard' }
-  let(:liveness_checking_enabled) { false }
   let(:analytics_data) do
     { browser_attributes:
       { browser_bot: false,
@@ -92,7 +91,7 @@
 
         expect(agent).to receive(:proof_document).with(
           document_capture_session,
-          liveness_checking_enabled: liveness_checking_enabled,
+          liveness_checking_enabled: false,
           trace_id: nil,
           image_metadata: image_metadata,
           analytics_data: analytics_data,

spec/features/idv/doc_auth/document_capture_step_spec.rb

@@ -7,25 +7,20 @@
 
   let(:max_attempts) { IdentityConfig.store.doc_auth_max_attempts }
   let(:user) { user_with_2fa }
-  let(:liveness_enabled) { false }
   let(:doc_auth_enable_presigned_s3_urls) { false }
   let(:fake_analytics) { FakeAnalytics.new }
   let(:fake_attempts_tracker) { IrsAttemptsApiTrackingHelper::FakeAttemptsTracker.new }
   let(:sp_name) { 'Test SP' }
   before do
-    allow(IdentityConfig.store).to receive(:liveness_checking_enabled).
-      and_return(liveness_enabled)
     allow(IdentityConfig.store).to receive(:doc_auth_enable_presigned_s3_urls).
       and_return(doc_auth_enable_presigned_s3_urls)
     allow(Identity::Hostdata::EC2).to receive(:load).
       and_return(OpenStruct.new(region: 'us-west-2', account_id: '123456789'))
     allow_any_instance_of(ApplicationController).to receive(:analytics).and_return(fake_analytics)
     allow_any_instance_of(ServiceProviderSessionDecorator).to receive(:sp_name).and_return(sp_name)
-    if liveness_enabled
-      visit_idp_from_oidc_sp_with_ial2_strict
-    else
-      visit_idp_from_oidc_sp_with_ial2
-    end
+
+    visit_idp_from_oidc_sp_with_ial2
+
     sign_in_and_2fa_user(user)
     complete_doc_auth_steps_before_document_capture_step
   end
@@ -93,127 +88,37 @@
     expect(page).to have_content(I18n.t('doc_auth.errors.general.network_error'))
   end
 
-  context 'when liveness checking is enabled' do
-    let(:liveness_enabled) { true }
-
-    it 'is on the correct page and shows the document upload options' do
-      expect(current_path).to eq(idv_doc_auth_document_capture_step)
-      expect(page).to have_content(t('doc_auth.headings.document_capture_front'))
-      expect(page).to have_content(t('doc_auth.headings.document_capture_back'))
-      expect_step_indicator_current_step(t('step_indicator.flows.idv.verify_id'))
-
-      # Document capture tips
-      expect(page).to have_content(I18n.t('doc_auth.tips.document_capture_header_text'))
-      expect(page).to have_content(I18n.t('doc_auth.tips.document_capture_id_text1'))
-      expect(page).to have_content(I18n.t('doc_auth.tips.document_capture_id_text2'))
-      expect(page).to have_content(I18n.t('doc_auth.tips.document_capture_id_text3'))
-      expect(page).to have_content(I18n.t('doc_auth.tips.document_capture_id_text4'))
-      expect(page).to have_content(I18n.t('doc_auth.tips.document_capture_hint'))
-
-      # Selfie option, evidenced by "Continue" button instead of "Submit"
-      expect(page).to have_content(t('forms.buttons.continue'))
-    end
-
-    it 'proceeds to the next page with valid info and logs analytics info' do
-      expect_any_instance_of(DocAuth::Mock::DocAuthMockClient).
-        to receive(:post_images).
-        with(hash_including(image_source: DocAuth::ImageSources::UNKNOWN)).
-        and_call_original
-
-      attach_and_submit_images
-
-      expect(page).to have_current_path(next_step)
-      expect(fake_analytics).to have_logged_event(
-        'IdV: ' + "#{Analytics::DOC_AUTH} document_capture submitted".downcase,
-        step: 'document_capture',
-        flow_path: 'standard',
-      )
-      expect_costing_for_document
-    end
-
-    it 'does not proceed to the next page with invalid info', allow_browser_log: true do
-      mock_general_doc_auth_client_error(:create_document)
-
-      attach_and_submit_images
-
-      expect(page).to have_current_path(idv_doc_auth_document_capture_step)
-    end
-
-    it 'allows users to retake photos with attention with barcode', allow_browser_log: true do
-      mock_doc_auth_attention_with_barcode
-      attach_and_submit_images
-
-      expect(page).to have_content(t('doc_auth.errors.barcode_attention.confirm_info'))
-      expect(page).to have_content('DAVID')
-      expect(page).to have_content('SAMPLE')
-      expect(page).to have_content('1986-10-13')
-
-      click_button t('doc_auth.buttons.add_new_photos')
-      submit_images
-
-      expect(page).to have_content(t('doc_auth.errors.barcode_attention.confirm_info'))
-      click_button t('forms.buttons.continue')
-
-      expect(page).to have_current_path(next_step, wait: 10)
-    end
-
-    it 'does not proceed if doc auth is success but missing information', allow_browser_log: true do
-      mock_doc_auth_no_name_pii(:post_images)
-      attach_and_submit_images
-
-      expect(page).to have_current_path(idv_doc_auth_document_capture_step)
-
-      expect(fake_analytics).to have_logged_event(
-        'IdV: doc auth image upload vendor pii validation',
-        flow_path: 'standard',
-        success: false,
-      )
-    end
-
-    context 'when javascript is enabled', js: true do
-      it 'proceeds to the next step' do
-        attach_and_submit_images
-
-        expect(page).to have_current_path(next_step)
-      end
-    end
+  it 'is on the correct page and shows the document upload options' do
+    expect(current_path).to eq(idv_doc_auth_document_capture_step)
+    expect(page).to have_content(t('doc_auth.headings.document_capture_front'))
+    expect(page).to have_content(t('doc_auth.headings.document_capture_back'))
+    expect_step_indicator_current_step(t('step_indicator.flows.idv.verify_id'))
+
+    # Document capture tips
+    expect(page).to have_content(I18n.t('doc_auth.tips.document_capture_header_text'))
+    expect(page).to have_content(I18n.t('doc_auth.tips.document_capture_id_text1'))
+    expect(page).to have_content(I18n.t('doc_auth.tips.document_capture_id_text2'))
+    expect(page).to have_content(I18n.t('doc_auth.tips.document_capture_id_text3'))
+    expect(page).to have_content(I18n.t('doc_auth.tips.document_capture_id_text4'))
+    expect(page).to have_content(I18n.t('doc_auth.tips.document_capture_hint'))
+
+    # No selfie option, evidenced by "Submit" button instead of "Continue"
+    expect(page).to have_content(t('forms.buttons.submit.default'))
   end
 
-  context 'when liveness checking is not enabled' do
-    let(:liveness_enabled) { false }
-
-    it 'is on the correct page and shows the document upload options' do
-      expect(current_path).to eq(idv_doc_auth_document_capture_step)
-      expect(page).to have_content(t('doc_auth.headings.document_capture_front'))
-      expect(page).to have_content(t('doc_auth.headings.document_capture_back'))
-      expect_step_indicator_current_step(t('step_indicator.flows.idv.verify_id'))
-
-      # Document capture tips
-      expect(page).to have_content(I18n.t('doc_auth.tips.document_capture_header_text'))
-      expect(page).to have_content(I18n.t('doc_auth.tips.document_capture_id_text1'))
-      expect(page).to have_content(I18n.t('doc_auth.tips.document_capture_id_text2'))
-      expect(page).to have_content(I18n.t('doc_auth.tips.document_capture_id_text3'))
-      expect(page).to have_content(I18n.t('doc_auth.tips.document_capture_id_text4'))
-      expect(page).to have_content(I18n.t('doc_auth.tips.document_capture_hint'))
-
-      # No selfie option, evidenced by "Submit" button instead of "Continue"
-      expect(page).to have_content(t('forms.buttons.submit.default'))
-    end
-
-    it 'proceeds to the next page with valid info' do
-      attach_and_submit_images
+  it 'proceeds to the next page with valid info' do
+    attach_and_submit_images
 
-      expect(page).to have_current_path(next_step)
-      expect_costing_for_document
-      expect(DocAuthLog.find_by(user_id: user.id).state).to eq('MT')
-    end
+    expect(page).to have_current_path(next_step)
+    expect_costing_for_document
+    expect(DocAuthLog.find_by(user_id: user.id).state).to eq('MT')
+  end
 
-    it 'does not track state if state tracking is disabled' do
-      allow(IdentityConfig.store).to receive(:state_tracking_enabled).and_return(false)
-      attach_and_submit_images
+  it 'does not track state if state tracking is disabled' do
+    allow(IdentityConfig.store).to receive(:state_tracking_enabled).and_return(false)
+    attach_and_submit_images
 
-      expect(DocAuthLog.find_by(user_id: user.id).state).to be_nil
-    end
+    expect(DocAuthLog.find_by(user_id: user.id).state).to be_nil
   end
 
   context 'when using async uploads' do