Skip to content

Verify info spec refactor #7911

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
soniaconnolly merged 3 commits into from
Mar 1, 2023
Merged

Verify info spec refactor #7911

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
0bc590c
Add GOOD_SSN_MASKED constant
soniaconnolly Mar 1, 2023
d46f2e6
Test refactoring in verify_info_step_spec
soniaconnolly Mar 1, 2023
80bf41c
lint
soniaconnolly Mar 1, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
225 changes: 108 additions & 117 deletions spec/features/idv/doc_auth/verify_info_step_spec.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,12 +7,7 @@
let(:fake_analytics) { FakeAnalytics.new }
let(:fake_attempts_tracker) { IrsAttemptsApiTrackingHelper::FakeAttemptsTracker.new }

let(:mock_ssn_a) { DocAuthHelper::GOOD_SSN }
let(:masked_ssn_a) { '9**-**-***4' }
let(:mock_zip_code) { '12345' }
let(:mock_ssn_b) { '900456789' }
let(:masked_ssn_b) { '9**-**-***9' }
let(:unmasked_ssn_b) { '900-45-6789' }
# values from Idp::Constants::MOCK_IDV_APPLICANT
let(:fake_pii_details) do
{
document_state: 'MT',
Expand All @@ -25,23 +20,6 @@
address: '1 FAKE RD',
}
end
let(:mock_state_id_jurisdiction) { [Idp::Constants::MOCK_IDV_APPLICANT[:state_id_jurisdiction]] }
let(:proof_resolution_args) do
{
trace_id: anything,
threatmetrix_session_id: anything,
request_ip: kind_of(String),
}
end

let(:forms_ssn_show) { 'forms.ssn.show' }
let(:forms_buttons_submit_update) { 'forms.buttons.submit.update' }
let(:idv_buttons_change_ssn_label) { 'idv.buttons.change_ssn_label' }
let(:idv_form_ssn_label_html) { 'idv.form.ssn_label_html' }
let(:idv_failure_button_warning) { 'idv.failure.button.warning' }
let(:step_verify_info_controller) { 'Idv::VerifyInfoController' }
let(:ananlyics_throttle_event) { 'Throttler Rate Limit Triggered' }
let(:idv_failure_timeout) { 'idv.failure.timeout' }

before do
allow_any_instance_of(ApplicationController).to receive(:analytics).and_return(fake_analytics)
Expand All @@ -65,41 +43,41 @@
expect(page).to have_content(t('step_indicator.flows.idv.verify_info'))

# SSN is masked until revealed
expect(page).to have_text(masked_ssn_a)
expect(page).not_to have_text(mock_ssn_a)
check t(forms_ssn_show)
expect(page).not_to have_text(masked_ssn_a)
expect(page).to have_text(mock_ssn_a)
expect(page).to have_text(DocAuthHelper::GOOD_SSN_MASKED)
expect(page).not_to have_text(DocAuthHelper::GOOD_SSN)
check t('forms.ssn.show')
expect(page).not_to have_text(DocAuthHelper::GOOD_SSN_MASKED)
expect(page).to have_text(DocAuthHelper::GOOD_SSN)
end

it 'allows the user to enter in a new address and displays updated info' do
click_button t('idv.buttons.change_address_label')
fill_in 'idv_form_zipcode', with: mock_zip_code
click_button t(forms_buttons_submit_update)
fill_in 'idv_form_zipcode', with: '12345'
click_button t('forms.buttons.submit.update')

expect(page).to have_current_path(idv_verify_info_path)

expect(page).to have_content(mock_zip_code)
expect(page).to have_content('12345')
end

it 'allows the user to enter in a new ssn and displays updated info' do
click_button t(idv_buttons_change_ssn_label)
fill_in t(idv_form_ssn_label_html), with: mock_ssn_b
click_button t(forms_buttons_submit_update)
click_button t('idv.buttons.change_ssn_label')
fill_in t('idv.form.ssn_label_html'), with: '900456789'
click_button t('forms.buttons.submit.update')

expect(page).to have_current_path(idv_verify_info_path)

expect(page).to have_text(masked_ssn_b)
check t(forms_ssn_show)
expect(page).to have_text(unmasked_ssn_b)
expect(page).to have_text('9**-**-***9')
check t('forms.ssn.show')
expect(page).to have_text('900-45-6789')
end

it 'proceeds to the next page upon confirmation' do
expect(fake_attempts_tracker).to receive(:idv_verification_submitted).with(
success: true,
failure_reason: nil,
**fake_pii_details,
ssn: mock_ssn_a,
ssn: DocAuthHelper::GOOD_SSN,
)
sign_in_and_2fa_user
complete_doc_auth_steps_before_verify_step
Expand Down Expand Up @@ -131,7 +109,7 @@
click_idv_continue

expect(page).to have_current_path(idv_session_errors_warning_path)
click_on t(idv_failure_button_warning)
click_on t('idv.failure.button.warning')

expect(page).to have_current_path(idv_verify_info_path)
end
Expand All @@ -152,12 +130,12 @@

expect(fake_analytics).to have_logged_event(
'IdV: doc auth exception visited',
step_name: step_verify_info_controller,
step_name: 'Idv::VerifyInfoController',
remaining_attempts: 5,
)
expect(page).to have_current_path(idv_session_errors_exception_path)

click_on t(idv_failure_button_warning)
click_on t('idv.failure.button.warning')

expect(page).to have_current_path(idv_verify_info_path)
end
Expand Down Expand Up @@ -191,9 +169,9 @@
click_idv_continue
expect(page).to have_current_path(idv_session_errors_failure_path)
expect(fake_analytics).to have_logged_event(
ananlyics_throttle_event,
'Throttler Rate Limit Triggered',
throttle_type: :idv_resolution,
step_name: step_verify_info_controller,
step_name: 'Idv::VerifyInfoController',
)

visit idv_verify_info_url
Expand Down Expand Up @@ -237,7 +215,7 @@
click_idv_continue
expect(page).to have_current_path(idv_session_errors_ssn_failure_path)
expect(fake_analytics).to have_logged_event(
ananlyics_throttle_event,
'Throttler Rate Limit Triggered',
throttle_type: :proof_ssn,
step_name: 'verify_info',
)
Expand All @@ -255,76 +233,89 @@
end
end

context 'when the user lives in an AAMVA supported state' do
it 'performs a resolution and state ID check' do
allow(IdentityConfig.store).to receive(:aamva_supported_jurisdictions).and_return(
mock_state_id_jurisdiction,
)
user = create(:user, :signed_up)
expect_any_instance_of(Idv::Agent).
to receive(:proof_resolution).
with(
anything,
should_proof_state_id: true,
user_id: user.id,
**proof_resolution_args,
).
and_call_original

sign_in_and_2fa_user(user)
complete_doc_auth_steps_before_verify_step
click_idv_continue

expect(DocAuthLog.find_by(user_id: user.id).aamva).not_to be_nil
context 'AAMVA' do
let(:mock_state_id_jurisdiction) do
[Idp::Constants::MOCK_IDV_APPLICANT[:state_id_jurisdiction]]
end
let(:proof_resolution_args) do
{
trace_id: anything,
threatmetrix_session_id: anything,
request_ip: kind_of(String),
}
end
end

context 'when the user does not live in an AAMVA supported state' do
it 'does not perform the state ID check' do
allow(IdentityConfig.store).to receive(:aamva_supported_jurisdictions).and_return(
IdentityConfig.store.aamva_supported_jurisdictions -
context 'when the user lives in an AAMVA supported state' do
it 'performs a resolution and state ID check' do
allow(IdentityConfig.store).to receive(:aamva_supported_jurisdictions).and_return(
mock_state_id_jurisdiction,
)
user = create(:user, :signed_up)
expect_any_instance_of(Idv::Agent).
to receive(:proof_resolution).
with(
anything,
should_proof_state_id: false,
user_id: user.id,
**proof_resolution_args,
).
and_call_original

sign_in_and_2fa_user(user)
complete_doc_auth_steps_before_verify_step
click_idv_continue
)
user = create(:user, :signed_up)
expect_any_instance_of(Idv::Agent).
to receive(:proof_resolution).
with(
anything,
should_proof_state_id: true,
user_id: user.id,
**proof_resolution_args,
).
and_call_original

sign_in_and_2fa_user(user)
complete_doc_auth_steps_before_verify_step
click_idv_continue

expect(DocAuthLog.find_by(user_id: user.id).aamva).to be_nil
expect(DocAuthLog.find_by(user_id: user.id).aamva).not_to be_nil
end
end
end

context 'when the SP is in the AAMVA banlist' do
it 'does not perform the state ID check' do
allow(IdentityConfig.store).to receive(:aamva_sp_banlist_issuers).
and_return('["urn:gov:gsa:openidconnect:sp:server"]')
user = create(:user, :signed_up)
expect_any_instance_of(Idv::Agent).
to receive(:proof_resolution).
with(
anything,
should_proof_state_id: false,
user_id: user.id,
**proof_resolution_args,
).
and_call_original

visit_idp_from_sp_with_ial1(:oidc)
sign_in_and_2fa_user(user)
complete_doc_auth_steps_before_verify_step
click_idv_continue
context 'when the user does not live in an AAMVA supported state' do
it 'does not perform the state ID check' do
allow(IdentityConfig.store).to receive(:aamva_supported_jurisdictions).and_return(
IdentityConfig.store.aamva_supported_jurisdictions -
mock_state_id_jurisdiction,
)
user = create(:user, :signed_up)
expect_any_instance_of(Idv::Agent).
to receive(:proof_resolution).
with(
anything,
should_proof_state_id: false,
user_id: user.id,
**proof_resolution_args,
).
and_call_original

sign_in_and_2fa_user(user)
complete_doc_auth_steps_before_verify_step
click_idv_continue

expect(DocAuthLog.find_by(user_id: user.id).aamva).to be_nil
expect(DocAuthLog.find_by(user_id: user.id).aamva).to be_nil
end
end

context 'when the SP is in the AAMVA banlist' do
it 'does not perform the state ID check' do
allow(IdentityConfig.store).to receive(:aamva_sp_banlist_issuers).
and_return('["urn:gov:gsa:openidconnect:sp:server"]')
user = create(:user, :signed_up)
expect_any_instance_of(Idv::Agent).
to receive(:proof_resolution).
with(
anything,
should_proof_state_id: false,
user_id: user.id,
**proof_resolution_args,
).
and_call_original

visit_idp_from_sp_with_ial1(:oidc)
sign_in_and_2fa_user(user)
complete_doc_auth_steps_before_verify_step
click_idv_continue

expect(DocAuthLog.find_by(user_id: user.id).aamva).to be_nil
end
end
end

Expand All @@ -338,7 +329,7 @@

click_idv_continue
expect(fake_analytics).to have_logged_event('Proofing Resolution Result Missing')
expect(page).to have_content(t(idv_failure_timeout))
expect(page).to have_content(t('idv.failure.timeout'))
expect(page).to have_current_path(idv_verify_info_path)
allow(DocumentCaptureSession).to receive(:find_by).and_call_original
click_idv_continue
Expand All @@ -350,7 +341,7 @@
success: false,
failure_reason: { idv_verification: [:timeout] },
**fake_pii_details,
ssn: mock_ssn_a,
ssn: DocAuthHelper::GOOD_SSN,
)
sign_in_and_2fa_user
complete_doc_auth_steps_before_verify_step
Expand All @@ -359,7 +350,7 @@
and_return(nil)

click_idv_continue
expect(page).to have_content(t(idv_failure_timeout))
expect(page).to have_content(t('idv.failure.timeout'))
expect(page).to have_current_path(idv_verify_info_path)
allow(DocumentCaptureSession).to receive(:find_by).and_call_original
end
Expand All @@ -374,7 +365,7 @@
and_return(nil)

click_idv_continue
expect(page).to have_content(t(idv_failure_timeout))
expect(page).to have_content(t('idv.failure.timeout'))
expect(page).to have_current_path(idv_verify_info_path)
allow(DocumentCaptureSession).to receive(:find_by).and_call_original
click_idv_continue
Expand All @@ -391,21 +382,21 @@
end

it 'uses ssn controller to enter a new ssn and displays updated info' do
click_link t(idv_buttons_change_ssn_label)
click_link t('idv.buttons.change_ssn_label')
expect(page).to have_current_path(idv_ssn_path)

fill_in t(idv_form_ssn_label_html), with: mock_ssn_b
click_button t(forms_buttons_submit_update)
fill_in t('idv.form.ssn_label_html'), with: '900456789'
click_button t('forms.buttons.submit.update')

expect(fake_analytics).to have_logged_event(
'IdV: doc auth redo_ssn submitted',
)

expect(page).to have_current_path(idv_verify_info_path)

expect(page).to have_text(masked_ssn_b)
check t(forms_ssn_show)
expect(page).to have_text(unmasked_ssn_b)
expect(page).to have_text('9**-**-***9')
check t('forms.ssn.show')
expect(page).to have_text('900-45-6789')
end
end
end
1 change: 1 addition & 0 deletions spec/support/features/doc_auth_helper.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ module DocAuthHelper
include DocumentCaptureStepHelper

GOOD_SSN = Idp::Constants::MOCK_IDV_APPLICANT_WITH_SSN[:ssn]
GOOD_SSN_MASKED = '9**-**-***4'
SSN_THAT_FAILS_RESOLUTION = '123-45-6666'
SSN_THAT_RAISES_EXCEPTION = '000-00-0000'

Expand Down