= modal.querySelectorAll('lg-countdown');
-const csrfEl: HTMLMetaElement | null = document.querySelector('meta[name="csrf-token"]');
-let csrfToken = '';
-if (csrfEl) {
- csrfToken = csrfEl.content;
-}
-
-function notifyNewRelic(request, error, actionName) {
+function notifyNewRelic(error, actionName) {
(window as LoginGovGlobal).newrelic?.addPageAction('Session Ping Error', {
action_name: actionName,
- request_status: request.status,
time_elapsed_ms: new Date().valueOf() - initialTime.valueOf(),
error: error.message,
});
@@ -100,36 +94,17 @@ function success(data: PingResponse) {
}
function ping() {
- const request = new XMLHttpRequest();
- request.open('GET', '/active', true);
-
- request.onload = function () {
- try {
- success(JSON.parse(request.responseText));
- } catch (error) {
- notifyNewRelic(request, error, 'ping');
- }
- };
+ request('/active')
+ .then(success)
+ .catch((error) => notifyNewRelic(error, 'ping'));
- request.send();
setTimeout(ping, frequency);
}
function keepalive() {
- const request = new XMLHttpRequest();
- request.open('POST', '/sessions/keepalive', true);
- request.setRequestHeader('X-CSRF-Token', csrfToken);
-
- request.onload = function () {
- try {
- success(JSON.parse(request.responseText));
- modal.hide();
- } catch (error) {
- notifyNewRelic(request, error, 'keepalive');
- }
- };
-
- request.send();
+ request('/sessions/keepalive', { method: 'POST' })
+ .then(success)
+ .catch((error) => notifyNewRelic(error, 'keepalive'));
}
keepaliveEl?.addEventListener('click', keepalive, false);
diff --git a/app/presenters/idv/gpo_presenter.rb b/app/presenters/idv/gpo_presenter.rb
index 1ee0cb8ed12..9c7b210bb3e 100644
--- a/app/presenters/idv/gpo_presenter.rb
+++ b/app/presenters/idv/gpo_presenter.rb
@@ -18,6 +18,7 @@ def button
end
def fallback_back_path
+ return idv_verify_info_path if OutageStatus.new.any_phone_vendor_outage?
user_needs_address_otp_verification? ? idv_gpo_verify_path : idv_phone_path
end
@@ -25,6 +26,22 @@ def resend_requested?
current_user.decorate.pending_profile_requires_verification?
end
+ def back_or_cancel_partial
+ if OutageStatus.new.gpo_only?
+ 'idv/doc_auth/cancel'
+ else
+ 'idv/shared/back'
+ end
+ end
+
+ def back_or_cancel_parameters
+ if OutageStatus.new.gpo_only?
+ { step: 'gpo' }
+ else
+ { fallback_path: fallback_back_path }
+ end
+ end
+
private
def user_needs_address_otp_verification?
diff --git a/app/presenters/two_factor_authentication/phone_selection_presenter.rb b/app/presenters/two_factor_authentication/phone_selection_presenter.rb
index f452e2142e1..1954589607c 100644
--- a/app/presenters/two_factor_authentication/phone_selection_presenter.rb
+++ b/app/presenters/two_factor_authentication/phone_selection_presenter.rb
@@ -21,7 +21,7 @@ def mfa_configuration_count
end
def disabled?
- VendorStatus.new.all_phone_vendor_outage? || user&.phone_configurations&.any?
+ OutageStatus.new.all_phone_vendor_outage? || user&.phone_configurations&.any?
end
end
end
diff --git a/app/presenters/two_factor_authentication/sms_selection_presenter.rb b/app/presenters/two_factor_authentication/sms_selection_presenter.rb
index 081efd9d847..3226ae6adc3 100644
--- a/app/presenters/two_factor_authentication/sms_selection_presenter.rb
+++ b/app/presenters/two_factor_authentication/sms_selection_presenter.rb
@@ -16,7 +16,7 @@ def info
end
def disabled?
- VendorStatus.new.vendor_outage?(:sms)
+ OutageStatus.new.vendor_outage?(:sms)
end
end
end
diff --git a/app/presenters/two_factor_authentication/voice_selection_presenter.rb b/app/presenters/two_factor_authentication/voice_selection_presenter.rb
index b2e4a061785..369878c5e5d 100644
--- a/app/presenters/two_factor_authentication/voice_selection_presenter.rb
+++ b/app/presenters/two_factor_authentication/voice_selection_presenter.rb
@@ -16,7 +16,7 @@ def info
end
def disabled?
- VendorStatus.new.vendor_outage?(:voice)
+ OutageStatus.new.vendor_outage?(:voice)
end
end
end
diff --git a/app/services/analytics_events.rb b/app/services/analytics_events.rb
index d5fee3f1d58..64a89d83671 100644
--- a/app/services/analytics_events.rb
+++ b/app/services/analytics_events.rb
@@ -646,6 +646,10 @@ def idv_in_person_prepare_submitted(flow_path:, **extra)
track_event('IdV: in person proofing prepare submitted', flow_path: flow_path, **extra)
end
+ def idv_in_person_proofing_residential_address_submitted(**extra)
+ track_event('IdV: in person proofing residential address submitted', **extra)
+ end
+
def idv_in_person_proofing_address_submitted(**extra)
track_event('IdV: in person proofing address submitted', **extra)
end
@@ -729,10 +733,6 @@ def idv_doc_auth_cancel_link_sent_submitted(**extra)
track_event('IdV: doc auth cancel_link_sent submitted', **extra)
end
- def idv_doc_auth_cancel_send_link_submitted(**extra)
- track_event('IdV: doc auth cancel_send_link submitted', **extra)
- end
-
# @identity.idp.previous_event_name IdV: in person proofing cancel_update_ssn submitted
def idv_doc_auth_cancel_update_ssn_submitted(**extra)
track_event('IdV: doc auth cancel_update_ssn submitted', **extra)
@@ -784,14 +784,6 @@ def idv_doc_auth_redo_document_capture_submitted(**extra)
track_event('IdV: doc auth redo_document_capture submitted', **extra)
end
- def idv_doc_auth_send_link_visited(**extra)
- track_event('IdV: doc auth send_link visited', **extra)
- end
-
- def idv_doc_auth_send_link_submitted(**extra)
- track_event('IdV: doc auth send_link submitted', **extra)
- end
-
# @identity.idp.previous_event_name IdV: in person proofing ssn submitted
def idv_doc_auth_ssn_submitted(**extra)
track_event('IdV: doc auth ssn submitted', **extra)
@@ -2108,6 +2100,18 @@ def user_marked_authed(authentication_type:, **extra)
)
end
+ # User has attempted to access an action that requires re-authenticating
+ # @param [String] auth_method
+ # @param [String] authenticated_at
+ def user_2fa_reauthentication_required(auth_method:, authenticated_at:, **extra)
+ track_event(
+ 'User 2FA Reauthentication Required',
+ auth_method: auth_method,
+ authenticated_at: authenticated_at,
+ **extra,
+ )
+ end
+
# User registration has been hadnded off to agency page
# @param [Boolean] ial2
# @param [Integer] ialmax
diff --git a/app/services/flow/base_step.rb b/app/services/flow/base_step.rb
index c6f55650d25..3488e3a1246 100644
--- a/app/services/flow/base_step.rb
+++ b/app/services/flow/base_step.rb
@@ -41,6 +41,8 @@ def url_options
@flow.controller.url_options
end
+ delegate :analytics_visited_event, :analytics_submitted_event, to: :class
+
private
def create_response(form_submit_response, call_response)
diff --git a/app/services/flow/flow_state_machine.rb b/app/services/flow/flow_state_machine.rb
index 7b717e95872..5ffd4358c86 100644
--- a/app/services/flow/flow_state_machine.rb
+++ b/app/services/flow/flow_state_machine.rb
@@ -24,7 +24,7 @@ def update
increment_step_name_counts
analytics.public_send(
- flow.step_handler(step).analytics_submitted_event,
+ flow.step_handler_instance(step).analytics_submitted_event,
**result.to_h.merge(analytics_properties),
)
diff --git a/app/services/idv/actions/cancel_link_sent_action.rb b/app/services/idv/actions/cancel_link_sent_action.rb
index a1d32d19ae2..b38e6c0b4ee 100644
--- a/app/services/idv/actions/cancel_link_sent_action.rb
+++ b/app/services/idv/actions/cancel_link_sent_action.rb
@@ -6,10 +6,7 @@ def self.analytics_submitted_event
end
def call
- mark_step_incomplete(:send_link)
- if IdentityConfig.store.doc_auth_combined_hybrid_handoff_enabled
- mark_step_incomplete(:upload)
- end
+ mark_step_incomplete(:upload)
end
end
end
diff --git a/app/services/idv/actions/cancel_send_link_action.rb b/app/services/idv/actions/cancel_send_link_action.rb
deleted file mode 100644
index 1bf64fefef9..00000000000
--- a/app/services/idv/actions/cancel_send_link_action.rb
+++ /dev/null
@@ -1,13 +0,0 @@
-module Idv
- module Actions
- class CancelSendLinkAction < Idv::Steps::DocAuthBaseStep
- def self.analytics_submitted_event
- :idv_doc_auth_cancel_send_link_submitted
- end
-
- def call
- mark_step_incomplete(:upload)
- end
- end
- end
-end
diff --git a/app/services/idv/flows/doc_auth_flow.rb b/app/services/idv/flows/doc_auth_flow.rb
index 1c9773618c2..ff799eb7ebe 100644
--- a/app/services/idv/flows/doc_auth_flow.rb
+++ b/app/services/idv/flows/doc_auth_flow.rb
@@ -5,8 +5,6 @@ class DocAuthFlow < Flow::BaseFlow
welcome: Idv::Steps::WelcomeStep,
agreement: Idv::Steps::AgreementStep,
upload: Idv::Steps::UploadStep,
- **(IdentityConfig.store.doc_auth_combined_hybrid_handoff_enabled ?
- {} : { send_link: Idv::Steps::SendLinkStep }),
link_sent: Idv::Steps::LinkSentStep,
email_sent: Idv::Steps::EmailSentStep,
document_capture: Idv::Steps::DocumentCaptureStep,
@@ -31,7 +29,6 @@ class DocAuthFlow < Flow::BaseFlow
OPTIONAL_SHOW_STEPS = {}.freeze
ACTIONS = {
- cancel_send_link: Idv::Actions::CancelSendLinkAction,
cancel_link_sent: Idv::Actions::CancelLinkSentAction,
redo_address: Idv::Actions::RedoAddressAction,
redo_document_capture: Idv::Actions::RedoDocumentCaptureAction,
diff --git a/app/services/idv/phone_step.rb b/app/services/idv/phone_step.rb
index d06a1dec178..a8dea4dd8c9 100644
--- a/app/services/idv/phone_step.rb
+++ b/app/services/idv/phone_step.rb
@@ -1,12 +1,16 @@
module Idv
class PhoneStep
- def initialize(idv_session:, trace_id:, attempts_tracker:)
+ def initialize(idv_session:, trace_id:, analytics:, attempts_tracker:)
self.idv_session = idv_session
@trace_id = trace_id
+ @analytics = analytics
@attempts_tracker = attempts_tracker
end
def submit(step_params)
+ return throttled_result if throttle.throttled?
+ throttle.increment!
+
self.step_params = step_params
idv_session.previous_phone_step_params = step_params.slice(:phone, :otp_delivery_preference)
proof_address
@@ -14,6 +18,7 @@ def submit(step_params)
def failure_reason
return :fail if throttle.throttled?
+ return :no_idv_result if idv_result.nil?
return :timeout if idv_result[:timed_out]
return :jobfail if idv_result[:exception].present?
return :warning if idv_result[:success] != true
@@ -34,8 +39,6 @@ def async_state
def async_state_done(async_state)
@idv_result = async_state.result
- throttle.increment! unless failed_due_to_timeout_or_exception?
- @attempts_tracker.idv_phone_otp_sent_rate_limited if throttle.throttled?
success = idv_result[:success]
handle_successful_proofing_attempt if success
@@ -106,6 +109,12 @@ def throttle
@throttle ||= Throttle.new(user: idv_session.current_user, throttle_type: :proof_address)
end
+ def throttled_result
+ @attempts_tracker.idv_phone_otp_sent_rate_limited
+ @analytics.throttler_rate_limit_triggered(throttle_type: :proof_address, step_name: :phone)
+ FormResponse.new(success: false)
+ end
+
def failed_due_to_timeout_or_exception?
idv_result[:timed_out] || idv_result[:exception]
end
diff --git a/app/services/idv/session.rb b/app/services/idv/session.rb
index 685969558c4..4640f44f461 100644
--- a/app/services/idv/session.rb
+++ b/app/services/idv/session.rb
@@ -149,12 +149,16 @@ def phone_confirmed?
def invalidate_steps_after_ssn!
# Guard against unvalidated attributes from in-person flow in review controller
- session[:applicant] = nil
+ clear_applicant!
invalidate_verify_info_step!
invalidate_phone_step!
end
+ def clear_applicant!
+ session[:applicant] = nil
+ end
+
def mark_verify_info_step_complete!
session[:resolution_successful] = true
# This is here to maintain backwards compadibility with old code.
diff --git a/app/services/idv/steps/in_person/address_step.rb b/app/services/idv/steps/in_person/address_step.rb
index 7d642124708..ef6eb5ece71 100644
--- a/app/services/idv/steps/in_person/address_step.rb
+++ b/app/services/idv/steps/in_person/address_step.rb
@@ -8,18 +8,24 @@ def self.analytics_visited_event
:idv_in_person_proofing_address_visited
end
- def self.analytics_submitted_event
- :idv_in_person_proofing_address_submitted
+ def analytics_submitted_event
+ if capture_secondary_id_enabled?
+ :idv_in_person_proofing_residential_address_submitted
+ else
+ :idv_in_person_proofing_address_submitted
+ end
end
def call
Idv::InPerson::AddressForm::ATTRIBUTES.each do |attr|
+ next if attr == :same_address_as_id && capture_secondary_id_enabled?
flow_session[:pii_from_user][attr] = flow_params[attr]
end
end
def extra_view_variables
{
+ capture_secondary_id_enabled: capture_secondary_id_enabled?,
form:,
pii:,
updating_address:,
@@ -28,6 +34,10 @@ def extra_view_variables
private
+ def capture_secondary_id_enabled?
+ current_user.establishing_in_person_enrollment.capture_secondary_id_enabled
+ end
+
def updating_address
flow_session[:pii_from_user].has_key?(:address1)
end
@@ -45,7 +55,8 @@ def flow_params
end
def form
- @form ||= Idv::InPerson::AddressForm.new
+ @form ||= Idv::InPerson::AddressForm.
+ new(capture_secondary_id_enabled: capture_secondary_id_enabled?)
end
def form_submit
diff --git a/app/services/idv/steps/in_person/state_id_step.rb b/app/services/idv/steps/in_person/state_id_step.rb
index 4bbb213826d..2bece07396f 100644
--- a/app/services/idv/steps/in_person/state_id_step.rb
+++ b/app/services/idv/steps/in_person/state_id_step.rb
@@ -24,7 +24,7 @@ def call
def extra_view_variables
{
- capture_secondary_id_enabled:,
+ capture_secondary_id_enabled: capture_secondary_id_enabled?,
form:,
pii:,
parsed_dob:,
@@ -34,7 +34,7 @@ def extra_view_variables
private
- def capture_secondary_id_enabled
+ def capture_secondary_id_enabled?
current_user.establishing_in_person_enrollment.capture_secondary_id_enabled
end
diff --git a/app/services/idv/steps/send_link_step.rb b/app/services/idv/steps/send_link_step.rb
deleted file mode 100644
index 62295b74dfa..00000000000
--- a/app/services/idv/steps/send_link_step.rb
+++ /dev/null
@@ -1,128 +0,0 @@
-module Idv
- module Steps
- class SendLinkStep < DocAuthBaseStep
- include ActionView::Helpers::DateHelper
-
- STEP_INDICATOR_STEP = :verify_id
-
- def self.analytics_visited_event
- :idv_doc_auth_send_link_visited
- end
-
- def self.analytics_submitted_event
- :idv_doc_auth_send_link_submitted
- end
-
- def call
- throttle.increment!
- return throttled_failure if throttle.throttled?
- telephony_result = send_link
- failure_reason = nil
- if !telephony_result.success?
- failure_reason = { telephony: [telephony_result.error.class.name.demodulize] }
- end
- idv_session[:phone_for_mobile_flow] = permit(:phone)[:phone]
- @flow.irs_attempts_api_tracker.idv_phone_upload_link_sent(
- success: telephony_result.success?,
- phone_number: formatted_destination_phone,
- failure_reason: failure_reason,
- )
- build_telephony_form_response(telephony_result)
- end
-
- def extra_view_variables
- {
- idv_phone_form: build_form,
- }
- end
-
- private
-
- def build_form
- Idv::PhoneForm.new(
- previous_params: {},
- user: current_user,
- delivery_methods: [:sms],
- )
- end
-
- def build_telephony_form_response(telephony_result)
- FormResponse.new(
- success: telephony_result.success?,
- errors: { message: telephony_result.error&.friendly_message },
- extra: { telephony_response: telephony_result.to_h },
- )
- end
-
- def throttled_failure
- @flow.analytics.throttler_rate_limit_triggered(
- throttle_type: :idv_send_link,
- )
- message = I18n.t(
- 'errors.doc_auth.send_link_throttle',
- timeout: distance_of_time_in_words(
- Time.zone.now,
- [throttle.expires_at, Time.zone.now].compact.max,
- except: :seconds,
- ),
- )
-
- @flow.irs_attempts_api_tracker.idv_phone_send_link_rate_limited(
- phone_number: formatted_destination_phone,
- )
-
- failure(message)
- end
-
- def send_link
- session_uuid = flow_session[:document_capture_session_uuid]
- update_document_capture_session_requested_at(session_uuid)
- Telephony.send_doc_auth_link(
- to: formatted_destination_phone,
- link: link(session_uuid),
- country_code: Phonelib.parse(formatted_destination_phone).country,
- sp_or_app_name: sp_or_app_name,
- )
- end
-
- def sp_or_app_name
- current_sp&.friendly_name.presence || APP_NAME
- end
-
- def form_submit
- params = permit(:phone)
- params[:otp_delivery_preference] = 'sms'
- build_form.submit(params)
- end
-
- def formatted_destination_phone
- raw_phone = permit(:phone)[:phone]
- PhoneFormatter.format(raw_phone, country_code: 'US')
- end
-
- def update_document_capture_session_requested_at(session_uuid)
- document_capture_session = DocumentCaptureSession.find_by(uuid: session_uuid)
- return unless document_capture_session
- document_capture_session.update!(
- requested_at: Time.zone.now,
- cancelled_at: nil,
- issuer: sp_session[:issuer],
- )
- end
-
- def link(session_uuid)
- idv_capture_doc_dashes_url(
- 'document-capture-session': session_uuid,
- request_id: sp_session[:request_id],
- )
- end
-
- def throttle
- @throttle ||= Throttle.new(
- user: current_user,
- throttle_type: :idv_send_link,
- )
- end
- end
- end
-end
diff --git a/app/services/idv/steps/upload_step.rb b/app/services/idv/steps/upload_step.rb
index 4d4ded41f61..718a145b0ca 100644
--- a/app/services/idv/steps/upload_step.rb
+++ b/app/services/idv/steps/upload_step.rb
@@ -21,27 +21,14 @@ def call
# app/views/idv/doc_auth/upload.html.erb
if params[:type] == 'desktop'
handle_desktop_selection
- elsif params[:combined]
- # The user was shown the new combined view and
- # submitted a phone number to this step with feature flag on
- # OR
- # The user was originally shown the new combined view,
- # but has submitted to a step with the feature flag off
- # (50/50 from new to old)
- handle_phone_submission
else
- handle_mobile_selection
+ return bypass_send_link_steps if mobile_device?
+ handle_phone_submission
end
end
def extra_view_variables
- if IdentityConfig.store.doc_auth_combined_hybrid_handoff_enabled
- {
- idv_phone_form: build_form,
- }
- else
- {}
- end
+ { idv_phone_form: build_form }
end
private
@@ -63,26 +50,13 @@ def build_form
end
def form_submit
- return super if !IdentityConfig.store.doc_auth_combined_hybrid_handoff_enabled
- return super if params[:type] == 'desktop'
-
- # Remove after 50/50 deploy w/ flag
- return super if params[:type] != 'combined'
+ return super unless params[:type] == 'mobile'
params = permit(:phone)
params[:otp_delivery_preference] = 'sms'
build_form.submit(params)
end
- # To be removed after 50/50
- def handle_mobile_selection
- if mobile_device?
- bypass_send_link_steps
- else
- send_user_to_send_link_step
- end
- end
-
def handle_phone_submission
throttle.increment!
return throttled_failure if throttle.throttled?
@@ -125,13 +99,7 @@ def send_user_to_email_sent_step
form_response(destination: :email_sent)
end
- def send_user_to_send_link_step
- mark_step_complete(:email_sent)
- form_response(destination: :send_link)
- end
-
def bypass_send_link_steps
- mark_step_complete(:send_link)
mark_step_complete(:link_sent)
mark_step_complete(:email_sent)
form_response(destination: :document_capture)
diff --git a/app/services/idv/steps/welcome_step.rb b/app/services/idv/steps/welcome_step.rb
index 1a5744a5e94..67116884635 100644
--- a/app/services/idv/steps/welcome_step.rb
+++ b/app/services/idv/steps/welcome_step.rb
@@ -12,7 +12,10 @@ def self.analytics_submitted_event
end
def call
+ flow_session[:skip_upload_step] = true unless FeatureManagement.idv_allow_hybrid_flow?
+
return no_camera_redirect if params[:no_camera]
+
create_document_capture_session(document_capture_session_uuid_key)
cancel_previous_in_person_enrollments
end
diff --git a/app/services/vendor_status.rb b/app/services/outage_status.rb
similarity index 82%
rename from app/services/vendor_status.rb
rename to app/services/outage_status.rb
index 32af74b2370..33a7950ba54 100644
--- a/app/services/vendor_status.rb
+++ b/app/services/outage_status.rb
@@ -1,4 +1,4 @@
-class VendorStatus
+class OutageStatus
include ActionView::Helpers::TranslationHelper
def initialize(from: nil, from_idv: nil, sp: nil)
@@ -7,9 +7,9 @@ def initialize(from: nil, from_idv: nil, sp: nil)
@sp = sp
end
- IAL2_VENDORS = %i[acuant lexisnexis_instant_verify lexisnexis_trueid].freeze
+ IDV_VENDORS = %i[acuant lexisnexis_instant_verify lexisnexis_trueid].freeze
PHONE_VENDORS = %i[sms voice].freeze
- ALL_VENDORS = (IAL2_VENDORS + PHONE_VENDORS).freeze
+ ALL_VENDORS = (IDV_VENDORS + PHONE_VENDORS).freeze
def vendor_outage?(vendor)
status = case vendor
@@ -37,8 +37,8 @@ def all_vendor_outage?(vendors = ALL_VENDORS)
vendors.all? { |vendor| vendor_outage?(vendor) }
end
- def any_ial2_vendor_outage?
- any_vendor_outage?(IAL2_VENDORS)
+ def any_idv_vendor_outage?
+ any_vendor_outage?(IDV_VENDORS)
end
def any_phone_vendor_outage?
@@ -49,6 +49,16 @@ def all_phone_vendor_outage?
all_vendor_outage?(PHONE_VENDORS)
end
+ def gpo_only?
+ IdentityConfig.store.feature_idv_force_gpo_verification_enabled ||
+ any_phone_vendor_outage?
+ end
+
+ def allow_hybrid_flow?
+ IdentityConfig.store.feature_idv_hybrid_flow_enabled &&
+ !any_phone_vendor_outage?
+ end
+
def from_idv?
from_idv
end
@@ -58,7 +68,7 @@ def from_idv?
#
# @return [String, nil] the localized message.
def outage_message
- if any_ial2_vendor_outage?
+ if any_idv_vendor_outage?
if from_idv?
if sp
t('vendor_outage.blocked.idv.with_sp', service_provider: sp.friendly_name)
diff --git a/app/services/usps_in_person_proofing/proofer.rb b/app/services/usps_in_person_proofing/proofer.rb
index 192aa05ac85..367affec59b 100644
--- a/app/services/usps_in_person_proofing/proofer.rb
+++ b/app/services/usps_in_person_proofing/proofer.rb
@@ -1,7 +1,8 @@
module UspsInPersonProofing
class Proofer
AUTH_TOKEN_CACHE_KEY = :usps_ippaas_api_auth_token
- AUTH_TOKEN_REFRESH_THRESHOLD = 5
+ # Automatically refresh our auth token if it is within this many minutes of expiring
+ AUTH_TOKEN_PREEMPTIVE_EXPIRY_MINUTES = 1.minute
# Makes HTTP request to get nearby in-person proofing facilities
# Requires address, city, state and zip code.
@@ -102,14 +103,14 @@ def request_enrollment_code(unique_id)
# @return [String] the token
def retrieve_token!
body = request_token
- expires_at = Time.zone.now + body['expires_in']
+ # Refresh our token early so that it won't expire while a request is in-flight. We expect 15m
+ # expirys for tokens but are careful not to trim the expiry by too much, just in case
+ expires_in = body['expires_in'].seconds
+ if expires_in - AUTH_TOKEN_PREEMPTIVE_EXPIRY_MINUTES > 0
+ expires_in -= AUTH_TOKEN_PREEMPTIVE_EXPIRY_MINUTES
+ end
token = "#{body['token_type']} #{body['access_token']}"
- Rails.cache.write(AUTH_TOKEN_CACHE_KEY, token, expires_at: expires_at)
- # If using a redis cache we have to manually set the expires_at. This is because we aren't
- # using a dedicated Redis cache and instead are just using our existing Redis server with
- # mixed usage patterns. Without this cache entries don't expire.
- # More at https://api.rubyonrails.org/classes/ActiveSupport/Cache/RedisCacheStore.html
- Rails.cache.try(:redis)&.expireat(AUTH_TOKEN_CACHE_KEY, expires_at.to_i)
+ Rails.cache.write(AUTH_TOKEN_CACHE_KEY, token, expires_in: expires_in)
token
end
@@ -148,10 +149,6 @@ def faraday
# already cached.
# @return [Hash] Headers to add to USPS requests
def dynamic_headers
- token_remaining_time = Rails.cache.redis.ttl(AUTH_TOKEN_CACHE_KEY)
- if token_remaining_time != -2 && token_remaining_time <= AUTH_TOKEN_REFRESH_THRESHOLD
- retrieve_token!
- end
{
'Authorization' => token,
'RequestID' => request_id,
diff --git a/app/validators/idv/in_person/form_address_validator.rb b/app/validators/idv/in_person/form_address_validator.rb
index fe302148872..928b377caff 100644
--- a/app/validators/idv/in_person/form_address_validator.rb
+++ b/app/validators/idv/in_person/form_address_validator.rb
@@ -6,7 +6,8 @@ module FormAddressValidator
included do
validates :same_address_as_id,
- presence: true
+ presence: true,
+ unless: :capture_secondary_id_enabled?
validates_with UspsInPersonProofing::TransliterableValidator,
fields: [:city],
diff --git a/app/views/idv/doc_auth/_combined_upload.html.erb b/app/views/idv/doc_auth/_combined_upload.html.erb
deleted file mode 100644
index c3a4b6a2127..00000000000
--- a/app/views/idv/doc_auth/_combined_upload.html.erb
+++ /dev/null
@@ -1,74 +0,0 @@
-<% title t('titles.doc_auth.upload') %>
-
-<%= render 'idv/doc_auth/error_messages', flow_session: flow_session %>
-
-<%= render PageHeadingComponent.new do %>
- <%= t('doc_auth.headings.combined_upload') %>
-<% end %>
-
-
- <%= t('doc_auth.info.combined_upload') %>
-
-
-
-
- <%= image_tag(
- asset_url('idv/phone-icon.svg'),
- alt: t('image_description.camera_mobile_phone'),
- width: 88,
- height: 88,
- ) %>
-
-
-
- <%= t('doc_auth.info.tag') %>
-
-
- <%= t('doc_auth.headings.combined_upload_from_phone') %>
-
- <%= t('doc_auth.info.combined_upload_from_phone') %>
- <%= simple_form_for(
- idv_phone_form,
- as: :doc_auth,
- url: url_for(type: :mobile, combined: true),
- method: 'PUT',
- html: { autocomplete: 'off' },
- ) do |f| %>
- <%= render PhoneInputComponent.new(
- form: f,
- required: true,
- delivery_methods: [:sms],
- class: 'margin-bottom-4',
- ) %>
- <%= f.submit t('forms.buttons.send_link') %>
- <% end %>
-
-
-
-
- <%= image_tag(
- asset_url('idv/laptop-icon.svg'),
- alt: t('image_description.laptop'),
- width: 88,
- height: 88,
- ) %>
-
-
-
- <%= t('doc_auth.headings.combined_upload_from_computer') %>
-
- <%= t('doc_auth.info.combined_upload_from_computer') %>
- <%= simple_form_for(
- :doc_auth,
- url: url_for(type: :desktop),
- method: 'PUT',
- class: 'margin-bottom-4',
- ) do |f| %>
- <%= f.submit t('forms.buttons.upload_photos'), outline: true %>
- <% end %>
-
-
- <%= t('doc_auth.info.upload') %>
-
-
-
-
-
-
- <%= image_tag(
- asset_url('idv/phone-icon.svg'),
- alt: t('image_description.camera_mobile_phone'),
- width: 88,
- height: 88,
- ) %>
-
-
-
- <%= t('doc_auth.info.tag') %>
-
-
- <%= t('doc_auth.headings.upload_from_phone') %>
-
- <%= t('doc_auth.info.upload_from_phone') %>
- <%= simple_form_for(
- :doc_auth,
- url: url_for(type: :mobile),
- method: 'PUT',
- html: { autocomplete: 'off', class: 'margin-top-2' },
- ) do |f| %>
- <%= f.submit t('doc_auth.buttons.use_phone'), wide: false, class: 'margin-top-05' %>
- <% end %>
-
-
-
-<%= t('doc_auth.info.upload_from_computer') %>
-<%= simple_form_for(
- :doc_auth,
- url: url_for(type: :desktop),
- method: 'PUT',
- html: { class: 'display-inline' },
- ) do |f| %>
- <%= f.submit t('doc_auth.info.upload_computer_link'), unstyled: true, big: false %>
-<% end %>
-
-<%= render 'idv/doc_auth/cancel', step: 'upload' %>
diff --git a/app/views/idv/doc_auth/send_link.html.erb b/app/views/idv/doc_auth/send_link.html.erb
deleted file mode 100644
index 1e49331ba97..00000000000
--- a/app/views/idv/doc_auth/send_link.html.erb
+++ /dev/null
@@ -1,33 +0,0 @@
-<% title t('titles.doc_auth.take_photo') %>
-
-<% if flow_session[:error_message] %>
- <%= render AlertComponent.new(
- type: :error,
- class: 'margin-bottom-4',
- message: flow_session[:error_message],
- ) %>
-<% end %>
-
-<%= render PageHeadingComponent.new.with_content(t('doc_auth.headings.take_picture')) %>
-
-<%= t('doc_auth.info.take_picture') %>
-
-<%= t('doc_auth.info.camera_required') %>
-
-<%= t('doc_auth.instructions.send_sms') %>
-<%= simple_form_for(
- idv_phone_form,
- as: :doc_auth,
- url: url_for,
- method: 'PUT',
- html: { autocomplete: 'off' },
- ) do |f| %>
- <%= render PhoneInputComponent.new(
- form: f,
- required: true,
- delivery_methods: [:sms],
- class: 'margin-bottom-4',
- ) %>
- <%= f.submit t('forms.buttons.continue'), class: 'margin-top-4' %>
-<% end %>
-<%= render 'idv/shared/back', action: 'cancel_send_link' %>
diff --git a/app/views/idv/doc_auth/upload.html.erb b/app/views/idv/doc_auth/upload.html.erb
index 16061aa99d4..c3a4b6a2127 100644
--- a/app/views/idv/doc_auth/upload.html.erb
+++ b/app/views/idv/doc_auth/upload.html.erb
@@ -1,10 +1,74 @@
-<% if IdentityConfig.store.doc_auth_combined_hybrid_handoff_enabled %>
- <%= render partial: 'idv/doc_auth/combined_upload', locals: {
- flow_session: flow_session,
- idv_phone_form: idv_phone_form,
- } %>
-<% else %>
- <%= render partial: 'idv/doc_auth/upload', locals: {
- flow_session: flow_session,
- } %>
+<% title t('titles.doc_auth.upload') %>
+
+<%= render 'idv/doc_auth/error_messages', flow_session: flow_session %>
+
+<%= render PageHeadingComponent.new do %>
+ <%= t('doc_auth.headings.combined_upload') %>
<% end %>
+
+
+ <%= t('doc_auth.info.combined_upload') %>
+
+
+
+
+ <%= image_tag(
+ asset_url('idv/phone-icon.svg'),
+ alt: t('image_description.camera_mobile_phone'),
+ width: 88,
+ height: 88,
+ ) %>
+
+
+
+ <%= t('doc_auth.info.tag') %>
+
+
+ <%= t('doc_auth.headings.combined_upload_from_phone') %>
+
+ <%= t('doc_auth.info.combined_upload_from_phone') %>
+ <%= simple_form_for(
+ idv_phone_form,
+ as: :doc_auth,
+ url: url_for(type: :mobile, combined: true),
+ method: 'PUT',
+ html: { autocomplete: 'off' },
+ ) do |f| %>
+ <%= render PhoneInputComponent.new(
+ form: f,
+ required: true,
+ delivery_methods: [:sms],
+ class: 'margin-bottom-4',
+ ) %>
+ <%= f.submit t('forms.buttons.send_link') %>
+ <% end %>
+
+
+
+
+ <%= image_tag(
+ asset_url('idv/laptop-icon.svg'),
+ alt: t('image_description.laptop'),
+ width: 88,
+ height: 88,
+ ) %>
+
+
+
+ <%= t('doc_auth.headings.combined_upload_from_computer') %>
+
+ <%= t('doc_auth.info.combined_upload_from_computer') %>
+ <%= simple_form_for(
+ :doc_auth,
+ url: url_for(type: :desktop),
+ method: 'PUT',
+ class: 'margin-bottom-4',
+ ) do |f| %>
+ <%= f.submit t('forms.buttons.upload_photos'), outline: true %>
+ <% end %>
+
+
+ <%= t('vendor_outage.alerts.pinpoint.idv.message_html', app_name: APP_NAME, sp_name: current_sp&.friendly_name || APP_NAME) %>
+
+ <%= t('vendor_outage.alerts.pinpoint.idv.options_prompt') %>
+
+ <% t('vendor_outage.alerts.pinpoint.idv.options_html', status_page_url: StatusPage.base_url).each do | option | %>
+ -
+ <%= option %>
+
+ <% end %>
+
+ <% c.action_button(
+ action: ->(**tag_options, &block) do
+ link_to(idv_doc_auth_step_path(step: :welcome), **tag_options, &block)
+ end,
+ big: true,
+ wide: true,
+ class: 'usa-button',
+ ).with_content(t('doc_auth.buttons.continue')) %>
+ <% c.action_button(
+ action: ->(**tag_options, &block) do
+ link_to(exit_url, **tag_options, &block)
+ end,
+ big: true,
+ wide: true,
+ outline: true,
+ class: 'usa-button',
+ ).with_content(t('links.exit_login', app_name: APP_NAME)) %>
+ <% c.troubleshooting_options do |tc| %>
+ <% tc.header { t('components.troubleshooting_options.default_heading') } %>
+ <% tc.option(
+ url: StatusPage.base_url,
+ new_tab: true,
+ ).with_content(t('vendor_outage.get_updates_on_status_page')) %>
+ <% if decorated_session.sp_name %>
+ <% tc.option(
+ url: current_sp.return_to_sp_url,
+ new_tab: true,
+ ).with_content(
+ t('idv.troubleshooting.options.get_help_at_sp', sp_name: decorated_session.sp_name),
+ ) %>
+ <% end %>
+ <% end %>
+<% end %>
diff --git a/app/views/idv/gpo_verify/index.html.erb b/app/views/idv/gpo_verify/index.html.erb
index 3b57f850770..e9921d693a0 100644
--- a/app/views/idv/gpo_verify/index.html.erb
+++ b/app/views/idv/gpo_verify/index.html.erb
@@ -41,7 +41,7 @@