Deploy RC 269 to Production

app/controllers/concerns/idv/step_utilities_concern.rb

@@ -2,15 +2,6 @@ module Idv
   module StepUtilitiesConcern
     extend ActiveSupport::Concern
 
-    def flow_session
-      user_session['idv/doc_auth']
-    end
-
-    # copied from doc_auth_controller
-    def flow_path
-      flow_session[:flow_path]
-    end
-
     # Copied from capture_doc_flow.rb
     # and from doc_auth_flow.rb
     def acuant_sdk_ab_test_analytics_args

app/controllers/concerns/idv/verify_info_concern.rb

@@ -86,6 +86,29 @@ def warning_url
       idv_session_errors_warning_url
     end
 
+    def process_async_state(current_async_state)
+      if current_async_state.none?
+        idv_session.invalidate_verify_info_step!
+        render :show
+      elsif current_async_state.in_progress?
+        render 'shared/wait'
+      elsif current_async_state.missing?
+        analytics.idv_proofing_resolution_result_missing
+        flash.now[:error] = I18n.t('idv.failure.timeout')
+        render :show
+
+        delete_async
+        idv_session.invalidate_verify_info_step!
+
+        log_idv_verification_submitted_event(
+          success: false,
+          failure_reason: { idv_verification: [:timeout] },
+        )
+      elsif current_async_state.done?
+        async_state_done(current_async_state)
+      end
+    end
+
     def async_state_done(current_async_state)
       add_proofing_costs(current_async_state.result)
       form_response = idv_result_to_form_response(

app/controllers/concerns/idv_step_concern.rb

@@ -8,11 +8,21 @@ module IdvStepConcern
     before_action :confirm_idv_needed
   end
 
-  def confirm_document_capture_complete
-    @pii = flow_session&.[]('pii_from_doc') # hash with indifferent access
-    return if @pii.present?
+  def flow_session
+    user_session['idv/doc_auth']
+  end
+
+  def pii_from_doc
+    flow_session&.[]('pii_from_doc')
+  end
 
-    flow_path = flow_session&.[](:flow_path)
+  # copied from doc_auth_controller
+  def flow_path
+    flow_session&.[](:flow_path)
+  end
+
+  def confirm_document_capture_complete
+    return if pii_from_doc.present?
 
     if IdentityConfig.store.doc_auth_document_capture_controller_enabled &&
        flow_path == 'standard'

app/controllers/idv/address_controller.rb

@@ -1,14 +1,14 @@
 module Idv
   class AddressController < ApplicationController
     include IdvSession
+    include IdvStepConcern
 
-    before_action :confirm_two_factor_authenticated
     before_action :confirm_document_capture_complete
 
     def new
       analytics.idv_address_visit
 
-      @presenter = AddressPresenter.new(pii: @pii)
+      @presenter = AddressPresenter.new(pii: pii_from_doc)
     end
 
     def update
@@ -24,22 +24,8 @@ def update
 
     private
 
-    def confirm_document_capture_complete
-      @pii = user_session.dig('idv/doc_auth', 'pii_from_doc')
-      return if @pii.present?
-
-      flow_path = user_session.dig('idv/doc_auth', :flow_path)
-
-      if IdentityConfig.store.doc_auth_document_capture_controller_enabled &&
-         flow_path == 'standard'
-        redirect_to idv_document_capture_url
-      else
-        redirect_to idv_doc_auth_url
-      end
-    end
-
     def idv_form
-      Idv::AddressForm.new(@pii)
+      Idv::AddressForm.new(pii_from_doc)
     end
 
     def success

app/controllers/idv/doc_auth_controller.rb

@@ -72,17 +72,9 @@ def flow_session
     def check_for_outage
       return if flow_session[:skip_vendor_outage]
 
-      return redirect_for_proofing_vendor_outage if OutageStatus.new.any_idv_vendor_outage?
       return redirect_for_gpo_only if FeatureManagement.idv_gpo_only?
     end
 
-    def redirect_for_proofing_vendor_outage
-      session[:vendor_outage_redirect] = current_step
-      session[:vendor_outage_redirect_from_idv] = true
-
-      redirect_to vendor_outage_url
-    end
-
     def redirect_for_gpo_only
       return redirect_to vendor_outage_url unless FeatureManagement.gpo_verification_enabled?
 

app/controllers/idv/document_capture_controller.rb

@@ -1,11 +1,11 @@
 module Idv
   class DocumentCaptureController < ApplicationController
     include IdvSession
+    include IdvStepConcern
     include StepIndicatorConcern
     include StepUtilitiesConcern
     include DocumentCaptureConcern
 
-    before_action :render_404_if_document_capture_controller_disabled
     before_action :confirm_two_factor_authenticated
     before_action :confirm_upload_step_complete
     before_action :confirm_document_capture_needed
@@ -58,10 +58,6 @@ def extra_view_variables
 
     private
 
-    def render_404_if_document_capture_controller_disabled
-      render_not_found unless IdentityConfig.store.doc_auth_document_capture_controller_enabled
-    end
-
     def confirm_upload_step_complete
       return if flow_session['Idv::Steps::UploadStep']
 

app/controllers/idv/in_person/usps_locations_controller.rb

@@ -38,21 +38,28 @@ def index
         render json: response.to_json
       end
 
-      def proofer
-        @proofer ||= EnrollmentHelper.usps_proofer
-      end
-
       # save the Post Office location the user selected to an enrollment
       def update
         enrollment.update!(
           selected_location_details: update_params.as_json,
           issuer: current_sp&.issuer,
         )
+        add_proofing_component
 
         render json: { success: true }, status: :ok
       end
 
-      protected
+      private
+
+      def proofer
+        @proofer ||= EnrollmentHelper.usps_proofer
+      end
+
+      def add_proofing_component
+        ProofingComponent.
+          create_or_find_by(user: effective_user).
+          update(document_check: Idp::Constants::Vendors::USPS)
+      end
 
       def handle_error(err)
         remapped_error = case err

app/controllers/idv/in_person/verify_info_controller.rb

@@ -1,19 +1,17 @@
 module Idv
   module InPerson
     class VerifyInfoController < ApplicationController
-      include IdvSession
+      include IdvStepConcern
       include StepIndicatorConcern
       include StepUtilitiesConcern
+      include Steps::ThreatMetrixStepHelper
       include VerifyInfoConcern
 
       before_action :renders_404_if_flag_not_set
-      before_action :confirm_two_factor_authenticated
       before_action :confirm_ssn_step_complete
       before_action :confirm_verify_info_step_needed
 
       def show
-        @in_person_proofing = true
-        @verify_info_submit_path = idv_in_person_verify_info_path
         @step_indicator_steps = step_indicator_steps
 
         increment_step_counts
@@ -44,7 +42,6 @@ def update
 
         pii[:uuid_prefix] = ServiceProvider.find_by(issuer: sp_session[:issuer])&.app_id
         pii[:state_id_type] = 'drivers_license' unless pii.blank?
-        add_proofing_component
 
         ssn_throttle.increment!
         if ssn_throttle.throttled?
@@ -95,12 +92,6 @@ def renders_404_if_flag_not_set
         render_not_found unless IdentityConfig.store.in_person_verify_info_controller_enabled
       end
 
-      def add_proofing_component
-        ProofingComponent.
-          create_or_find_by(user: current_user).
-          update(document_check: Idp::Constants::Vendors::USPS)
-      end
-
       # copied from address_controller
       def confirm_ssn_step_complete
         return if pii.present? && pii[:ssn].present?
@@ -147,30 +138,6 @@ def analytics_arguments
           irs_reproofing: irs_reproofing?,
         }.merge(**acuant_sdk_ab_test_analytics_args)
       end
-
-      # copied from verify_base_step. May want reconciliation with phone_step
-      def process_async_state(current_async_state)
-        if current_async_state.none?
-          idv_session.resolution_successful = false
-          render 'idv/verify_info/show'
-        elsif current_async_state.in_progress?
-          render 'shared/wait'
-        elsif current_async_state.missing?
-          analytics.idv_proofing_resolution_result_missing
-          flash.now[:error] = I18n.t('idv.failure.timeout')
-          render 'idv/verify_info/show'
-
-          delete_async
-          idv_session.resolution_successful = false
-
-          log_idv_verification_submitted_event(
-            success: false,
-            failure_reason: { idv_verification: [:timeout] },
-          )
-        elsif current_async_state.done?
-          async_state_done(current_async_state)
-        end
-      end
     end
   end
 end

app/controllers/idv/personal_key_controller.rb

@@ -22,8 +22,8 @@ def update
       analytics.idv_personal_key_submitted(
         address_verification_method: address_verification_method,
         deactivation_reason: idv_session.profile&.deactivation_reason,
-        fraud_review_pending: idv_session.profile&.fraud_review_pending,
-        fraud_rejection: idv_session.profile&.fraud_rejection,
+        fraud_review_pending: idv_session.profile&.fraud_review_pending?,
+        fraud_rejection: idv_session.profile&.fraud_rejection?,
       )
       redirect_to next_step
     end

app/controllers/idv/phone_controller.rb

@@ -126,7 +126,7 @@ def step
     end
 
     def step_params
-      params.require(:idv_phone_form).permit(:phone, :otp_delivery_preference)
+      params.require(:idv_phone_form).permit(:phone, :international_code, :otp_delivery_preference)
     end
 
     def confirm_step_needed

app/controllers/idv/phone_errors_controller.rb

@@ -1,5 +1,6 @@
 module Idv
   class PhoneErrorsController < ApplicationController
+    include StepIndicatorConcern
     include IdvSession
 
     before_action :confirm_two_factor_authenticated
@@ -9,6 +10,8 @@ class PhoneErrorsController < ApplicationController
 
     def warning
       @remaining_attempts = throttle.remaining_count
+      @phone = idv_session.previous_phone_step_params[:phone]
+      @country_code = idv_session.previous_phone_step_params[:international_code]
       track_event(type: :warning)
     end
 

app/controllers/idv/review_controller.rb

@@ -53,16 +53,16 @@ def create
 
       analytics.idv_review_complete(
         success: true,
-        fraud_review_pending: idv_session.profile.fraud_review_pending,
-        fraud_rejection: idv_session.profile.fraud_rejection,
+        fraud_review_pending: idv_session.profile.fraud_review_pending?,
+        fraud_rejection: idv_session.profile.fraud_rejection?,
         deactivation_reason: idv_session.profile.deactivation_reason,
       )
       Funnel::DocAuth::RegisterStep.new(current_user.id, current_sp&.issuer).
         call(:verified, :view, true)
       analytics.idv_final(
         success: true,
-        fraud_review_pending: idv_session.profile.fraud_review_pending,
-        fraud_rejection: idv_session.profile.fraud_rejection,
+        fraud_review_pending: idv_session.profile.fraud_review_pending?,
+        fraud_rejection: idv_session.profile.fraud_rejection?,
         deactivation_reason: idv_session.profile.deactivation_reason,
       )
 

app/controllers/idv/ssn_controller.rb

@@ -56,7 +56,7 @@ def extra_view_variables
     private
 
     def next_url
-      if @pii[:state] == 'PR'
+      if pii_from_doc[:state] == 'PR'
         idv_address_url
       else
         idv_verify_info_url

app/controllers/idv/unavailable_controller.rb

@@ -0,0 +1,34 @@
+module Idv
+  class UnavailableController < ApplicationController
+    ALLOWED_FROM_LOCATIONS = [SignUp::RegistrationsController::CREATE_ACCOUNT]
+
+    before_action :redirect_if_idv_available_and_from_create_account
+
+    def show
+      analytics.vendor_outage(
+        vendor_status: {
+          acuant: IdentityConfig.store.vendor_status_acuant,
+          lexisnexis_instant_verify: IdentityConfig.store.vendor_status_lexisnexis_instant_verify,
+          lexisnexis_trueid: IdentityConfig.store.vendor_status_lexisnexis_trueid,
+          sms: IdentityConfig.store.vendor_status_sms,
+          voice: IdentityConfig.store.vendor_status_voice,
+        },
+        redirect_from: from,
+      )
+    end
+
+    private
+
+    def from
+      params[:from] if ALLOWED_FROM_LOCATIONS.include?(params[:from])
+    end
+
+    def from_create_account?
+      from == SignUp::RegistrationsController::CREATE_ACCOUNT
+    end
+
+    def redirect_if_idv_available_and_from_create_account
+      redirect_to sign_up_email_url if FeatureManagement.idv_available? && from_create_account?
+    end
+  end
+end