Deploy RC 287 to Prod

app/components/phone_input_component.rb

@@ -63,7 +63,8 @@ def international_phone_codes
   def strings
     {
       country_code_label: t('components.phone_input.country_code_label'),
-      invalid_phone: t('errors.messages.invalid_phone_number'),
+      invalid_phone_us: t('errors.messages.invalid_phone_number.us'),
+      invalid_phone_international: t('errors.messages.invalid_phone_number.international'),
       unsupported_country: unsupported_country_string,
     }
   end

app/controllers/api/internal/sessions_controller.rb

@@ -11,13 +11,13 @@ class SessionsController < ApplicationController
       respond_to :json
 
       def show
-        render json: { live: live?, timeout: timeout }
+        render json: status_response
       end
 
       def update
         analytics.session_kept_alive if live?
         update_last_request_at
-        render json: { live: live?, timeout: timeout }
+        render json: status_response
       end
 
       def destroy
@@ -29,21 +29,21 @@ def destroy
 
       private
 
+      def status_response
+        { live: live?, timeout: live?.presence && timeout }
+      end
+
       def skip_devise_hooks
         request.env['devise.skip_timeout'] = true
         request.env['devise.skip_trackable'] = true
       end
 
       def live?
-        timeout.future?
+        timeout.present? && timeout.future?
       end
 
       def timeout
-        if last_request_at.present?
-          Time.zone.at(last_request_at + User.timeout_in)
-        else
-          Time.current
-        end
+        Time.zone.at(last_request_at + User.timeout_in) if last_request_at.present?
       end
 
       def last_request_at

app/controllers/concerns/idv/outage_concern.rb

@@ -0,0 +1,23 @@
+module Idv
+  module OutageConcern
+    extend ActiveSupport::Concern
+
+    def check_for_outage
+      return if user_session.fetch('idv/doc_auth', {})[:skip_vendor_outage]
+
+      return redirect_for_gpo_only if FeatureManagement.idv_gpo_only?
+    end
+
+    def redirect_for_gpo_only
+      return redirect_to vendor_outage_url unless FeatureManagement.gpo_verification_enabled?
+
+      # During a phone outage, skip the hybrid handoff
+      # step and go straight to document upload
+      unless FeatureManagement.idv_allow_hybrid_flow?
+        user_session.fetch('idv/doc_auth', {})[:skip_upload_step] = true
+      end
+
+      redirect_to idv_mail_only_warning_url
+    end
+  end
+end

app/controllers/concerns/idv_step_concern.rb

@@ -48,8 +48,8 @@ def confirm_document_capture_complete
       redirect_to idv_document_capture_url
     elsif flow_path == 'hybrid'
       redirect_to idv_link_sent_url
-    else # no flow_path, go to UploadStep via FSM
-      redirect_to idv_doc_auth_url
+    else # no flow_path
+      redirect_to idv_hybrid_handoff_path
     end
   end
 

app/controllers/idv/doc_auth_controller.rb

@@ -8,6 +8,7 @@ class DocAuthController < ApplicationController
     include Flow::FlowStateMachine
     include Idv::ThreatMetrixConcern
     include FraudReviewConcern
+    include Idv::OutageConcern
 
     before_action :redirect_if_flow_completed
     before_action :handle_fraud
@@ -20,7 +21,7 @@ class DocAuthController < ApplicationController
 
     FLOW_STATE_MACHINE_SETTINGS = {
       step_url: :idv_doc_auth_step_url,
-      final_url: :idv_link_sent_url,
+      final_url: :idv_hybrid_handoff_url,
       flow: Idv::Flows::DocAuthFlow,
       analytics_id: 'Doc Auth',
     }.freeze
@@ -56,24 +57,5 @@ def do_meta_refresh(meta_refresh_count)
     def flow_session
       user_session['idv/doc_auth']
     end
-
-    def check_for_outage
-      return if flow_session[:skip_vendor_outage]
-
-      return redirect_for_gpo_only if FeatureManagement.idv_gpo_only?
-    end
-
-    def redirect_for_gpo_only
-      return redirect_to vendor_outage_url unless FeatureManagement.gpo_verification_enabled?
-
-      # During a phone outage, skip the hybrid handoff
-      # step and go straight to document upload
-      flow_session[:skip_upload_step] = true unless FeatureManagement.idv_allow_hybrid_flow?
-
-      session[:vendor_outage_redirect] = current_step
-      session[:vendor_outage_redirect_from_idv] = true
-
-      redirect_to idv_mail_only_warning_url
-    end
   end
 end

app/controllers/idv/document_capture_controller.rb

@@ -4,6 +4,7 @@ class DocumentCaptureController < ApplicationController
     include DocumentCaptureConcern
     include IdvSession
     include IdvStepConcern
+    include OutageConcern
     include StepIndicatorConcern
     include StepUtilitiesConcern
     include RateLimitConcern
@@ -12,6 +13,7 @@ class DocumentCaptureController < ApplicationController
     before_action :confirm_upload_step_complete
     before_action :confirm_document_capture_needed
     before_action :override_csp_to_allow_acuant
+    before_action :check_for_outage, only: :show
 
     def show
       analytics.idv_doc_auth_document_capture_visited(**analytics_arguments)
@@ -54,11 +56,7 @@ def extra_view_variables
     def confirm_upload_step_complete
       return if flow_session[:flow_path].present?
 
-      if IdentityConfig.store.doc_auth_hybrid_handoff_controller_enabled
-        redirect_to idv_hybrid_handoff_url
-      else
-        redirect_to idv_doc_auth_url
-      end
+      redirect_to idv_hybrid_handoff_url
     end
 
     def confirm_document_capture_needed

app/controllers/idv/hybrid_handoff_controller.rb

@@ -3,12 +3,14 @@ class HybridHandoffController < ApplicationController
     include ActionView::Helpers::DateHelper
     include IdvSession
     include IdvStepConcern
+    include OutageConcern
     include StepIndicatorConcern
     include StepUtilitiesConcern
 
     before_action :confirm_two_factor_authenticated
     before_action :confirm_agreement_step_complete
     before_action :confirm_hybrid_handoff_needed, only: :show
+    before_action :check_for_outage, only: :show
 
     def show
       analytics.idv_doc_auth_upload_visited(**analytics_arguments)
@@ -43,7 +45,6 @@ def handle_phone_submission
       throttle.increment!
       return throttled_failure if throttle.throttled?
       idv_session.phone_for_mobile_flow = params[:doc_auth][:phone]
-      flow_session[:phone_for_mobile_flow] = idv_session.phone_for_mobile_flow
       flow_session[:flow_path] = 'hybrid'
       telephony_result = send_link
       telephony_form_response = build_telephony_form_response(telephony_result)
@@ -61,9 +62,6 @@ def handle_phone_submission
 
       if !failure_reason
         redirect_to idv_link_sent_url
-
-        # for the 50/50 state
-        flow_session['Idv::Steps::UploadStep'] = true
       else
         redirect_to idv_hybrid_handoff_url
         flow_session[:flow_path] = nil
@@ -122,9 +120,6 @@ def bypass_send_link_steps
       flow_session[:flow_path] = 'standard'
       redirect_to idv_document_capture_url
 
-      # for the 50/50 state
-      flow_session['Idv::Steps::UploadStep'] = true
-
       analytics.idv_doc_auth_upload_submitted(
         **analytics_arguments.merge(
           form_response(destination: :document_capture).to_h,

app/controllers/idv/in_person/verify_info_controller.rb

@@ -6,10 +6,12 @@ class VerifyInfoController < ApplicationController
       include StepUtilitiesConcern
       include Steps::ThreatMetrixStepHelper
       include VerifyInfoConcern
+      include OutageConcern
 
       before_action :renders_404_if_flag_not_set
       before_action :confirm_ssn_step_complete
       before_action :confirm_verify_info_step_needed
+      before_action :check_for_outage, only: :show
 
       def show
         @step_indicator_steps = step_indicator_steps

app/controllers/idv/link_sent_controller.rb

@@ -3,13 +3,15 @@ class LinkSentController < ApplicationController
     include DocumentCaptureConcern
     include IdvSession
     include IdvStepConcern
+    include OutageConcern
     include StepIndicatorConcern
     include StepUtilitiesConcern
 
     before_action :confirm_two_factor_authenticated
     before_action :confirm_upload_step_complete
     before_action :confirm_document_capture_needed
     before_action :extend_timeout_using_meta_refresh
+    before_action :check_for_outage, only: :show
 
     def show
       analytics.idv_doc_auth_link_sent_visited(**analytics_arguments)
@@ -34,7 +36,7 @@ def update
     end
 
     def extra_view_variables
-      { phone: flow_session[:phone_for_mobile_flow],
+      { phone: idv_session.phone_for_mobile_flow,
         flow_session: flow_session }
     end
 
@@ -45,10 +47,8 @@ def confirm_upload_step_complete
 
       if flow_session[:flow_path] == 'standard'
         redirect_to idv_document_capture_url
-      elsif IdentityConfig.store.doc_auth_hybrid_handoff_controller_enabled
-        redirect_to idv_hybrid_handoff_url
       else
-        redirect_to idv_doc_auth_url
+        redirect_to idv_hybrid_handoff_url
       end
     end
 
@@ -73,18 +73,12 @@ def analytics_arguments
     def handle_document_verification_success(get_results_response)
       save_proofing_components(current_user)
       extract_pii_from_doc(current_user, get_results_response, store_in_session: true)
-      mark_upload_step_complete
       flow_session[:flow_path] = 'hybrid'
     end
 
     def render_document_capture_cancelled
-      if IdentityConfig.store.doc_auth_hybrid_handoff_controller_enabled
-        redirect_to idv_hybrid_handoff_url
-        flow_session[:flow_path] = nil
-      else
-        mark_upload_step_incomplete
-        redirect_to idv_doc_auth_url # was idv_url, why?
-      end
+      redirect_to idv_hybrid_handoff_url
+      flow_session[:flow_path] = nil
       failure(I18n.t('errors.doc_auth.document_capture_cancelled'))
     end
 
@@ -103,14 +97,6 @@ def document_capture_session_result
       end
     end
 
-    def mark_upload_step_complete
-      flow_session['Idv::Steps::UploadStep'] = true
-    end
-
-    def mark_upload_step_incomplete
-      flow_session['Idv::Steps::UploadStep'] = nil
-    end
-
     def extend_timeout_using_meta_refresh
       max_10min_refreshes = IdentityConfig.store.doc_auth_extend_timeout_by_minutes / 10
       return if max_10min_refreshes <= 0

app/controllers/idv/phone_controller.rb

@@ -2,6 +2,7 @@ module Idv
   class PhoneController < ApplicationController
     include IdvStepConcern
     include StepIndicatorConcern
+    include OutageConcern
     include PhoneOtpRateLimitable
     include PhoneOtpSendable
 
@@ -10,6 +11,9 @@ class PhoneController < ApplicationController
     before_action :confirm_verify_info_step_complete
     before_action :confirm_step_needed
     before_action :set_idv_form
+    # rubocop:disable Rails/LexicallyScopedActionFilter
+    before_action :check_for_outage, only: :show
+    # rubocop:enable Rails/LexicallyScopedActionFilter
 
     def new
       analytics.idv_phone_use_different(step: params[:step]) if params[:step]

app/controllers/idv/ssn_controller.rb

@@ -2,6 +2,7 @@ module Idv
   class SsnController < ApplicationController
     include IdvSession
     include IdvStepConcern
+    include OutageConcern
     include StepIndicatorConcern
     include StepUtilitiesConcern
     include Steps::ThreatMetrixStepHelper
@@ -11,6 +12,7 @@ class SsnController < ApplicationController
     before_action :confirm_document_capture_complete
     before_action :confirm_repeat_ssn, only: :show
     before_action :override_csp_for_threat_metrix_no_fsm
+    before_action :check_for_outage, only: :show
 
     attr_accessor :error_message
 

app/controllers/idv/verify_info_controller.rb

@@ -1,13 +1,15 @@
 module Idv
   class VerifyInfoController < ApplicationController
     include IdvStepConcern
+    include OutageConcern
     include StepUtilitiesConcern
     include StepIndicatorConcern
     include VerifyInfoConcern
     include Steps::ThreatMetrixStepHelper
 
     before_action :confirm_ssn_step_complete
     before_action :confirm_verify_info_step_needed
+    before_action :check_for_outage, only: :show
 
     def show
       @step_indicator_steps = step_indicator_steps

app/javascript/packages/document-capture/components/barcode-attention-warning.tsx

@@ -1,16 +1,10 @@
-import { useContext } from 'react';
 import { Button, StatusPage } from '@18f/identity-components';
-import { SpinnerButton } from '@18f/identity-spinner-button';
 import { t } from '@18f/identity-i18n';
 import { trackEvent } from '@18f/identity-analytics';
 import { removeUnloadProtection } from '@18f/identity-url';
-import UploadContext from '../context/upload';
-import { toFormData } from '../services/upload';
 import type { PII } from '../services/upload';
 import DocumentCaptureTroubleshootingOptions from './document-capture-troubleshooting-options';
 
-const DOCUMENT_CAPTURE_ERRORS_API_URL = '/api/verify/v2/document_capture_errors';
-
 interface BarcodeAttentionWarningProps {
   /**
    * Callback to trigger when user opts to try to take new photos rather than continue to next step.
@@ -24,16 +18,8 @@ interface BarcodeAttentionWarningProps {
 }
 
 function BarcodeAttentionWarning({ onDismiss, pii }: BarcodeAttentionWarningProps) {
-  const { formData } = useContext(UploadContext);
-
-  async function skipAttention() {
-    await Promise.all([
-      trackEvent('IdV: barcode warning continue clicked'),
-      window.fetch(DOCUMENT_CAPTURE_ERRORS_API_URL, {
-        method: 'DELETE',
-        body: toFormData({ document_capture_session_uuid: formData.document_capture_session_uuid }),
-      }),
-    ]);
+  function skipAttention() {
+    trackEvent('IdV: barcode warning continue clicked');
     removeUnloadProtection();
     const form = document.querySelector<HTMLFormElement>('.js-document-capture-form');
     form?.submit();
@@ -49,9 +35,9 @@ function BarcodeAttentionWarning({ onDismiss, pii }: BarcodeAttentionWarningProp
       header={t('doc_auth.errors.barcode_attention.heading')}
       status="warning"
       actionButtons={[
-        <SpinnerButton key="continue" isBig isWide onClick={skipAttention}>
+        <Button key="continue" isBig isWide onClick={skipAttention}>
           {t('forms.buttons.continue')}
-        </SpinnerButton>,
+        </Button>,
         <Button key="add-new" isBig isOutline isWide onClick={handleDismiss}>
           {t('doc_auth.buttons.add_new_photos')}
         </Button>,