Deploy RC 301 to Production#8915
Merged
mitchellhenke merged 24 commits intostages/prodfrom Aug 1, 2023
Merged
Conversation
changelog: Bug Fixes, Account Registration, Require re-authentication during MFA setup flow Co-authored-by: Andrew Duthie <andrew.duthie@gsa.gov>
changelog: Upcoming Features, Face or Touch Unlock, Fix required MFA redirect for phishing-resistant-required request
changelog: Upcoming Features, Face or Touch Unlock, Log unexpected errors during WebAuthn enrollment or authentication
…unt management (#8857) * Add test case changelog: Bug Fixes, Account Management, Fix unexpected sign out with phone reauthentication in account management * require full authentication to be in "reauthentication" context * remove reauthn param * remove reauthn parameter * undo fully_authenticated stuff --------- Co-authored-by: Mitchell Henke <mitchell.henke@gsa.gov>
…ndpoints (#8869) * changelog: Internal, In-Person Proofing, Set up mock address and usps endpoints * Allow the public endpoints * Add feature flag protection * Split up controllers to more closely match what we need in future * Duplicate controller details * Lint * Rename feature flag; permit options verb * Test shell * Failing spec * Fix tests * Update spec/controllers/idv/in_person/public/address_search_controller_spec.rb Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com> * Update spec/controllers/idv/in_person/public/usps_locations_controller_spec.rb Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com> * Test matches for consistency * rename public route --------- Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com>
…lments outside of jobs (#8875) * use constants for status values * handle expired enrollments outside job context changelog: Internal, In-person proofing, Delete notification phone configuration when enrollment is marked expired
* Add tests to cover existing skip_upload behavior * Support skip_hybrid_handoff in AgreementController * Support skip_hybrid_handoff in GettingStartedController * Rename skip_upload to skip_hybrid_handoff Add skip_upload and skip_hybrid_handoff inputs in document-capture-welcome. A future commit will remove skip_upload [skip changelog]
* standardize event messages * use have_logged_event instead of receive in tests changelog: Internal, In-Person Proofing, standardize SendProofingNotificationJob analytics event messages
* webauthn backup initial * fix webauthn setup * enroll fix * enroll work * webauthn * webauthn setup * changelog: Upcoming Features, F/T Unlock, add redirect when backup state is false * add config * run lint * add spec for webauthn form and data flags * fix enroll * rubocop * fix tests * change version * changelog: Upcoming Features, Webauthn, Redirect Unsupported Backup state users to additional information page * set webauthn helper * fix rspec * update webauthn setup page * add controller test * add check for when feature toggle turned off * fix webauthn input * fix rubocop issue * fix linting * fix redirect * redirect webauthn * check valid config * change redirect to backend * update setup form * update specs * lint and fix tests * LG setup * address form * setup form fix * rspec * rubocop * remove feature flag * address comments * add spec on nil value * data flag
* Rename 'Throttler Rate Limit Triggered' analytics event -> 'Rate Limit Reached' changelog: Internal, Logging, rename 'Throttler Rate Limit Triggered' to 'Rate Limit Reached' * Rename analytics method throttler_rate_limit_triggered to rate_limit_reached * Change analytics arg from throttle_type -> limiter_type * Rename irs_attempts_api argument throttle_context -> limiter_context * Rename analytics arg :throttle_expires_at -> limiter_expires_at * Rename analytics arg throttled -> rate_limited * Add previous_event_name annotation for Throttler Rate Limit Triggered * Fix analytics_events.rb alphabetization --------- Co-authored-by: John Maxwell <john.maxwell@gsa.gov>
#8892) * LG-10313: 500 error fixes [skip changelog] * rspec and changes * removing extra * removing stud actual factory
* Mark call to be extracted * Move `Idv::Session#in_person_enrollment?` to `User` changelog: Internal, In-person proofing, refactor in-proofing reads and writes * Use multiple lines * Replace call from idv step concern * Restore `#in_person_enrollment?` to `Idv::Session` * Add in person verification pending to profile maker * Implement in_person_verification_pending on profile maker * Move in_person_verification deactivation_reason logic from session to profile maker * Break up long line * Implement `Profile#deactivate_for_in_person_verification_pending` and use it in gpo verify form * Remove empty line * Remove debug statement * Check in person enrollment on profile itself * Restore new deactivate call * Mark changed field correctly in spec * Move enrollment to deactivate method * Rename method * Call new method * Test `Profile#in_person_verification_pending?` * Add explicit boolean in person method
* Remove skip_upload_step from hybrid handoff submitted analytics We no longer trigger this event if hybrid handoff is skipped, so it is redundant. * Start writing idv_session.skip_hybrid_handoff This will take the place of flow_session[:skip_upload_step]. [skip changelog] * Tweak how hybrid handoff controller reads form params[:type] is set, we can just read that. * Don't set :skip_upload_step when hybrid flow disabled The hybrid flow controller should be able to skip the user past if it has been disabled--don't disable it for the entire session right at the beginning. * Don't set skip_upload_stpe in Idv::OutageConcern The HybridHandoffController can detect when hybrid flow is unavailable and redirect accordingly.
* Add "count distinct" option to CloudWatch query script changelog: Internal, Log Querying, Add count distinct option to log querying script * Add missing block forwarding See: #8887 (comment) Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com> * Handle count_distinct in bin/query-cloudwatch Handle uniqueness by value set See: - #8887 (comment) - #8887 (comment) * Re-collapse attr_reader * Add specs * Better specs --------- Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com>
…ated (#8895) changelog: Improvements, Authentication, Do not log user out when accessing root url while partially authenticated
…#8865) * Add extra_analytics_properties to a concern * delete extra_analytics_properties to use concern * add extra_analytics_properties to ssn_controller, update/add tests * changelog: Upcoming Features, In-person proofing, add extra analytic properties to non-fsm ssn step * fix lint issues * add same_address_as_is to extra on ssn submit * Lint fix, update test * Remove config req version * check if pii_from_user, not flow_session * add threatmetrix_session_id onto flow_session for testing, with new tests * remove puts statement
…s bolding (#8870) Updated warning screen for information verification errors. Reduced the amount of bolding used, so as to emphasize only the important text Changelog: User Facing Improvement, Remote Proofing, Improved display of remaining number of attempts Co-authored-by: Sonia Connolly <sonia.connolly@gsa.gov>
We are working to retire `flow_session` as part of retiring FSM and restoring the back button functionality. This commit starts to move one of the properties, `had_barcode_read_failure`, into `idv_session`. Another commit will be necessary to start reading from the `idv_session` and then a final commit to stop writing to `flow_session`. [skip changelog]
This commit updates the JWT gem. Prior to this a few specs would raise this error when running with OpenSSL 3.0: ``` OpenSSL::PKey::PKeyError: rsa#set_key= is incompatible with OpenSSL 3.0 ``` This commit upgrades the JWT gem to a version that does not use `#set_key=` in a way that is incompatible with OpenSSL 3.0 [skip changelog]
…#8889) We are working to retire `flow_session` as part of retiring FSM and restoring the back button functionality. This commit starts to move one of the properties, `had_barcode_attention_error`, into `idv_session`. Another commit will be necessary to start reading from the `idv_session` and then a final commit to stop writing to `flow_session`. [skip changelog]
* Add A/B test buckets to 'IdV: USPS address letter enqueued' event * Add A/B test buckets to 'IdV: USPS address letter requested' [skip changelog] * Add A/B test buckets to 'IdV: phone confirmation form'
* In person verify by mail end to end spec * Add test helpers [skip changelog] * Set user.password in sign_up_and_set_password test helper * Spec cleanup * Remove TODO list of specs * Use in_person helper to click return_to_sp link --------- Co-authored-by: John Maxwell <john.maxwell@gsa.gov> Co-authored-by: Alexander Bradley <alexander.bradley@gsa.gov>
* Rename method param based_on_throttle -> based_on_limiter * Add /session/errors/rate_limited route to replace /session/errors/throttled route * Rename throttled templates to rate_limited * Update variable name throttled_message -> rate_limited_message [skip changelog] * Rename session_errors throttled action to rate_limited The old route is still there and will be changed to a redirect in a future commit. * Remove 'THROTTLE' from Link Sent polling front end code --------- Co-authored-by: John Maxwell <john.maxwell@gsa.gov> Co-authored-by: Matt Hinz <matt.hinz@gsa.gov>
* LG-10477: Add checks for WebAuthn browser support changelog: Bug Fixes, Security Key, Fix security key enrollment in Firefox * Enhance spec coverage * Add link to getAuthenticatorData browser compat
mitchellhenke
requested review from
aduth,
allthesignals,
matthinz,
mdiarra3,
soniaconnolly and
tomas-nava
soniaconnolly
approved these changes
Aug 1, 2023
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
10 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
User-Facing Improvements
Bug Fixes
Internal
Upcoming Features