Skip to content

Deploy RC 309 to Prod #9112

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
mdiarra3 merged 35 commits into from
Aug 29, 2023
Merged

Deploy RC 309 to Prod #9112

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
35 commits
Select commit Hold shift + click to select a range
354a700
LG-9164: Centralize address search hooks/types/utils (#9009)
allthesignals Aug 24, 2023
044da93
LG-10646: Add email address should not be populated with default emai…
jmdembe Aug 24, 2023
968b49e
LG-10586: Direct users to new SSN entry URL for in-person proofing (#…
NavaTim Aug 24, 2023
e02ffad
Remove references to flow_session['address_edited'] (#9027)
matthinz Aug 24, 2023
27eec3d
changelog: Internal, In-Person Proofing, Componentize Address Search …
allthesignals Aug 24, 2023
b52ff1d
Retire `log_password_verification_failure` (#9084)
jmhooper Aug 24, 2023
32942cb
Format event definitions on multiple lines (#9031)
Aug 24, 2023
fb19a47
LG-10823 Report Faraday timeout errors to NewRelic (#9073)
jmhooper Aug 24, 2023
02f79c6
LG-10780 Update the metrics in the identity verification report (#9083)
jmhooper Aug 24, 2023
16aaf9a
Configure dependencies to allow CloudWatch reports to run in producti…
jmhooper Aug 24, 2023
1aebf6f
LG-10836 Add a report job for the identity verification report (#9087)
jmhooper Aug 25, 2023
92248db
LG-10062 register gzip Mime::Type (#9074)
Sgtpluck Aug 25, 2023
4d0c431
LG-10422 Validate Address1 Field from Document (DocAuth/IdV) (#9002)
charleyf Aug 25, 2023
8a7654d
Updating .gitlab-ci.yml for chart name changes and testing (#9079)
ConnorPMcCarthy Aug 25, 2023
f57d5ec
LG-10489: Allow queryable logging for MFA setup pages (#9016)
mdiarra3 Aug 25, 2023
64e3a36
LG-10289: Change Error Message for Image Cropping (On Document Upload…
charleyf Aug 25, 2023
a7dd13c
Add an abort when there are IPEs that will need to be removed when re…
Jeremy1026 Aug 25, 2023
09c9413
LG-10691: ensure user is authenticated in phone controller before acc…
amirbey Aug 25, 2023
0893ccc
LG-10795 Update "address" to address line 1 (#9091)
theabrad Aug 25, 2023
086be02
LG-10301: Move IPP Address Search results components into package (#9…
allthesignals Aug 25, 2023
717e933
LG-10851: Log 'TAP' or 'AUTO' when an image upload fails (#9093)
charleyf Aug 25, 2023
e74a60e
LG-10452 Improve Validation on Full Address Form (#9008)
gina-yamada Aug 28, 2023
4ec435c
Add more useful default log group for deployed environments (#9098)
zachmargolis Aug 28, 2023
94446fa
LG-10828 rate limit doc auth when credentials validation fails (#9092)
amirbey Aug 28, 2023
b729df3
Add reCAPTCHA configuration overrides for Canada, Mexico (#9066)
aduth Aug 28, 2023
fb72695
LG-10660: Consolidate MFA setup controllers (Part 2) (#9043)
aduth Aug 28, 2023
edd6f48
LG-10301: Move and rename AddressSearch component. (#9100)
allthesignals Aug 28, 2023
cbf9d16
PIVCAC Integration into IDP Review-App (#9054)
ConnorPMcCarthy Aug 28, 2023
f9e45e7
changelog: Internal, In-Person Proofing, Move full single line Addres…
allthesignals Aug 28, 2023
1f6fb26
Lg 10556 move error message out of flow session 1 of 2 (#9095)
Aug 28, 2023
0f066f7
LG-10753 Add GettingStarted A/B test buckets to some image upload ana…
soniaconnolly Aug 28, 2023
8b4ed2f
Fix require for oncall scripts (#9105)
zachmargolis Aug 28, 2023
c068dfb
10301: Publish new address search version (#9103)
allthesignals Aug 28, 2023
93d5029
Bump libphonenumber-js from 1.10.41 to 1.10.43 (#9106)
dependabot[bot] Aug 29, 2023
a4dba52
Fix reCAPTCHA add phone fallback links (#9110)
aduth Aug 29, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
64 changes: 48 additions & 16 deletions .gitlab-ci.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ variables:
JUNIT_OUTPUT: 'true'
ECR_REGISTRY: '${AWS_ACCOUNT_ID}.dkr.ecr.${AWS_REGION}.amazonaws.com'
IDP_CI_SHA: 'sha256:6915b54a913ebcb9066fdfaa88c3d42bda1f4505cfb59b9d5848576705954621'
PKI_IMAGE_TAG: 'main'

default:
image: '${ECR_REGISTRY}/idp/ci@${IDP_CI_SHA}'
Expand Down Expand Up @@ -95,8 +96,12 @@ build-idp-image:
stage: review
needs: []
interruptible: true
variables:
BRANCH_TAGGING_STRING: ""
rules:
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
variables:
BRANCH_TAGGING_STRING: "--destination ${ECR_REGISTRY}/identity-idp/review:${$CI_DEFAULT_BRANCH}"
- if: $CI_COMMIT_BRANCH != $CI_DEFAULT_BRANCH
- if: $CI_PIPELINE_SOURCE != "merge_request_event"
when: never
Expand All @@ -119,6 +124,7 @@ build-idp-image:
--context "${CI_PROJECT_DIR}"
--dockerfile "${CI_PROJECT_DIR}/Dockerfile"
--destination "${ECR_REGISTRY}/identity-idp/review:${CI_COMMIT_SHA}"
${BRANCH_TAGGING_STRING}
--cache-repo="${ECR_REGISTRY}/identity-idp/review/cache"
--cache-ttl=168h
--cache=true
Expand Down Expand Up @@ -312,25 +318,27 @@ review-app:
[
{"name": "POSTGRES_SSLMODE", "value": "prefer"},
{"name": "POSTGRES_NAME", "value": "idp"},
{"name": "POSTGRES_HOST","value": "$CI_ENVIRONMENT_SLUG-identity-idp-chart-postgres.review-apps"},
{"name": "POSTGRES_HOST","value": "$CI_ENVIRONMENT_SLUG-login-chart-pg.review-apps"},
{"name": "POSTGRES_USERNAME", "value": "postgres"},
{"name": "POSTGRES_PASSWORD", "value": "postgres"},
{"name": "POSTGRES_WORKER_SSLMODE", "value": "prefer"},
{"name": "POSTGRES_WORKER_NAME", "value": "idp-worker-jobs"},
{"name": "POSTGRES_WORKER_HOST", "value": "$CI_ENVIRONMENT_SLUG-identity-idp-chart-postgres.review-apps"},
{"name": "POSTGRES_WORKER_HOST", "value": "$CI_ENVIRONMENT_SLUG-login-chart-pg.review-apps"},
{"name": "POSTGRES_WORKER_USERNAME", "value": "postgres"},
{"name": "POSTGRES_WORKER_PASSWORD", "value": "postgres"},
{"name": "RAILS_OFFLINE", "value": "true"},
{"name": "REDIS_IRS_ATTEMPTS_API_URL", "value": "redis://$CI_ENVIRONMENT_SLUG-identity-idp-chart-redis.review-apps:6379/2"},
{"name": "REDIS_THROTTLE_URL", "value": "redis://$CI_ENVIRONMENT_SLUG-identity-idp-chart-redis.review-apps:6379/1"},
{"name": "REDIS_URL", "value": "redis://$CI_ENVIRONMENT_SLUG-identity-idp-chart-redis.review-apps:6379"},
{"name": "REDIS_IRS_ATTEMPTS_API_URL", "value": "redis://$CI_ENVIRONMENT_SLUG-login-chart-redis.review-apps:6379/2"},
{"name": "REDIS_THROTTLE_URL", "value": "redis://$CI_ENVIRONMENT_SLUG-login-chart-redis.review-apps:6379/1"},
{"name": "REDIS_URL", "value": "redis://$CI_ENVIRONMENT_SLUG-login-chart-redis.review-apps:6379"},
{"name": "ASSET_HOST", "value": "https://$CI_ENVIRONMENT_SLUG.review-app.identitysandbox.gov"},
{"name": "DOMAIN_NAME", "value": "$CI_ENVIRONMENT_SLUG.review-app.identitysandbox.gov"},
{"name": "LOGIN_DATACENTER", "value": "true" },
{"name": "LOGIN_DOMAIN", "value": "identitysandbox.gov"},
{"name": "LOGIN_ENV", "value": "$CI_ENVIRONMENT_SLUG" },
{"name": "LOGIN_HOST_ROLE", "value": "idp" },
{"name": "LOGIN_SKIP_REMOTE_CONFIG", "value": "true" }
{"name": "LOGIN_SKIP_REMOTE_CONFIG", "value": "true" },
{"name": "PIV_CAC_SERVICE_URL", "value": "https://$CI_ENVIRONMENT_SLUG-review-app.pivcac.identitysandbox.gov/"},
{"name": "PIV_CAC_VERIFY_TOKEN_URL", "value": "https://$CI_ENVIRONMENT_SLUG-review-app.pivcac.identitysandbox.gov/"}
]
EOF
)
Expand All @@ -339,43 +347,67 @@ review-app:
[
{"name": "POSTGRES_SSLMODE", "value": "prefer"},
{"name": "POSTGRES_NAME", "value": "idp"},
{"name": "POSTGRES_HOST", "value": "$CI_ENVIRONMENT_SLUG-identity-idp-chart-postgres.review-apps"},
{"name": "POSTGRES_HOST", "value": "$CI_ENVIRONMENT_SLUG-login-chart-pg.review-apps"},
{"name": "POSTGRES_USERNAME", "value": "postgres"},
{"name": "POSTGRES_PASSWORD", "value": "postgres"},
{"name": "POSTGRES_WORKER_SSLMODE", "value": "prefer"},
{"name": "POSTGRES_WORKER_NAME", "value": "idp-worker-jobs"},
{"name": "POSTGRES_WORKER_HOST", "value": "$CI_ENVIRONMENT_SLUG-identity-idp-chart-postgres.review-apps"},
{"name": "POSTGRES_WORKER_HOST", "value": "$CI_ENVIRONMENT_SLUG-login-chart-pg.review-apps"},
{"name": "POSTGRES_WORKER_USERNAME", "value": "postgres"},
{"name": "POSTGRES_WORKER_PASSWORD", "value": "postgres"},
{"name": "RAILS_OFFLINE", "value": "true"},
{"name": "REDIS_IRS_ATTEMPTS_API_URL", "value": "redis://$CI_ENVIRONMENT_SLUG-identity-idp-chart-redis.review-apps:6379/2"},
{"name": "REDIS_THROTTLE_URL", "value": "redis://$CI_ENVIRONMENT_SLUG-identity-idp-chart-redis.review-apps:6379/1"},
{"name": "REDIS_URL", "value": "redis://$CI_ENVIRONMENT_SLUG-identity-idp-chart-redis.review-apps:6379"},
{"name": "REDIS_IRS_ATTEMPTS_API_URL", "value": "redis://$CI_ENVIRONMENT_SLUG-login-chart-redis.review-apps:6379/2"},
{"name": "REDIS_THROTTLE_URL", "value": "redis://$CI_ENVIRONMENT_SLUG-login-chart-redis.review-apps:6379/1"},
{"name": "REDIS_URL", "value": "redis://$CI_ENVIRONMENT_SLUG-login-chart-redis.review-apps:6379"},
{"name": "ASSET_HOST", "value": "https://$CI_ENVIRONMENT_SLUG.review-app.identitysandbox.gov"},
{"name": "DOMAIN_NAME", "value": "$CI_ENVIRONMENT_SLUG.review-app.identitysandbox.gov"},
{"name": "LOGIN_DATACENTER", "value": "true" },
{"name": "LOGIN_DOMAIN", "value": "identitysandbox.gov"},
{"name": "LOGIN_ENV", "value": "$CI_ENVIRONMENT_SLUG" },
{"name": "LOGIN_HOST_ROLE", "value": "worker" },
{"name": "LOGIN_SKIP_REMOTE_CONFIG", "value": "true" }
{"name": "LOGIN_SKIP_REMOTE_CONFIG", "value": "true" },
{"name": "PIV_CAC_SERVICE_URL", "value": "https://$CI_ENVIRONMENT_SLUG-review-app.pivcac.identitysandbox.gov/"},
{"name": "PIV_CAC_VERIFY_TOKEN_URL", "value": "https://$CI_ENVIRONMENT_SLUG-review-app.pivcac.identitysandbox.gov/"}
]
EOF
)
- |-
export PIVCAC_ENV=$(cat <<EOF
[
{"name": "CLIENT_CERT_S3_BUCKET", "value": "login-gov-pivcac-public-cert-reviewapp.894947205914-us-west-2"},
{"name": "POSTGRES_SSLMODE", "value": "prefer"},
{"name": "POSTGRES_NAME", "value": "identity_pki_production"},
{"name": "POSTGRES_HOST","value": "$CI_ENVIRONMENT_SLUG-login-chart-pivcac-pg.review-apps"},
{"name": "POSTGRES_USERNAME", "value": "postgres"},
{"name": "POSTGRES_PASSWORD", "value": "pivcac"},
{"name": "IDP_HOST", "value": "$CI_ENVIRONMENT_SLUG.review-app.identitysandbox.gov"},
{"name": "DOMAIN_NAME", "value": "$CI_ENVIRONMENT_SLUG-review-app.pivcac.identitysandbox.gov"}
]
EOF
)
- git clone -b main --single-branch https://gitlab-ci-token:${CI_JOB_TOKEN}@gitlab.login.gov/lg-public/identity-idp-helm-chart.git
- >-
helm upgrade --install --namespace review-apps
--debug
--set idp.image.repository="${ECR_REGISTRY}/identity-idp/review"
--set idp.image.tag="${CI_COMMIT_SHA}"
--set worker.image.repository="${ECR_REGISTRY}/identity-idp/review"
--set worker.image.tag="${CI_COMMIT_SHA}"
--set idp.ingress.enabled=true
--set pivcac.image.repository="${ECR_REGISTRY}/identity-pivcac/review"
--set pivcac.image.tag="${PKI_IMAGE_TAG}"
--set-json idp.env="$IDP_ENV"
--set-json worker.env="$WORKER_ENV"
--set-json pivcac.env="$PIVCAC_ENV"
--set-json idp.ingress.hosts="[{\"host\": \"$CI_ENVIRONMENT_SLUG.review-app.identitysandbox.gov\", \"paths\": [{\"path\": \"/\", \"pathType\": \"Prefix\"}]}]"
$CI_ENVIRONMENT_SLUG ./charts
--set-json pivcac.ingress.hosts="[{\"host\": \"$CI_ENVIRONMENT_SLUG-review-app.pivcac.identitysandbox.gov\", \"paths\": [{\"path\": \"/\", \"pathType\": \"Prefix\"}]}]"
$CI_ENVIRONMENT_SLUG ./identity-idp-helm-chart
- echo "DNS may take a while to propagate, so be patient if it doesn't show up right away"
- echo "To access the rails console, first run 'aws-vault exec sandbox-power -- aws eks update-kubeconfig --name review_app'"
- echo "Then run aws-vault exec sandbox-power -- kubectl exec -it service/$CI_ENVIRONMENT_SLUG-identity-idp-chart-idp -n review-apps -- /app/bin/rails console"
- echo "Then run aws-vault exec sandbox-power -- kubectl exec -it service/$CI_ENVIRONMENT_SLUG-login-chart-idp -n review-apps -- /app/bin/rails console"
- echo "Address of IDP review app:"
- echo https://$CI_ENVIRONMENT_SLUG.review-app.identitysandbox.gov
- echo "Address of PIVCAC review app:"
- echo https://$CI_ENVIRONMENT_SLUG-review-app.pivcac.identitysandbox.gov
environment:
name: review/$CI_COMMIT_REF_NAME
url: https://$CI_ENVIRONMENT_SLUG.review-app.identitysandbox.gov
Expand Down Expand Up @@ -548,4 +580,4 @@ ecr-scan:
paths:
- gl-container-scanning-report.json
reports:
container_scanning: gl-container-scanning-report.json
container_scanning: gl-container-scanning-report.json
2 changes: 2 additions & 0 deletions Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,8 @@ ENV REDIS_THROTTLE_URL redis://redis:6379/1
ENV REDIS_URL redis://redis:6379
ENV ASSET_HOST http://localhost:3000
ENV DOMAIN_NAME localhost:3000
ENV PIV_CAC_SERVICE_URL https://localhost:8443/
ENV PIV_CAC_VERIFY_TOKEN_URL https://localhost:8443/

# Prevent documentation installation
RUN echo 'path-exclude=/usr/share/doc/*' > /etc/dpkg/dpkg.cfg.d/00_nodoc && \
Expand Down
3 changes: 2 additions & 1 deletion Gemfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ gem 'rails', '~> 7.0.0'
gem 'activerecord-postgis-adapter'
gem 'ahoy_matey', '~> 3.0'
gem 'aws-sdk-kms', '~> 1.4'
gem 'aws-sdk-cloudwatchlogs', require: false
gem 'aws-sdk-pinpoint'
gem 'aws-sdk-pinpointsmsvoice'
gem 'aws-sdk-ses', '~> 1.6'
Expand All @@ -17,6 +18,7 @@ gem 'barby', '~> 0.6.8'
gem 'base32-crockford'
gem 'bootsnap', '~> 1.0', require: false
gem 'browser'
gem 'concurrent-ruby'
gem 'connection_pool'
gem 'cssbundling-rails'
gem 'devise', '~> 4.8'
Expand Down Expand Up @@ -92,7 +94,6 @@ group :development do
end

group :development, :test do
gem 'aws-sdk-cloudwatchlogs', require: false
gem 'brakeman', require: false
gem 'bullet', '~> 7.0'
gem 'capybara-webmock', git: 'https://github.com/hashrocket/capybara-webmock.git', ref: 'd3f3b7c'
Expand Down
1 change: 1 addition & 0 deletions Gemfile.lock
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -734,6 +734,7 @@ DEPENDENCIES
bullet (~> 7.0)
bundler-audit
capybara-webmock!
concurrent-ruby
connection_pool
cssbundling-rails
derailed_benchmarks
Expand Down
2 changes: 1 addition & 1 deletion app/controllers/concerns/idv/document_capture_concern.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ def successful_response

# copied from Flow::Failure module
def failure(message, extra = nil)
flow_session[:error_message] = message if defined?(flow_session)
flash[:error] = message
form_response_params = { success: false, errors: { message: message } }
form_response_params[:extra] = extra unless extra.nil?
FormResponse.new(**form_response_params)
Expand Down
1 change: 0 additions & 1 deletion app/controllers/concerns/idv/phone_otp_rate_limitable.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,6 @@ module PhoneOtpRateLimitable
extend ActiveSupport::Concern

included do
before_action :confirm_two_factor_authenticated
before_action :handle_locked_out_user
end

Expand Down
1 change: 0 additions & 1 deletion app/controllers/concerns/idv/phone_otp_sendable.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,6 @@ module PhoneOtpSendable
extend ActiveSupport::Concern

included do
before_action :confirm_two_factor_authenticated
before_action :handle_locked_out_user
end

Expand Down
2 changes: 1 addition & 1 deletion app/controllers/concerns/idv/verify_info_concern.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -191,7 +191,7 @@ def async_state_done(current_async_state)
state_id_number: pii[:state_id_number],
# todo: add other edited fields?
extra: {
address_edited: !!(idv_session.address_edited || flow_session['address_edited']),
address_edited: !!idv_session.address_edited,
address_line2_present: !pii[:address2].blank?,
pii_like_keypaths: [[:errors, :ssn], [:response_body, :first_name],
[:same_address_as_id],
Expand Down
1 change: 0 additions & 1 deletion app/controllers/idv/address_controller.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,6 @@ def profile_params

def capture_address_edited(result)
address_edited = result.to_h[:address_edited]
flow_session['address_edited'] = address_edited if address_edited
idv_session.address_edited = true if address_edited
end
end
Expand Down
2 changes: 0 additions & 2 deletions app/controllers/idv/agreement_controller.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,8 +13,6 @@ def show
'agreement', :view,
true
)

render :show, locals: { flow_session: flow_session }
end

def update
Expand Down
2 changes: 0 additions & 2 deletions app/controllers/idv/getting_started_controller.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,8 +15,6 @@ def show

@sp_name = decorated_session.sp_name || APP_NAME
@title = t('doc_auth.headings.getting_started', sp_name: @sp_name)

render :show, locals: { flow_session: flow_session }
end

def update
Expand Down
2 changes: 1 addition & 1 deletion app/controllers/idv/hybrid_handoff_controller.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -183,7 +183,7 @@ def rate_limited_failure

# copied from Flow::Failure module
def failure(message, extra = nil)
flow_session[:error_message] = message
flash[:error] = message
form_response_params = { success: false, errors: { message: message } }
form_response_params[:extra] = extra unless extra.nil?
FormResponse.new(**form_response_params)
Expand Down
2 changes: 1 addition & 1 deletion app/controllers/idv/in_person/verify_info_controller.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ def invalid_state?
end

def prev_url
idv_in_person_proofing_ssn_url
idv_in_person_ssn_url
end

def pii
Expand Down
2 changes: 1 addition & 1 deletion app/controllers/idv/in_person_controller.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ class InPersonController < ApplicationController

FLOW_STATE_MACHINE_SETTINGS = {
step_url: :idv_in_person_step_url,
final_url: :idv_in_person_proofing_ssn_url,
final_url: :idv_in_person_ssn_url,
flow: Idv::Flows::InPersonFlow,
analytics_id: 'In Person Proofing',
}.freeze
Expand Down
2 changes: 1 addition & 1 deletion app/controllers/idv/otp_verification_controller.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ class OtpVerificationController < ApplicationController
include StepIndicatorConcern
include PhoneOtpRateLimitable

# confirm_two_factor_authenticated before action is in PhoneOtpRateLimitable
before_action :confirm_two_factor_authenticated
before_action :confirm_step_needed
before_action :confirm_otp_sent
before_action :set_code
Expand Down
2 changes: 1 addition & 1 deletion app/controllers/idv/resend_otp_controller.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ class ResendOtpController < ApplicationController
include PhoneOtpRateLimitable
include PhoneOtpSendable

# confirm_two_factor_authenticated before action is in PhoneOtpRateLimitable
before_action :confirm_two_factor_authenticated
before_action :confirm_user_phone_confirmation_needed
before_action :confirm_user_phone_confirmation_session_started

Expand Down
19 changes: 16 additions & 3 deletions app/controllers/service_provider_controller.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,12 @@ class ServiceProviderController < ApplicationController

def update
authorize do
ServiceProviderUpdater.new.run(sp_params[:service_provider]) if
FeatureManagement.use_dashboard_service_providers?
if !FeatureManagement.use_dashboard_service_providers?
render json: { status: 'Service providers updater has not been enabled.' }
return
end

ServiceProviderUpdater.new.run(sp_params['service_provider'])

render json: { status: 'If the feature is enabled, service providers have been updated.' }
end
Expand Down Expand Up @@ -32,6 +36,15 @@ def authorization_token
end

def sp_params
params.permit(service_provider: {})
if request.headers['Content-Type'] == 'gzip/json'
body = request.body.read
if body.present?
JSON.parse(Zlib.gunzip(body))
else
{}
end
else
params.permit(service_provider: {})
end
end
end
5 changes: 3 additions & 2 deletions app/controllers/users/backup_code_setup_controller.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ def index
def create
generate_codes
result = BackupCodeSetupForm.new(current_user).submit
analytics_properties = result.to_h
analytics_properties = result.to_h.merge(analytics_properties_for_visit)
analytics.backup_code_setup_visit(**analytics_properties)
irs_attempts_api_tracker.mfa_enroll_backup_code(success: result.success?)

Expand Down Expand Up @@ -65,7 +65,7 @@ def confirm_backup_codes; end
private

def analytics_properties_for_visit
ParseControllerFromReferer.new(request.referer).call
{ in_multi_mfa_selection_flow: in_multi_mfa_selection_flow? }
end

def track_backup_codes_created
Expand All @@ -82,6 +82,7 @@ def mfa_user
def track_backup_codes_confirmation_setup_visit
analytics.multi_factor_auth_enter_backup_code_confirmation_visit(
enabled_mfa_methods_count: mfa_user.enabled_mfa_methods_count,
in_multi_mfa_selection_flow: in_multi_mfa_selection_flow?,
)
end

Expand Down
Loading