diff --git a/app/controllers/concerns/mfa_setup_concern.rb b/app/controllers/concerns/mfa_setup_concern.rb index 3dffc7cea0a..ea4ef91b010 100644 --- a/app/controllers/concerns/mfa_setup_concern.rb +++ b/app/controllers/concerns/mfa_setup_concern.rb @@ -10,6 +10,7 @@ def next_setup_path if user_session[:mfa_selections] analytics.user_registration_mfa_setup_complete( mfa_method_counts: mfa_context.enabled_two_factor_configuration_counts_hash, + in_account_creation_flow: user_session[:in_account_creation_flow] || false, enabled_mfa_methods_count: mfa_context.enabled_mfa_methods_count, pii_like_keypaths: [[:mfa_method_counts, :phone]], second_mfa_reminder_conversion: user_session.delete(:second_mfa_reminder_conversion), @@ -60,6 +61,10 @@ def suggest_second_mfa? mfa_selection_count < 2 && mfa_context.enabled_mfa_methods_count < 2 end + def in_account_creation_flow? + user_session[:in_account_creation_flow] || false + end + def mfa_selection_count user_session[:mfa_selections]&.count || 0 end diff --git a/app/controllers/sign_up/completions_controller.rb b/app/controllers/sign_up/completions_controller.rb index d9a82d95cd3..9e82b0bb2be 100644 --- a/app/controllers/sign_up/completions_controller.rb +++ b/app/controllers/sign_up/completions_controller.rb @@ -87,11 +87,13 @@ def analytics_attributes(page_occurence) sp_session_requested_attributes: sp_session[:requested_attributes], sp_request_requested_attributes: service_provider_request.requested_attributes, page_occurence: page_occurence, + in_account_creation_flow: user_session[:in_account_creation_flow] || false, needs_completion_screen_reason: needs_completion_screen_reason } end def track_completion_event(last_page) analytics.user_registration_complete(**analytics_attributes(last_page)) + user_session.delete(:in_account_creation_flow) end def pii diff --git a/app/controllers/sign_up/passwords_controller.rb b/app/controllers/sign_up/passwords_controller.rb index 268de4b34da..6db85b2effe 100644 --- a/app/controllers/sign_up/passwords_controller.rb +++ b/app/controllers/sign_up/passwords_controller.rb @@ -80,6 +80,7 @@ def process_unsuccessful_password_creation def sign_in_and_redirect_user sign_in @user + user_session[:in_account_creation_flow] = true if current_user.accepted_rules_of_use_still_valid? redirect_to authentication_methods_setup_url else diff --git a/app/controllers/two_factor_authentication/otp_verification_controller.rb b/app/controllers/two_factor_authentication/otp_verification_controller.rb index 53ff18618f6..f60c17bdba6 100644 --- a/app/controllers/two_factor_authentication/otp_verification_controller.rb +++ b/app/controllers/two_factor_authentication/otp_verification_controller.rb @@ -64,6 +64,7 @@ def redirect_if_blank_phone def track_mfa_added analytics.multi_factor_auth_added_phone( enabled_mfa_methods_count: MfaContext.new(current_user).enabled_mfa_methods_count, + in_account_creation_flow: user_session[:in_account_creation_flow] || false, ) Funnel::Registration::AddMfa.call(current_user.id, 'phone', analytics) end @@ -158,7 +159,7 @@ def analytics_properties country_code: parsed_phone.country, phone_fingerprint: Pii::Fingerprinter.fingerprint(parsed_phone.e164), phone_configuration_id: phone_configuration&.id, - in_multi_mfa_selection_flow: in_multi_mfa_selection_flow?, + in_account_creation_flow: user_session[:in_account_creation_flow] || false, enabled_mfa_methods_count: mfa_context.enabled_mfa_methods_count, } end diff --git a/app/controllers/users/backup_code_setup_controller.rb b/app/controllers/users/backup_code_setup_controller.rb index da144db7e68..4d22f8ea43b 100644 --- a/app/controllers/users/backup_code_setup_controller.rb +++ b/app/controllers/users/backup_code_setup_controller.rb @@ -22,8 +22,8 @@ def index def create generate_codes result = BackupCodeSetupForm.new(current_user).submit - analytics_properties = result.to_h.merge(analytics_properties_for_visit) - analytics.backup_code_setup_visit(**analytics_properties) + visit_result = result.to_h.merge(analytics_properties_for_visit) + analytics.backup_code_setup_visit(**visit_result) irs_attempts_api_tracker.mfa_enroll_backup_code(success: result.success?) save_backup_codes @@ -65,12 +65,13 @@ def confirm_backup_codes; end private def analytics_properties_for_visit - { in_multi_mfa_selection_flow: in_multi_mfa_selection_flow? } + { in_account_creation_flow: in_account_creation_flow? } end def track_backup_codes_created analytics.backup_code_created( enabled_mfa_methods_count: mfa_user.enabled_mfa_methods_count, + in_account_creation_flow: in_account_creation_flow?, ) Funnel::Registration::AddMfa.call(current_user.id, 'backup_codes', analytics) end @@ -82,7 +83,7 @@ def mfa_user def track_backup_codes_confirmation_setup_visit analytics.multi_factor_auth_enter_backup_code_confirmation_visit( enabled_mfa_methods_count: mfa_user.enabled_mfa_methods_count, - in_multi_mfa_selection_flow: in_multi_mfa_selection_flow?, + in_account_creation_flow: in_account_creation_flow?, ) end @@ -128,7 +129,7 @@ def analytics_properties { success: true, multi_factor_auth_method: 'backup_codes', - in_multi_mfa_selection_flow: in_multi_mfa_selection_flow?, + in_account_creation_flow: in_account_creation_flow?, enabled_mfa_methods_count: mfa_context.enabled_mfa_methods_count, } end diff --git a/app/controllers/users/phone_setup_controller.rb b/app/controllers/users/phone_setup_controller.rb index 579e68457fd..6fe2105e6f5 100644 --- a/app/controllers/users/phone_setup_controller.rb +++ b/app/controllers/users/phone_setup_controller.rb @@ -49,7 +49,7 @@ def recaptcha_enabled? def track_phone_setup_visit mfa_user = MfaContext.new(current_user) - if in_multi_mfa_selection_flow? + if user_session[:in_account_creation_flow] analytics.user_registration_phone_setup_visit( enabled_mfa_methods_count: mfa_user.enabled_mfa_methods_count, ) diff --git a/app/controllers/users/piv_cac_authentication_setup_controller.rb b/app/controllers/users/piv_cac_authentication_setup_controller.rb index f56bbc33e57..ddeb777d2d6 100644 --- a/app/controllers/users/piv_cac_authentication_setup_controller.rb +++ b/app/controllers/users/piv_cac_authentication_setup_controller.rb @@ -56,11 +56,7 @@ def submit_new_piv_cac private def track_piv_cac_setup_visit - mfa_user = MfaContext.new(current_user) - analytics.piv_cac_setup_visit( - enabled_mfa_methods_count: mfa_user.enabled_mfa_methods_count, - in_multi_mfa_selection_flow: in_multi_mfa_selection_flow?, - ) + analytics.piv_cac_setup_visit(**analytics_properties) end def remove_piv_cac @@ -124,16 +120,11 @@ def process_valid_submission create_user_event(:piv_cac_enabled) track_mfa_method_added session[:needs_to_setup_piv_cac_after_sign_in] = false - final_path = after_sign_in_path_for(current_user) - redirect_to next_setup_path || final_path + redirect_to next_setup_path || after_sign_in_path_for(current_user) end def track_mfa_method_added - mfa_user = MfaContext.new(current_user) - analytics.multi_factor_auth_added_piv_cac( - enabled_mfa_methods_count: mfa_user.enabled_mfa_methods_count, - in_multi_mfa_selection_flow: in_multi_mfa_selection_flow?, - ) + analytics.multi_factor_auth_added_piv_cac(**analytics_properties) Funnel::Registration::AddMfa.call(current_user.id, 'piv_cac', analytics) end @@ -163,7 +154,7 @@ def good_nickname def analytics_properties { - in_multi_mfa_selection_flow: in_multi_mfa_selection_flow?, + in_account_creation_flow: user_session[:in_account_creation_flow] || false, enabled_mfa_methods_count: mfa_context.enabled_mfa_methods_count, } end diff --git a/app/controllers/users/piv_cac_login_controller.rb b/app/controllers/users/piv_cac_login_controller.rb index 3344cead017..ffcab1985de 100644 --- a/app/controllers/users/piv_cac_login_controller.rb +++ b/app/controllers/users/piv_cac_login_controller.rb @@ -37,7 +37,7 @@ def error private def render_prompt - analytics.piv_cac_setup_visit(in_multi_mfa_selection_flow: false) + analytics.piv_cac_setup_visit(in_account_creation_flow: false) @presenter = PivCacAuthenticationLoginPresenter.new(piv_cac_login_form, url_options) render :new end diff --git a/app/controllers/users/piv_cac_setup_from_sign_in_controller.rb b/app/controllers/users/piv_cac_setup_from_sign_in_controller.rb index abc1705c9e7..b32cc210e5a 100644 --- a/app/controllers/users/piv_cac_setup_from_sign_in_controller.rb +++ b/app/controllers/users/piv_cac_setup_from_sign_in_controller.rb @@ -32,7 +32,7 @@ def decline private def render_prompt - analytics.piv_cac_setup_visit(in_multi_mfa_selection_flow: false) + analytics.piv_cac_setup_visit(in_account_creation_flow: false) render :prompt end @@ -81,7 +81,7 @@ def process_valid_submission def analytics_properties { - in_multi_mfa_selection_flow: false, + in_account_creation_flow: false, enabled_mfa_methods_count: MfaContext.new(current_user).enabled_mfa_methods_count, } end diff --git a/app/controllers/users/totp_setup_controller.rb b/app/controllers/users/totp_setup_controller.rb index 61dae61c13b..6e74f1c2425 100644 --- a/app/controllers/users/totp_setup_controller.rb +++ b/app/controllers/users/totp_setup_controller.rb @@ -73,7 +73,7 @@ def track_event user_signed_up: MfaPolicy.new(current_user).two_factor_enabled?, totp_secret_present: new_totp_secret.present?, enabled_mfa_methods_count: mfa_user.enabled_mfa_methods_count, - in_multi_mfa_selection_flow: in_multi_mfa_selection_flow?, + in_account_creation_flow: in_account_creation_flow?, ) end @@ -97,7 +97,7 @@ def create_events mfa_user = MfaContext.new(current_user) analytics.multi_factor_auth_added_totp( enabled_mfa_methods_count: mfa_user.enabled_mfa_methods_count, - in_multi_mfa_selection_flow: in_multi_mfa_selection_flow?, + in_account_creation_flow: in_account_creation_flow?, ) Funnel::Registration::AddMfa.call(current_user.id, 'auth_app', analytics) end @@ -141,7 +141,7 @@ def current_auth_app_count def analytics_properties { - in_multi_mfa_selection_flow: in_multi_mfa_selection_flow?, + in_account_creation_flow: in_account_creation_flow?, pii_like_keypaths: [[:mfa_method_counts, :phone]], } end diff --git a/app/controllers/users/webauthn_setup_controller.rb b/app/controllers/users/webauthn_setup_controller.rb index eb4503648dd..317a4fa4e0b 100644 --- a/app/controllers/users/webauthn_setup_controller.rb +++ b/app/controllers/users/webauthn_setup_controller.rb @@ -175,7 +175,7 @@ def process_valid_webauthn(form) def analytics_properties { - in_multi_mfa_selection_flow: in_multi_mfa_selection_flow?, + in_account_creation_flow: user_session[:in_account_creation_flow] || false, } end diff --git a/app/services/analytics_events.rb b/app/services/analytics_events.rb index d2d817cf6d0..5ef2995fabe 100644 --- a/app/services/analytics_events.rb +++ b/app/services/analytics_events.rb @@ -226,9 +226,9 @@ def backup_code_created(enabled_mfa_methods_count:, **extra) end # Tracks when the user visits the Backup Code Regenerate page. - # @param [Boolean] in_multi_mfa_selection_flow whether user is going through MFA selection Flow - def backup_code_regenerate_visit(in_multi_mfa_selection_flow:, **extra) - track_event('Backup Code Regenerate Visited', in_multi_mfa_selection_flow:, **extra) + # @param [Boolean] in_account_creation_flow whether user is going through creation flow + def backup_code_regenerate_visit(in_account_creation_flow:, **extra) + track_event('Backup Code Regenerate Visited', in_account_creation_flow:, **extra) end # Track user creating new BackupCodeSetupForm, record form submission Hash @@ -2635,15 +2635,15 @@ def multi_factor_auth_added_phone(enabled_mfa_methods_count:, **extra) # Tracks when the user has added the MFA method piv_cac to their account # @param [Integer] enabled_mfa_methods_count number of registered mfa methods for the user - # @param [Boolean] in_multi_mfa_selection_flow whether user is going through MFA selection Flow - def multi_factor_auth_added_piv_cac(enabled_mfa_methods_count:, in_multi_mfa_selection_flow:, + # @param [Boolean] in_account_creation_flow whether user is going through creation flow + def multi_factor_auth_added_piv_cac(enabled_mfa_methods_count:, in_account_creation_flow:, **extra) track_event( 'Multi-Factor Authentication: Added PIV_CAC', { method_name: :piv_cac, enabled_mfa_methods_count:, - in_multi_mfa_selection_flow:, + in_account_creation_flow:, **extra, }.compact, ) @@ -2651,14 +2651,14 @@ def multi_factor_auth_added_piv_cac(enabled_mfa_methods_count:, in_multi_mfa_sel # Tracks when the user has added the MFA method TOTP to their account # @param [Integer] enabled_mfa_methods_count number of registered mfa methods for the user - # @param [Boolean] in_multi_mfa_selection_flow whether user is going through MFA selection Flow - def multi_factor_auth_added_totp(enabled_mfa_methods_count:, in_multi_mfa_selection_flow:, + # @param [Boolean] in_account_creation_flow whether user is going through creation flow + def multi_factor_auth_added_totp(enabled_mfa_methods_count:, in_account_creation_flow:, **extra) track_event( 'Multi-Factor Authentication: Added TOTP', { method_name: :totp, - in_multi_mfa_selection_flow:, + in_account_creation_flow:, enabled_mfa_methods_count:, **extra, }.compact, @@ -2690,17 +2690,17 @@ def multi_factor_auth_backup_code_download # Tracks when the user visits the backup code confirmation setup page # @param [Integer] enabled_mfa_methods_count number of registered mfa methods for the user - # @param [Boolean] in_multi_mfa_selection_flow tell whether its in MFA selection flow or not + # @param [Boolean] in_account_creation_flow whether user is going through creation flow def multi_factor_auth_enter_backup_code_confirmation_visit( enabled_mfa_methods_count:, - in_multi_mfa_selection_flow:, + in_account_creation_flow:, **extra ) track_event( 'Multi-Factor Authentication: enter backup code confirmation visited', { enabled_mfa_methods_count:, - in_multi_mfa_selection_flow:, + in_account_creation_flow:, **extra, }.compact, ) @@ -2859,13 +2859,13 @@ def multi_factor_auth_phone_setup(success:, # @param [Boolean] success Whether authenticator setup was successful # @param [Hash] errors Authenticator setup error reasons, if unsuccessful # @param [String] multi_factor_auth_method - # @param [Boolean] in_multi_mfa_selection_flow + # @param [Boolean] in_account_creation_flow whether user is going through account creation flow # @param [integer] enabled_mfa_methods_count def multi_factor_auth_setup( success:, multi_factor_auth_method:, enabled_mfa_methods_count:, - in_multi_mfa_selection_flow:, + in_account_creation_flow:, errors: nil, **extra ) @@ -2874,7 +2874,7 @@ def multi_factor_auth_setup( success: success, errors: errors, multi_factor_auth_method: multi_factor_auth_method, - in_multi_mfa_selection_flow: in_multi_mfa_selection_flow, + in_account_creation_flow: in_account_creation_flow, enabled_mfa_methods_count: enabled_mfa_methods_count, **extra, ) @@ -3386,11 +3386,11 @@ def piv_cac_login(success:, errors:, **extra) # @identity.idp.previous_event_name User Registration: piv cac setup visited # Tracks when user's piv cac setup - # @param [Boolean] in_multi_mfa_selection_flow - def piv_cac_setup_visit(in_multi_mfa_selection_flow:, **extra) + # @param [Boolean] in_account_creation_flow + def piv_cac_setup_visit(in_account_creation_flow:, **extra) track_event( 'PIV CAC setup visited', - in_multi_mfa_selection_flow:, + in_account_creation_flow:, **extra, ) end @@ -3892,12 +3892,12 @@ def telephony_otp_sent( # @param [Boolean] user_signed_up # @param [Boolean] totp_secret_present # @param [Integer] enabled_mfa_methods_count - # @param [Boolean] in_multi_mfa_selection_flow + # @param [Boolean] in_account_creation_flow def totp_setup_visit( user_signed_up:, totp_secret_present:, enabled_mfa_methods_count:, - in_multi_mfa_selection_flow:, + in_account_creation_flow:, **extra ) track_event( @@ -3905,7 +3905,7 @@ def totp_setup_visit( user_signed_up:, totp_secret_present:, enabled_mfa_methods_count:, - in_multi_mfa_selection_flow:, + in_account_creation_flow:, **extra, ) end diff --git a/spec/controllers/concerns/mfa_setup_concern_spec.rb b/spec/controllers/concerns/mfa_setup_concern_spec.rb index 4cddc5c6786..c5714409d3a 100644 --- a/spec/controllers/concerns/mfa_setup_concern_spec.rb +++ b/spec/controllers/concerns/mfa_setup_concern_spec.rb @@ -33,6 +33,7 @@ mfa_method_counts: { phone: 1, backup_codes: 10 }, enabled_mfa_methods_count: 2, second_mfa_reminder_conversion: true, + in_account_creation_flow: false, ) end end diff --git a/spec/controllers/sign_up/completions_controller_spec.rb b/spec/controllers/sign_up/completions_controller_spec.rb index a1dc9aef164..2726262ab6a 100644 --- a/spec/controllers/sign_up/completions_controller_spec.rb +++ b/spec/controllers/sign_up/completions_controller_spec.rb @@ -11,7 +11,7 @@ end it 'redirects to account page when SP request URL is not present' do - user = create(:user) + user = create(:user, :fully_registered) stub_sign_in(user) subject.session[:sp] = { issuer: current_sp.issuer, @@ -22,7 +22,7 @@ end context 'IAL1' do - let(:user) { create(:user) } + let(:user) { create(:user, :fully_registered) } before do stub_sign_in(user) subject.session[:sp] = { @@ -44,6 +44,7 @@ needs_completion_screen_reason: :new_sp, sp_request_requested_attributes: nil, sp_session_requested_attributes: [:email], + in_account_creation_flow: false, ) end @@ -54,7 +55,7 @@ context 'IAL2' do let(:user) do - create(:user, profiles: [create(:profile, :verified, :active)]) + create(:user, :fully_registered, profiles: [create(:profile, :verified, :active)]) end let(:pii) { { ssn: '123456789' } } @@ -80,6 +81,7 @@ needs_completion_screen_reason: :new_sp, sp_request_requested_attributes: nil, sp_session_requested_attributes: [:email], + in_account_creation_flow: false, ) end @@ -90,7 +92,7 @@ context 'IALMax' do let(:user) do - create(:user, profiles: [create(:profile, :verified, :active)]) + create(:user, :fully_registered, profiles: [create(:profile, :verified, :active)]) end let(:pii) { { ssn: '123456789' } } @@ -117,6 +119,7 @@ needs_completion_screen_reason: :new_sp, sp_request_requested_attributes: nil, sp_session_requested_attributes: [:email], + in_account_creation_flow: false, ) end @@ -196,13 +199,15 @@ end context 'IAL1' do + let(:user) { create(:user, :fully_registered) } it 'tracks analytics' do - stub_sign_in + stub_sign_in(user) subject.session[:sp] = { ial2: false, issuer: 'foo', request_url: 'http://example.com', } + subject.user_session[:in_account_creation_flow] = true patch :update @@ -215,11 +220,12 @@ needs_completion_screen_reason: :new_sp, sp_request_requested_attributes: nil, sp_session_requested_attributes: nil, + in_account_creation_flow: true, ) end it 'updates verified attributes' do - stub_sign_in + stub_sign_in(user) subject.session[:sp] = { issuer: 'foo', ial: 1, @@ -239,7 +245,7 @@ end it 'redirects to account page if the session request_url is removed' do - stub_sign_in + stub_sign_in(user) subject.session[:sp] = { ial2: false, issuer: 'foo', @@ -253,7 +259,7 @@ context 'IAL2' do it 'tracks analytics' do - user = create(:user, profiles: [create(:profile, :verified, :active)]) + user = create(:user, :fully_registered, profiles: [create(:profile, :verified, :active)]) stub_sign_in(user) sp = create(:service_provider, issuer: 'https://awesome') subject.session[:sp] = { @@ -262,6 +268,7 @@ request_url: 'http://example.com', requested_attributes: ['email'], } + subject.user_session[:in_account_creation_flow] = true patch :update @@ -274,6 +281,7 @@ needs_completion_screen_reason: :new_sp, sp_request_requested_attributes: nil, sp_session_requested_attributes: ['email'], + in_account_creation_flow: true, ) end diff --git a/spec/controllers/two_factor_authentication/otp_verification_controller_spec.rb b/spec/controllers/two_factor_authentication/otp_verification_controller_spec.rb index 8e81bcd6240..cfa84217930 100644 --- a/spec/controllers/two_factor_authentication/otp_verification_controller_spec.rb +++ b/spec/controllers/two_factor_authentication/otp_verification_controller_spec.rb @@ -59,7 +59,7 @@ country_code: parsed_phone.country, phone_fingerprint: Pii::Fingerprinter.fingerprint(parsed_phone.e164), enabled_mfa_methods_count: 1, - in_multi_mfa_selection_flow: true, + in_account_creation_flow: false, } expect(@analytics).to receive(:track_event). @@ -143,7 +143,7 @@ country_code: parsed_phone.country, phone_fingerprint: Pii::Fingerprinter.fingerprint(parsed_phone.e164), enabled_mfa_methods_count: 1, - in_multi_mfa_selection_flow: true, + in_account_creation_flow: false, } stub_analytics @@ -214,7 +214,7 @@ country_code: parsed_phone.country, phone_fingerprint: Pii::Fingerprinter.fingerprint(parsed_phone.e164), enabled_mfa_methods_count: 1, - in_multi_mfa_selection_flow: true, + in_account_creation_flow: false, } stub_analytics @@ -280,7 +280,7 @@ country_code: parsed_phone.country, phone_fingerprint: Pii::Fingerprinter.fingerprint(parsed_phone.e164), enabled_mfa_methods_count: 1, - in_multi_mfa_selection_flow: true, + in_account_creation_flow: false, } stub_analytics @@ -439,6 +439,7 @@ context 'user enters a valid code' do before do subject.user_session[:mfa_selections] = ['sms'] + subject.user_session[:in_account_creation_flow] = true phone_configuration = MfaContext.new(subject.current_user).phone_configurations.last phone_id = phone_configuration.id parsed_phone = Phonelib.parse(phone_configuration.phone) @@ -457,7 +458,7 @@ country_code: parsed_phone.country, phone_fingerprint: Pii::Fingerprinter.fingerprint(parsed_phone.e164), enabled_mfa_methods_count: 1, - in_multi_mfa_selection_flow: true, + in_account_creation_flow: true, } expect(@analytics).to receive(:track_event). @@ -546,7 +547,7 @@ country_code: parsed_phone.country, phone_fingerprint: Pii::Fingerprinter.fingerprint(parsed_phone.e164), enabled_mfa_methods_count: 1, - in_multi_mfa_selection_flow: false, + in_account_creation_flow: false, } expect(@analytics).to have_received(:track_event). @@ -630,7 +631,7 @@ country_code: parsed_phone.country, phone_fingerprint: Pii::Fingerprinter.fingerprint(parsed_phone.e164), enabled_mfa_methods_count: 0, - in_multi_mfa_selection_flow: false, + in_account_creation_flow: false, } expect(@analytics).to have_received(:track_event). diff --git a/spec/controllers/users/backup_code_setup_controller_spec.rb b/spec/controllers/users/backup_code_setup_controller_spec.rb index a3c4270bfc1..61a6fbcd6d1 100644 --- a/spec/controllers/users/backup_code_setup_controller_spec.rb +++ b/spec/controllers/users/backup_code_setup_controller_spec.rb @@ -32,11 +32,12 @@ pii_like_keypaths: [[:mfa_method_counts, :phone]], error_details: nil, enabled_mfa_methods_count: 1, - in_multi_mfa_selection_flow: false, + in_account_creation_flow: false, }) expect(@analytics).to receive(:track_event). with('Backup Code Created', { enabled_mfa_methods_count: 2, + in_account_creation_flow: false, }) expect(@irs_attempts_api_tracker).to receive(:track_event). with(:mfa_enroll_backup_code, success: true) @@ -152,7 +153,7 @@ get :edit expect(@analytics).to have_logged_event( 'Backup Code Regenerate Visited', - hash_including(in_multi_mfa_selection_flow: false), + hash_including(in_account_creation_flow: false), ) end end diff --git a/spec/controllers/users/phone_setup_controller_spec.rb b/spec/controllers/users/phone_setup_controller_spec.rb index f65feba8996..43334bbbfe5 100644 --- a/spec/controllers/users/phone_setup_controller_spec.rb +++ b/spec/controllers/users/phone_setup_controller_spec.rb @@ -22,6 +22,7 @@ stub_analytics stub_sign_in_before_2fa(user) subject.user_session[:mfa_selections] = ['voice'] + subject.user_session[:in_account_creation_flow] = true end it 'renders the index view' do diff --git a/spec/controllers/users/piv_cac_authentication_setup_controller_spec.rb b/spec/controllers/users/piv_cac_authentication_setup_controller_spec.rb index bd2205b7cb9..78deccdc71b 100644 --- a/spec/controllers/users/piv_cac_authentication_setup_controller_spec.rb +++ b/spec/controllers/users/piv_cac_authentication_setup_controller_spec.rb @@ -109,7 +109,7 @@ stub_analytics expect(@analytics).to receive(:track_event). with('PIV CAC setup visited', { - in_multi_mfa_selection_flow: false, + in_account_creation_flow: false, enabled_mfa_methods_count: 1, }) diff --git a/spec/controllers/users/piv_cac_login_controller_spec.rb b/spec/controllers/users/piv_cac_login_controller_spec.rb index 05d53fd86bc..ca92bde1d75 100644 --- a/spec/controllers/users/piv_cac_login_controller_spec.rb +++ b/spec/controllers/users/piv_cac_login_controller_spec.rb @@ -13,7 +13,7 @@ it 'tracks the piv_cac setup' do expect(@analytics).to have_received(:track_event).with( 'PIV CAC setup visited', - in_multi_mfa_selection_flow: false, + in_account_creation_flow: false, ) end diff --git a/spec/controllers/users/totp_setup_controller_spec.rb b/spec/controllers/users/totp_setup_controller_spec.rb index d72572dfd87..be785f60bd8 100644 --- a/spec/controllers/users/totp_setup_controller_spec.rb +++ b/spec/controllers/users/totp_setup_controller_spec.rb @@ -42,7 +42,7 @@ user_signed_up: true, totp_secret_present: true, enabled_mfa_methods_count: 1, - in_multi_mfa_selection_flow: false, + in_account_creation_flow: false, } expect(@analytics). @@ -78,7 +78,7 @@ user_signed_up: false, totp_secret_present: true, enabled_mfa_methods_count: 0, - in_multi_mfa_selection_flow: false, + in_account_creation_flow: false, } expect(@analytics). @@ -116,7 +116,7 @@ multi_factor_auth_method: 'totp', auth_app_configuration_id: nil, enabled_mfa_methods_count: 0, - in_multi_mfa_selection_flow: false, + in_account_creation_flow: false, pii_like_keypaths: [[:mfa_method_counts, :phone]], } @@ -153,7 +153,7 @@ multi_factor_auth_method: 'totp', auth_app_configuration_id: next_auth_app_id, enabled_mfa_methods_count: 2, - in_multi_mfa_selection_flow: false, + in_account_creation_flow: false, pii_like_keypaths: [[:mfa_method_counts, :phone]], } @@ -191,7 +191,7 @@ multi_factor_auth_method: 'totp', auth_app_configuration_id: nil, enabled_mfa_methods_count: 1, - in_multi_mfa_selection_flow: false, + in_account_creation_flow: false, pii_like_keypaths: [[:mfa_method_counts, :phone]], } @@ -230,7 +230,7 @@ multi_factor_auth_method: 'totp', auth_app_configuration_id: nil, enabled_mfa_methods_count: 1, - in_multi_mfa_selection_flow: false, + in_account_creation_flow: false, pii_like_keypaths: [[:mfa_method_counts, :phone]], } @@ -268,7 +268,7 @@ multi_factor_auth_method: 'totp', auth_app_configuration_id: nil, enabled_mfa_methods_count: 0, - in_multi_mfa_selection_flow: false, + in_account_creation_flow: false, pii_like_keypaths: [[:mfa_method_counts, :phone]], } expect(@analytics).to have_received(:track_event). @@ -290,6 +290,7 @@ allow(@irs_attempts_api_tracker).to receive(:track_event) subject.user_session[:new_totp_secret] = secret subject.user_session[:mfa_selections] = mfa_selections + subject.user_session[:in_account_creation_flow] = true patch :confirm, params: { name: name, code: generate_totp_code(secret) } end @@ -306,7 +307,7 @@ multi_factor_auth_method: 'totp', auth_app_configuration_id: next_auth_app_id, enabled_mfa_methods_count: 1, - in_multi_mfa_selection_flow: true, + in_account_creation_flow: true, pii_like_keypaths: [[:mfa_method_counts, :phone]], } @@ -331,7 +332,7 @@ multi_factor_auth_method: 'totp', auth_app_configuration_id: next_auth_app_id, enabled_mfa_methods_count: 1, - in_multi_mfa_selection_flow: true, + in_account_creation_flow: true, pii_like_keypaths: [[:mfa_method_counts, :phone]], } @@ -367,7 +368,7 @@ multi_factor_auth_method: 'totp', auth_app_configuration_id: nil, enabled_mfa_methods_count: 0, - in_multi_mfa_selection_flow: false, + in_account_creation_flow: false, pii_like_keypaths: [[:mfa_method_counts, :phone]], } diff --git a/spec/controllers/users/webauthn_setup_controller_spec.rb b/spec/controllers/users/webauthn_setup_controller_spec.rb index b2270d33f70..0109cffd0c1 100644 --- a/spec/controllers/users/webauthn_setup_controller_spec.rb +++ b/spec/controllers/users/webauthn_setup_controller_spec.rb @@ -53,7 +53,7 @@ platform_authenticator: false, errors: {}, enabled_mfa_methods_count: 0, - in_multi_mfa_selection_flow: false, + in_account_creation_flow: false, success: true, ) @@ -97,7 +97,7 @@ multi_factor_auth_method: 'webauthn', success: true, errors: {}, - in_multi_mfa_selection_flow: false, + in_account_creation_flow: false, authenticator_data_flags: { up: true, uv: false, @@ -256,6 +256,11 @@ transports: 'usb', } end + + before do + controller.user_session[:in_account_creation_flow] = true + end + it 'should log expected events' do Funnel::Registration::AddMfa.call(user.id, 'phone', @analytics) expect(@analytics).to receive(:track_event). @@ -265,7 +270,7 @@ { enabled_mfa_methods_count: 1, errors: {}, - in_multi_mfa_selection_flow: true, + in_account_creation_flow: true, mfa_method_counts: { webauthn: 1 }, multi_factor_auth_method: 'webauthn', pii_like_keypaths: [[:mfa_method_counts, :phone]], @@ -310,6 +315,11 @@ platform_authenticator: 'true', } end + + before do + controller.user_session[:in_account_creation_flow] = true + end + it 'should log expected events' do expect(@analytics).to receive(:track_event). with('User marked authenticated', { authentication_type: :valid_2fa_confirmation }) @@ -323,7 +333,7 @@ { enabled_mfa_methods_count: 1, errors: {}, - in_multi_mfa_selection_flow: true, + in_account_creation_flow: true, mfa_method_counts: { webauthn_platform: 1 }, multi_factor_auth_method: 'webauthn_platform', pii_like_keypaths: [[:mfa_method_counts, :phone]], @@ -375,7 +385,7 @@ 'errors.webauthn_platform_setup.attestation_error', link: MarketingSite.contact_url, )] }, - in_multi_mfa_selection_flow: true, + in_account_creation_flow: false, mfa_method_counts: {}, multi_factor_auth_method: 'webauthn_platform', pii_like_keypaths: [[:mfa_method_counts, :phone]], diff --git a/spec/features/users/sign_up_spec.rb b/spec/features/users/sign_up_spec.rb index 30a1381da8f..26d0b4dcb41 100644 --- a/spec/features/users/sign_up_spec.rb +++ b/spec/features/users/sign_up_spec.rb @@ -92,6 +92,44 @@ end end + context 'User in account creation logs in_account_creation_flow for proper analytic events' do + let(:fake_analytics) { FakeAnalytics.new } + before do + allow_any_instance_of(ApplicationController).to receive(:analytics).and_return(fake_analytics) + end + it 'logs analytic events for MFA selected with in account creation flow' do + sign_up_and_set_password + click_2fa_option('phone') + click_2fa_option('backup_code') + + click_continue + fill_in 'new_phone_form_phone', with: '703-555-1212' + click_send_one_time_code + + fill_in_code_with_last_phone_otp + click_submit_default + + expect(current_path).to eq backup_code_setup_path + + click_continue + + expect(page).to have_link(t('components.download_button.label')) + + click_continue + + expect(page).to have_content(t('notices.backup_codes_configured')) + + expect(fake_analytics).to have_logged_event( + 'Multi-Factor Authentication Setup', + success: true, + errors: nil, + multi_factor_auth_method: 'backup_codes', + in_account_creation_flow: true, + enabled_mfa_methods_count: 2, + ) + end + end + scenario 'renders an error when the telephony gem responds with an error' do allow(Telephony).to receive(:phone_info).and_return( Telephony::PhoneNumberInfo.new(carrier: 'Test', type: :test, error: nil), @@ -464,4 +502,8 @@ def clipboard_text end end end + + def click_2fa_option(option) + find("label[for='two_factor_options_form_selection_#{option}']").click + end end