Merged
Conversation
…ionController` (#9602) The `PersonalKeyVerificationController` is used to verify a personal key as an MFA method and allow a user to sign in. When this is done a new personal key is issued. This controller had code for re-encrypting the users profile with the newly issued personal key. However, a user with an active profile was never able to reach this path. The `check_personal_key_enabled` calls `TwoFactorAuthentication::PersonalKeyPolicy#enabled?`. This method returns false if the user has any profiles. Since this code path is unreachable this commit removes it. I was not able to find any tests covering this re-encryption behavior. [skip changelog]
…nt (#9594) * LG-11573: Add RISC events for account suspension, account reinstatement changelog: Internal, User suspension, Add RISC events for user suspension * feedback * feedback * feedback name changed
…key (#9601) In #9509 we added the ability to specify which profile to fetch PII from when reading PII from the session. This commit uses the active profiles PII when encrypting recovery PII for the active profile when the active profile has a broken personal key. changelog: Internal, Pending and active profile, The active profile PII is fetched with the PII cacher when a user with a broken personal key on their active profile signs in.
changelog: Internal, Analytics, Adjust format of analytics logging to improve querying support
* Remove Tracker#parse_failure_reason **Why**: Simplifies codebase * Remove failure_reason entirely **Why**: Inconsitent structure, and completely unused * Remove some more unused fake tracker code changelog: Internal, Source code, Clean up unused error tracking code
* Support tag options for IconListItemComponent * Use IconListComponent for requested attributes changelog: Internal, Components, Use consistent design system component for icon list * Use ButtonComponent for auth confirmation * Remove seemingly-unnecessary assertion content scoping
- Require optparse, test it - Use pretty-printing changelog: Internal, Testing, Add AAMVA test script covered by specs
…nd MFA prompt (#9587) * changelog: User-Facing Improvements, Webauthn, Prevent duplicate F/T setup on second MFA prompt * add spec coverage for platform auth redirect * move test to a function * move conditional to before_action * clean up validate platform authenticator method
#9560) * changelog: Internal, tech debt, Break up MFA presenter class for phone * split phone, voice, and sms presenter classes up * add tests cases for sign_in and set_up phone presenter class * split setup signin presenter spec for voice and sms * lint fix * remove old phone selection presenter spec * rename phone presenter in spec * remove unneeded configuration variable, leverage user for type method * remove info method from phone sub classes * update options presenter spec with newly split classes * merge sms and voice presenters * revise specs according to merged classes * remove deprecated spec and lint fix * change info to switch and fix regression with disabled? method * lint fix * fix spec * remove deprecated translations from setup presenter * move reader :method to phone sign in presenter * fix lint * fix lint * clean up selection presenter class * remove unneeded configuration setting * remove configuration from set up presenter spec * add sms and voice outage spec, standardize spec syntax * clarify some syntax
changelog: Internal, Code Quality, Move error messages for WebAuthn verification to form class
* Add analytics property for WebAuthn sign-in frontend error changelog: Internal, Analytics, Add analytics property for WebAuthn sign-in frontend error * Document frontend_error
* Update missed references to SignIn base selection presenter * Remove unused SelectionPresenter * Swap base presenters to raising NotImplementedError * Swap phone method comparison to use symbol Consistency with logic elsewhere in class * Raise on missing type method in base presenter classes * Consolidate presenter classes to define only type method * Rename phone selection presenter method to delivery_method * Add changelog changelog: Internal, Code Quality, Remove unused code related to MFA selection presenters * Update call sites to use new delivery_method constructor argument * Use setup-specific string for WebAuthn setup presenter
…heir password (#9607) In #9509 we added the ability to specify which profile to fetch PII from when reading PII from the session. As a result of this change we can encrypt both the pending and active profile with user's password. This means both profiles can be decrypted on sign-in. There are consequences for recovery with personal key. When the user changes their password and their data is encrypted their recovery PII is also encrypted as a consequence. The pending and active profile are both encrypted with a different personal key. In this commit I elected to display the pending profile personal key to the user so that profile is recoverable when it becomes active. [skip changelog]
* add hint for tx * change name of file * change pack name * refactor show or hide hint function * update state guidance spec * changelog: User-Facing Improvements, State id page, tx specific id numner hint text * use text content instead of inner html * add translations for fr and es * lint fix for translations * update string * normalize yaml * add punctuation to en translation * update es translation * lint fix
changelog: Internal, Code Formatting, Update Prettier code formatter to latest version
* Log service_provider for RackAttack events changelog: Internal, Logging, Log service_provider for RackAttack events * Update spec/requests/rack_attack_spec.rb Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com> * Update spec/requests/rack_attack_spec.rb Co-authored-by: Andrew Duthie <andrew.duthie@gsa.gov> --------- Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com> Co-authored-by: Andrew Duthie <andrew.duthie@gsa.gov>
This was just glue to support running the job, and is no longer needed. [skip changelog]
changelog: Internal, Identity verification, Automatically expire inactive GPO profiles.
…ate (#9617) **Why**: Keeping complex HTML inside translation strings is error-prone and can be easy to accidentally mis-align across languages * Refactor to support toggling for state-specific hints - Add HTML view specs too changelog: Accessibility, Screen reader support, Bring back screenreader support for State ID number hint
* LG-11477: Document issuer type check. When document type is classified as 'Identification Card', it may mean a State issued identification card. It can also include US Passport Card, VHIC, US Social Security Card, TWIC etc, all of them are not issued by a State. So we also need to check whether the issuer type is StateProvince, not by a Country. Driver's License/Identification Card issued by PR, VI, MP etc, do have issuer type of StateProvince. So by checking IssuerType of the document, we effectively excludes IDs issued at Federal level which are not supported document. * LG-11477: update test. * LG-11477: generate error for doc type before metrics. * LG-11477: use constant for string. * changelog: User-Facing Improvements, Doc Auth, Error for unsupported documents. * LG-11477: id type support logic update for mock client response. * LG-11477: update fixtures with doc issuer type field. * LG-11477: short circuit logic, no need to continue to check. * LG-11477: null safe operation. * LG-11477: minor code format change. * LG-11477: no need in rails. * LG-11477: test clean up.
…sh (#9619) * Update stylelint-config-recommended-scss changelog: Internal, Dependencies, Update dependencies to latest versions * Prepare 3.0.0 release
…#9616) * Update JavaScript analytics examples to use new naming convention * Add new event naming convention support to FrontendLogController * LG-11435: Track frontend analytics for changed country in phone input changelog: Internal, Analytics, Track event when country changed in phone input * Use symbol list syntax Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com> * Improve handling of undefined country code --------- Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com>
* log acuantCaptureMode as null when an image is uploaded Co-authored-by: Dawei Wang<dawei.wang@gsa.gov> * update spec to expect acuantCaptureMode is null for images uploaded during doc auth * changelog: Internal, Analytics, Image added logs define acuantCaptureMode only if acuant is used to capture the image * update js test upload test * happy linting * nullify acuantCaptureMode in getAddAttemptAnalyticsPayload when image source is upload
* Bump YAML dependency to latest * Bump normalize-yaml to 2.0.0 changelog: Internal, Packages, Publish `@18f/identity-normalize-yaml@2.0.0`
aduth
requested review from
dawei-nava,
kevinsmaster5,
mitchellhenke,
olatifflexion and
svalexander
jmdembe
approved these changes
Nov 21, 2023
Contributor
Author
zachmargolis
approved these changes
Nov 21, 2023
changelog: Bug Fixes, Buttons, Fix appearance of inline buttons
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
10 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
User-Facing Improvements
Bug Fixes
Internal
@18f/identity-normalize-yaml@2.0.0(#9627)