From 1a6823dc180461a9fff06e56924d839ec47e150f Mon Sep 17 00:00:00 2001
From: Sonia Connolly <sonia.connolly@gsa.gov>
Date: Fri, 5 Jan 2024 08:26:27 -0800
Subject: [PATCH 1/3] Expect 406 because of prod block on selfies

Co-authored-by: John Maxwell <john.maxwell@gsa.gov>

[skip changelog]
---
 .../controllers/openid_connect/authorization_controller_spec.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/spec/controllers/openid_connect/authorization_controller_spec.rb b/spec/controllers/openid_connect/authorization_controller_spec.rb
index 8a606866db5..4d75d5fed7b 100644
--- a/spec/controllers/openid_connect/authorization_controller_spec.rb
+++ b/spec/controllers/openid_connect/authorization_controller_spec.rb
@@ -319,7 +319,7 @@
                 it 'redirects to the redirect_uri immediately when pii is unlocked if client-side redirect is disabled' do
                   action
 
-                  expect(response).to redirect_to(/^#{params[:redirect_uri]}/)
+                  expect(response.status).to eq(406)
                 end
               end
             end

From d7576d5ff09374243aa01e852b08ef7b165b732b Mon Sep 17 00:00:00 2001
From: Sonia Connolly <sonia.connolly@gsa.gov>
Date: Fri, 5 Jan 2024 09:28:19 -0800
Subject: [PATCH 2/3] Update spec title to match

---
 .../openid_connect/authorization_controller_spec.rb           | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/spec/controllers/openid_connect/authorization_controller_spec.rb b/spec/controllers/openid_connect/authorization_controller_spec.rb
index 4d75d5fed7b..adf39012af4 100644
--- a/spec/controllers/openid_connect/authorization_controller_spec.rb
+++ b/spec/controllers/openid_connect/authorization_controller_spec.rb
@@ -314,9 +314,9 @@
                 end
               end
 
-              context 'selfie capture not enabled, selfie check was not performed' do
+              context 'selfie capture not enabled, biometric_comparison_check requested by sp' do
                 let(:selfie_capture_enabled) { false }
-                it 'redirects to the redirect_uri immediately when pii is unlocked if client-side redirect is disabled' do
+                it 'returns status not_acceptable' do
                   action
 
                   expect(response.status).to eq(406)

From 55224e6fdadbc7645ea0bd820811f7f1255c07ca Mon Sep 17 00:00:00 2001
From: John Maxwell <john.maxwell@gsa.gov>
Date: Fri, 5 Jan 2024 11:51:37 -0500
Subject: [PATCH 3/3] Update view_component to 3.9.0 to fix security
 vulnerability

[skip changelog]
---
 Gemfile.lock | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/Gemfile.lock b/Gemfile.lock
index 588991c4667..2d746f3e50d 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -208,7 +208,7 @@ GEM
       erubi (~> 1.4)
       parser (>= 2.4)
       smart_properties
-    bigdecimal (3.1.4)
+    bigdecimal (3.1.5)
     bindata (2.4.15)
     bootsnap (1.17.0)
       msgpack (~> 1.2)
@@ -684,7 +684,7 @@ GEM
       activemodel
       mail (>= 2.6.1)
       simpleidn
-    view_component (3.8.0)
+    view_component (3.9.0)
       activesupport (>= 5.2.0, < 8.0)
       concurrent-ruby (~> 1.0)
       method_source (~> 1.0)