Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Deploy RC 121 to Production #4327

Merged
merged 36 commits into from
Oct 22, 2020
Merged
Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
36 commits
Select commit Hold shift + click to select a range
61bda7f
Log the user UUID in the image uploads controller (#4286)
jmhooper Oct 7, 2020
c8b47ab
Async phone proofing calls (LG-3275) (#4273)
mitchellhenke Oct 7, 2020
d391f77
LG-3512: Apply link button styling to link element (#4290)
aduth Oct 8, 2020
538d341
Hide "+" character from screen readers via aria-hidden (LG-3560) (#4291)
zachmargolis Oct 8, 2020
7d83586
Fix intermittent IAA Billing Report test failures by sorting SPs (#4289)
aduth Oct 9, 2020
0f39228
Remove unused Webpack loaders (#4279)
aduth Oct 9, 2020
979a8d1
Add source-map-loader to Webpack configuration (#4280)
aduth Oct 9, 2020
3cc950a
LG-3423: Refactor doc capture (hybrid) polling to own endpoint (#4293)
aduth Oct 9, 2020
ce1350d
Async proofing for recovery flow (#4294)
mitchellhenke Oct 9, 2020
4ac261c
Remove unused profile step (#4297)
mitchellhenke Oct 9, 2020
2cd5364
Add CircleCI lint step to verify ES5 syntax for Internet Explorer (#4…
aduth Oct 9, 2020
d80d65b
Generate desktop selfie as JPEG at original (constrained) capture siz…
aduth Oct 9, 2020
31311a7
Remove explicit dependency to identity-es5-safe (#4298)
aduth Oct 9, 2020
a060bf4
fix warning from i18n update (#4300)
mitchellhenke Oct 9, 2020
206b7b0
Fixes a bug where canceling identity proofing would leave the user in…
solipet Oct 13, 2020
1e17c4c
Use default USWDS pseudo-class for banner collapse button (#4277)
aduth Oct 14, 2020
b89e615
Convert more slim templates (#4304)
mitchellhenke Oct 14, 2020
f04b14e
LG-3576 Update the piv/cac chooser page with new graphics, layout, co…
amathews-fs Oct 14, 2020
faf0b5b
Fixing 2FA SMS code not autocompleting in Safari (#4303)
ankurp Oct 14, 2020
f857528
One liner to fix local docker building. (#4306)
amathews-fs Oct 14, 2020
9db3846
ensure input has associated label (#4311)
mitchellhenke Oct 15, 2020
17a897a
fix bottom margin on label (#4312)
mitchellhenke Oct 15, 2020
2b6c824
async proofing for cac flow (#4299)
mitchellhenke Oct 15, 2020
03090dc
Async resolution proofing in USPS flow (#4305)
mitchellhenke Oct 15, 2020
9f15e03
Use lambdas for async resolution proofing calls (#4308)
mitchellhenke Oct 16, 2020
3ecdadc
Convert more slim templates (#4316)
mitchellhenke Oct 16, 2020
1abcb81
Add aria-invalid attribute to all required fields (LG-3531) (#4309)
zachmargolis Oct 19, 2020
9ed0f90
LG-3419: Add background upload for images in document capture (#4314)
aduth Oct 19, 2020
fc821dd
DocAuth: Move it to a gem (#4307)
zachmargolis Oct 19, 2020
1287b45
LG-3589: List supported MIME types for file input accept pattern (#4317)
aduth Oct 19, 2020
d22a63a
Update string usage from doc auth gem (#4320)
aduth Oct 20, 2020
82389b9
LG-3672 Fix overall success rate reporting when doc capture step enab…
stevegsa Oct 20, 2020
5778e83
LG-3645 Fix authentication costing for SAML (#4319)
stevegsa Oct 20, 2020
edd83da
Ensure advance warning of links opening new window (LG-3528) (#4310)
mitchellhenke Oct 20, 2020
05723ea
LG-3416 API to verify documents (#4313)
stevegsa Oct 21, 2020
a415de4
Bump identity-idp-functions (#4328)
zachmargolis Oct 21, 2020
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
LG-3416 API to verify documents (#4313)
  • Loading branch information
stevegsa authored Oct 21, 2020
commit 05723eac9dcba6581fa92da9ab282a4a6a6bf1ca
110 changes: 110 additions & 0 deletions app/forms/idv/api_document_verification_form.rb
Original file line number Diff line number Diff line change
@@ -0,0 +1,110 @@
module Idv
class ApiDocumentVerificationForm
include ActiveModel::Model
include ActionView::Helpers::TranslationHelper

validates_presence_of :encryption_key
validate :validate_image_urls
validates_presence_of :document_capture_session
validates_presence_of :front_image_iv
validates_presence_of :back_image_iv
validates_presence_of :selfie_image_iv, if: :liveness_checking_enabled?

validate :throttle_if_rate_limited

def initialize(params, liveness_checking_enabled:)
@params = params
@liveness_checking_enabled = liveness_checking_enabled
@readable = {}
end

def submit
throttled_else_increment

FormResponse.new(
success: valid?,
errors: errors.messages,
extra: {
remaining_attempts: remaining_attempts,
},
)
end

def status
return :ok if valid?
return :too_many_requests if errors.key?(:limit)
:bad_request
end

def remaining_attempts
return unless document_capture_session
Throttler::RemainingCount.call(document_capture_session.user_id, :idv_acuant)
end

def liveness_checking_enabled?
@liveness_checking_enabled
end

def document_capture_session_uuid
params[:document_capture_session_uuid]
end

def document_capture_session
@document_capture_session ||= DocumentCaptureSession.find_by(
uuid: document_capture_session_uuid,
)
end

private

attr_reader :params

def encryption_key
params[:encryption_key]
end

def front_image_iv
params[:front_image_iv]
end

def back_image_iv
params[:back_image_iv]
end

def selfie_image_iv
params[:selfie_image_iv]
end

def valid_url?(key)
uri = params[key]
parsed_uri = URI.parse(uri)
parsed_uri.scheme.present? && parsed_uri.host.present?
rescue URI::InvalidURIError
false
end

def throttle_if_rate_limited
return unless @throttled
errors.add(:limit, t('errors.doc_auth.acuant_throttle'))
end

def throttled_else_increment
return unless document_capture_session
@throttled = Throttler::IsThrottledElseIncrement.call(
document_capture_session.user_id,
:idv_acuant,
)
end

def validate_image_urls
errors.add(:front_image_url, invalid_link) unless valid_url?(:front_image_url)
errors.add(:back_image_url, invalid_link) unless valid_url?(:back_image_url)
return if valid_url?(:selfie_image_url)
errors.add(:selfie_image_url, invalid_link) unless liveness_checking_enabled?
end

def invalid_link
t('doc_auth.errors.not_a_file')
end
end
end
14 changes: 14 additions & 0 deletions app/jobs/vendor_document_verification_job.rb
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
class VendorDocumentVerificationJob
def self.perform(_document_capture_session_result_id:,
_encryption_key:,
_front_image_iv:,
_back_image_iv:,
_selfie_image_iv:,
_front_image_url:,
_back_image_url:,
_selfie_image_url:,
_liveness_checking_enabled:)

FormResponse.new(success: true, errors: {})
end
end
8 changes: 7 additions & 1 deletion app/services/flow/base_flow.rb
Original file line number Diff line number Diff line change
@@ -1,13 +1,14 @@
module Flow
class BaseFlow
attr_accessor :flow_session
attr_reader :steps, :actions, :current_user, :params, :request
attr_reader :steps, :actions, :current_user, :params, :request, :json, :http_status

def initialize(controller, steps, actions, session)
@controller = controller
@steps = steps.with_indifferent_access
@actions = actions.with_indifferent_access
@redirect = nil
@json = nil
@flow_session = session
end

Expand All @@ -23,6 +24,11 @@ def redirect_to(url)
@redirect = url
end

def render_json(json, status: nil)
@json = json
@http_status = status || :ok
end

def handle(step)
@flow_session[:error_message] = nil
@flow_session[:notice] = nil
Expand Down
4 changes: 4 additions & 0 deletions app/services/flow/base_step.rb
Original file line number Diff line number Diff line change
Expand Up @@ -68,6 +68,10 @@ def redirect_to(url)
@flow.redirect_to(url)
end

def render_json(json, status: nil)
@flow.render_json(json, status: status)
end

def reset
@flow.flow_session = {}
end
Expand Down
4 changes: 4 additions & 0 deletions app/services/flow/flow_state_machine.rb
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,10 @@ def update
result = flow.handle(step)
analytics.track_event(analytics_submitted, result.to_h.merge(step: step)) if @analytics_id
register_update_step(step, result)
if flow.json
render json: flow.json, status: flow.http_status
return
end
flow_finish and return unless next_step
render_update(step, result)
end
Expand Down
44 changes: 44 additions & 0 deletions app/services/idv/actions/verify_document_action.rb
Original file line number Diff line number Diff line change
@@ -0,0 +1,44 @@
module Idv
module Actions
class VerifyDocumentAction < Idv::Steps::DocAuthBaseStep
def call
enqueue_job
end

private

def form_submit
json = form.submit
render_json(json, status: form.status)
json
end

def form
@form ||= Idv::ApiDocumentVerificationForm.new(
params,
liveness_checking_enabled: liveness_checking_enabled?,
)
end

def enqueue_job
document_capture_session = create_document_capture_session(
verify_document_capture_session_uuid_key,
)
document_capture_session.requested_at = Time.zone.now
document_capture_session.store_proofing_pii_from_doc({})

VendorDocumentVerificationJob.perform(
_document_capture_session_result_id: document_capture_session.result_id,
_encryption_key: params[:encryption_key],
_front_image_iv: params[:front_image_iv],
_back_image_iv: params[:back_image_iv],
_selfie_image_iv: params[:selfie_image_iv],
_front_image_url: params[:front_image_url],
_back_image_url: params[:back_image_url],
_selfie_image_url: params[:selfie_image_url],
_liveness_checking_enabled: params[:liveness_checking_enabled],
)
end
end
end
end
58 changes: 58 additions & 0 deletions app/services/idv/actions/verify_document_status_action.rb
Original file line number Diff line number Diff line change
@@ -0,0 +1,58 @@
module Idv
module Actions
class VerifyDocumentStatusAction < Idv::Steps::VerifyBaseStep
def call
process_async_state(async_state)
end

private

def process_async_state(current_async_state)
render_json case current_async_state.status
when :none
{ success: true, status: nil }
when :in_progress
{ success: true, status: 'in_progress' }
when :timed_out
{ success: false, status: nil, errors: ['timeout'] }
when :done
success = process_result(current_async_state.result)
async_state_done if success
{ success: true, status: success ? 'success' : 'fail' }
end
end

def async_state_done
delete_async
mark_step_complete(:document_capture)
save_proofing_components
end

def process_result(result)
add_cost(:acuant_result) if result.to_h[:billed]
response = idv_result_to_form_response(result)
response.success?
end

def async_state
dcs_uuid = flow_session[verify_document_capture_session_uuid_key]
dcs = DocumentCaptureSession.find_by(uuid: dcs_uuid)
return ProofingDocumentCaptureSessionResult.none if dcs_uuid.nil?
return ProofingDocumentCaptureSessionResult.timed_out if dcs.nil?

proofing_job_result = dcs.load_proofing_result
return ProofingDocumentCaptureSessionResult.timed_out if proofing_job_result.nil?

if proofing_job_result.result
proofing_job_result.done
elsif proofing_job_result.pii
ProofingDocumentCaptureSessionResult.in_progress
end
end

def delete_async
flow_session.delete(verify_document_capture_session_uuid_key)
end
end
end
end
2 changes: 2 additions & 0 deletions app/services/idv/flows/doc_auth_flow.rb
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,8 @@ class DocAuthFlow < Flow::BaseFlow
ACTIONS = {
reset: Idv::Actions::ResetAction,
redo_ssn: Idv::Actions::RedoSsnAction,
verify_document: Idv::Actions::VerifyDocumentAction,
verify_document_status: Idv::Actions::VerifyDocumentStatusAction,
}.freeze

attr_reader :idv_session # this is needed to support (and satisfy) the current LOA3 flow
Expand Down
4 changes: 4 additions & 0 deletions app/services/idv/steps/doc_auth_base_step.rb
Original file line number Diff line number Diff line change
Expand Up @@ -226,6 +226,10 @@ def recover_verify_document_capture_session_uuid_key
:idv_recover_verify_step_document_capture_session_uuid
end

def verify_document_capture_session_uuid_key
:verify_document_action_document_capture_session_uuid
end

delegate :idv_session, :session, to: :@flow
end
end
Expand Down
Loading