Merge pull request #11892 from 18F/stages/rc-2025-02-18

Deploy RC 452 to Production

Gemfile

@@ -58,7 +58,7 @@ gem 'phonelib'
 gem 'premailer-rails', '>= 1.12.0'
 gem 'profanity_filter'
 gem 'propshaft'
-gem 'rack', '>= 3.0'
+gem 'rack', '~> 3.0.12'
 gem 'rack-attack', github: 'rack/rack-attack', ref: 'd9fedfae4f7f6409f33857763391f4e18a6d7467'
 gem 'rack-cors', '> 2.0.1', require: 'rack/cors'
 gem 'rack-headers_filter'

Gemfile.lock

@@ -512,7 +512,7 @@ GEM
       nio4r (~> 2.0)
     raabro (1.4.0)
     racc (1.8.1)
-    rack (3.0.11)
+    rack (3.0.12)
     rack-cors (2.0.2)
       rack (>= 2.0.0)
     rack-headers_filter (0.0.1)
@@ -831,7 +831,7 @@ DEPENDENCIES
   pry-rails
   psych
   puma (~> 6.0)
-  rack (>= 3.0)
+  rack (~> 3.0.12)
   rack-attack!
   rack-cors (> 2.0.1)
   rack-headers_filter

Makefile

@@ -40,6 +40,7 @@ ARTIFACT_DESTINATION_FILE ?= ./tmp/idp.tar.gz
 	lint_readme \
 	lint_spec_file_name \
 	lintfix \
+	lint_openapi \
 	normalize_yaml \
 	optimize_assets \
 	optimize_svg \
@@ -107,6 +108,8 @@ endif
 	make lint_spec_file_name
 	@echo "--- lint migrations ---"
 	make lint_migrations
+	@echo "--- lint openapi spec ---"
+	make lint_openapi
 
 audit: ## Checks packages for vulnerabilities
 	@echo "--- bundler-audit ---"
@@ -181,6 +184,9 @@ lint_spec_file_name:
 		-exec false {} + \
 		-exec echo "Error: Spec files named incorrectly, should end in '.spec.(js|ts|jsx|tsx)':" {} +
 
+lint_openapi:
+	@yarn lint:openapi	
+
 lintfix: ## Try to automatically fix any Ruby, ERB, JavaScript, YAML, or CSS lint errors
 	@echo "--- rubocop fix ---"
 	bundle exec rubocop -a

app/components/status_page_component.rb

@@ -5,6 +5,7 @@ class StatusPageComponent < BaseComponent
     info: [:question],
     warning: [nil],
     error: [nil, :lock],
+    delete: [nil],
   }.freeze
 
   renders_one :header, ::PageHeadingComponent
@@ -16,7 +17,7 @@ class StatusPageComponent < BaseComponent
 
   attr_reader :status, :icon
 
-  validates_inclusion_of :status, in: %i[info error warning]
+  validates_inclusion_of :status, in: %i[info error warning delete]
   validate :validate_status_icon
 
   def initialize(status: :error, icon: nil)

app/controllers/concerns/idv/document_capture_concern.rb

@@ -106,6 +106,8 @@ def track_document_request_event(document_request:, document_response:, timer:)
         success: @url.present?,
         document_type: document_request_body[:documentType],
         docv_transaction_token: response_hash.dig(:data, :docvTransactionToken),
+        socure_status: response_hash[:status],
+        socure_msg: response_hash[:msg],
       }
       analytics_hash = log_extras
         .merge(analytics_arguments)

app/controllers/idv/document_capture_controller.rb

@@ -125,14 +125,19 @@ def allow_direct_ipp?
       # Only allow direct access to document capture if IPP available
       return false unless IdentityConfig.store.in_person_doc_auth_button_enabled &&
                           Idv::InPersonConfig.enabled_for_issuer?(decorated_sp_session.sp_issuer)
-      @previous_step_url = params[:step] == 'hybrid_handoff' ? idv_hybrid_handoff_path : nil
+      @previous_step_url = step_is_handoff? ? idv_hybrid_handoff_path : nil
       # allow
       idv_session.flow_path = 'standard'
-      idv_session.skip_doc_auth_from_handoff = true
+      idv_session.skip_doc_auth_from_handoff = step_is_handoff?
+      idv_session.skip_doc_auth_from_how_to_verify = params[:step] == 'how_to_verify'
       idv_session.skip_hybrid_handoff = nil
       true
     end
 
+    def step_is_handoff?
+      params[:step] == 'hybrid_handoff'
+    end
+
     def set_usps_form_presenter
       @presenter = Idv::InPerson::UspsFormPresenter.new
     end

app/controllers/idv/socure/document_capture_controller.rb

@@ -91,13 +91,11 @@ def self.step_info
           controller: self,
           next_steps: [:ssn, :ipp_ssn],
           preconditions: ->(idv_session:, user:) {
-            idv_session.flow_path == 'standard' && (
-              # mobile
-              idv_session.skip_doc_auth_from_handoff ||
-              idv_session.skip_hybrid_handoff ||
-              idv_session.skip_doc_auth_from_how_to_verify ||
-              !idv_session.selfie_check_required ||
-              idv_session.desktop_selfie_test_mode_enabled?)
+            idv_session.flow_path == 'standard' &&
+              !idv_session.selfie_check_required && (
+                # mobile
+                idv_session.skip_hybrid_handoff ||
+                idv_session.desktop_selfie_test_mode_enabled?)
           },
           undo_step: ->(idv_session:, user:) do
             idv_session.pii_from_doc = nil

app/javascript/packages/phone-input/package.json

@@ -4,7 +4,7 @@
   "version": "1.0.0",
   "dependencies": {
     "intl-tel-input": "^24.5.0",
-    "libphonenumber-js": "^1.11.19"
+    "libphonenumber-js": "^1.11.20"
   },
   "sideEffects": [
     "./index.ts"

app/jobs/socure_docv_results_job.rb

@@ -18,6 +18,7 @@ def perform(document_capture_session_uuid:, async: true, docv_transaction_token_
     docv_result_response = timer.time('vendor_request') do
       socure_document_verification_result
     end
+
     log_verification_request(
       docv_result_response:,
       vendor_request_time_in_ms: timer.results['vendor_request'],
@@ -56,7 +57,6 @@ def analytics
   def log_verification_request(docv_result_response:, vendor_request_time_in_ms:)
     analytics.idv_socure_verification_data_requested(
       **docv_result_response.to_h.merge(
-        docv_transaction_token: document_capture_session.socure_docv_transaction_token,
         submit_attempts: rate_limiter&.attempts,
         remaining_submit_attempts: rate_limiter&.remaining_count,
         vendor_request_time_in_ms:,

app/models/user.rb

@@ -3,7 +3,6 @@
 class User < ApplicationRecord
   include NonNullUuid
 
-  include ::NewRelic::Agent::MethodTracer
   include ActionView::Helpers::DateHelper
 
   devise(
@@ -508,8 +507,6 @@ def send_confirmation_instructions
     # no-op
   end
 
-  add_method_tracer :send_devise_notification, "Custom/#{name}/send_devise_notification"
-
   def analytics
     @analytics ||= Analytics.new(user: self, request: nil, session: {}, sp: nil)
   end

app/presenters/confirmation_email_presenter.rb

@@ -1,8 +1,6 @@
 # frozen_string_literal: true
 
 class ConfirmationEmailPresenter
-  include ::NewRelic::Agent::MethodTracer
-
   def initialize(user, view)
     @user = user
     @view = view
@@ -40,8 +38,4 @@ def confirmation_period
   private
 
   attr_reader :user, :view
-
-  add_method_tracer :initialize, "Custom/#{name}/initialize"
-  add_method_tracer :first_sentence, "Custom/#{name}/first_sentence"
-  add_method_tracer :confirmation_period, "Custom/#{name}/confirmation_period"
 end

app/services/analytics_events.rb

@@ -4992,6 +4992,8 @@ def idv_session_error_visited(
   # @param [Boolean] liveness_enabled Whether or not the selfie result is included in response
   # @param [String] vendor which 2rd party we are using for doc auth
   # @param [Hash] document_type type of socument submitted (Drivers Licenese, etc.)
+  # @param [String] socure_status Socure's status value for internal errors on their side.
+  # @param [String] socure_msg Socure's status message for interal errors on their side.
   # The request for socure verification was sent
   def idv_socure_document_request_submitted(
     success:,
@@ -5014,6 +5016,8 @@ def idv_socure_document_request_submitted(
     document_type: nil,
     docv_transaction_token: nil,
     flow_path: nil,
+    socure_status: nil,
+    socure_msg: nil,
     **extra
   )
     track_event(
@@ -5038,6 +5042,8 @@ def idv_socure_document_request_submitted(
       document_type:,
       docv_transaction_token:,
       flow_path:,
+      socure_status:,
+      socure_msg:,
       **extra,
     )
   end
@@ -5121,36 +5127,40 @@ def idv_socure_shadow_mode_proofing_result_missing(**extra)
   # @param [String] birth_year Birth year from document
   # @param [Integer] issue_year Year document was issued
   # @param [Boolean] biometric_comparison_required does doc auth require biometirc
+  # @param [String] vendor_status Socure's request status (used for errors)
+  # @param [String] vendor_status_message socure's error message (used for errors)
   # The request for socure verification was sent
   def idv_socure_verification_data_requested(
     success:,
     errors:,
     async:,
-    reference_id:,
-    reason_codes:,
-    document_type:,
-    decision:,
-    state:,
-    state_id_type:,
     submit_attempts:,
-    remaining_submit_attempts:,
-    liveness_checking_required:,
-    issue_year:,
     vendor_request_time_in_ms:,
     doc_type_supported:,
     doc_auth_success:,
     vendor:,
-    address_line2_present:,
-    zip_code:,
-    birth_year:,
-    liveness_enabled:,
-    biometric_comparison_required:,
+    remaining_submit_attempts:,
+    reference_id: nil,
+    reason_codes: nil,
+    document_type: nil,
+    decision: nil,
+    state: nil,
+    state_id_type: nil,
+    liveness_checking_required: nil,
+    issue_year: nil,
+    address_line2_present: nil,
+    zip_code: nil,
+    birth_year: nil,
+    liveness_enabled: nil,
+    biometric_comparison_required: nil,
     customer_profile: nil,
     docv_transaction_token: nil,
     user_id: nil,
     exception: nil,
     flow_path: nil,
     billed: nil,
+    vendor_status: nil,
+    vendor_status_message: nil,
     **extra
   )
     track_event(
@@ -5183,6 +5193,8 @@ def idv_socure_verification_data_requested(
       issue_year:,
       liveness_enabled:,
       biometric_comparison_required:,
+      vendor_status:,
+      vendor_status_message:,
       **extra,
     )
   end

app/services/doc_auth/socure/request.rb

@@ -51,10 +51,11 @@ def handle_invalid_response(http_response)
           exception: exception,
           status: response_body.dig('status'),
           status_message: response_body.dig('msg'),
+          reference_id: response_body.dig('referenceId'),
         )
       end
 
-      def handle_connection_error(exception:, status: nil, status_message: nil)
+      def handle_connection_error(exception:, status: nil, status_message: nil, reference_id: nil)
         raise NotImplementedError
       end
 

app/services/doc_auth/socure/requests/document_request.rb

@@ -44,7 +44,7 @@ def handle_http_response(http_response)
           JSON.parse(http_response.body, symbolize_names: true)
         end
 
-        def handle_connection_error(exception:, status: nil, status_message: nil)
+        def handle_connection_error(exception:, status: nil, status_message: nil, reference_id: nil)
           NewRelic::Agent.notice_error(exception)
           {
             success: false,
@@ -54,6 +54,7 @@ def handle_connection_error(exception:, status: nil, status_message: nil)
               vendor: 'Socure',
               vendor_status: status,
               vendor_status_message: status_message,
+              reference_id:,
             }.compact,
           }
         end

app/services/doc_auth/socure/requests/docv_result_request.rb

@@ -32,7 +32,7 @@ def handle_http_response(http_response)
           )
         end
 
-        def handle_connection_error(exception:, status: nil, status_message: nil)
+        def handle_connection_error(exception:, status: nil, status_message: nil, reference_id: nil)
           NewRelic::Agent.notice_error(exception)
           DocAuth::Response.new(
             success: false,
@@ -42,6 +42,7 @@ def handle_connection_error(exception:, status: nil, status_message: nil)
               vendor: 'Socure',
               vendor_status: status,
               vendor_status_message: status_message,
+              reference_id:,
             }.compact,
           )
         end

app/services/doc_auth/socure/responses/docv_result_response.rb

@@ -8,6 +8,8 @@ class DocvResultResponse < DocAuth::Response
 
         DATA_PATHS = {
           reference_id: %w[referenceId],
+          status: %w[status],
+          msg: %w[msg],
           document_verification: %w[documentVerification],
           reason_codes: %w[documentVerification reasonCodes],
           document_type: %w[documentVerification documentType],
@@ -55,7 +57,7 @@ def initialize(http_response:,
             exception: e,
             extra: {
               backtrace: e.backtrace,
-            },
+            }
           )
         end
 
@@ -70,6 +72,8 @@ def selfie_status
         def extra_attributes
           {
             reference_id: get_data(DATA_PATHS[:reference_id]),
+            vendor_status: get_data(DATA_PATHS[:status]),
+            vendor_status_message: get_data(DATA_PATHS[:msg]),
             decision: get_data(DATA_PATHS[:decision]),
             biometric_comparison_required: biometric_comparison_required,
             customer_profile: get_data(DATA_PATHS[:customer_profile]),

app/services/send_sign_up_email_confirmation.rb

@@ -1,8 +1,6 @@
 # frozen_string_literal: true
 
 class SendSignUpEmailConfirmation
-  include ::NewRelic::Agent::MethodTracer
-
   attr_reader :user
 
   def initialize(user)
@@ -65,6 +63,4 @@ def send_suspended_user_email
   def handle_multiple_email_address_error
     raise 'sign up user has multiple email address records'
   end
-
-  add_method_tracer :call, "Custom/#{name}/call"
 end

app/views/account_reset/confirm_delete_account/show.html.erb

@@ -1,10 +1,6 @@
 <% self.title = t('account_reset.confirm_delete_account.title') %>
-<div class="margin-y-2 padding-y-6 padding-x-4 tablet:padding-x-6 border border-error rounded-xl position-relative">
-  <%= render AlertIconComponent.new(
-        icon_name: :delete,
-        class: 'alert-icon--centered-top',
-      ) %>
-  <%= render PageHeadingComponent.new.with_content(t('account_reset.confirm_delete_account.title')) %>
+<%= render StatusPageComponent.new(status: :delete) do |c| %>
+  <% c.with_header { t('account_reset.confirm_delete_account.title') } %>
   <p><%= t('account_reset.confirm_delete_account.info_html', email: email) %></p>
   <p class="margin-bottom-0">
     <%= t(
@@ -15,4 +11,4 @@
           ),
         ) %>
     </p>
-</div>
+<% end %>

app/views/user_mailer/shared/_in_person_ready_to_verify.html.erb

@@ -38,7 +38,7 @@
 <table class="usa-alert usa-alert--info margin-y-4">
   <tr>
     <td style="width:16px;">
-      <%= image_tag('email/info.png', width: 16, height: 16, alt: '', style: 'margin-top: 4px;') %>
+      <%= image_tag('email/info@4x.png', width: 16, height: 16, alt: '', style: 'margin-top: 4px;') %>
     </td>
     <td>
       <p class="margin-bottom-1"><strong><%= t('in_person_proofing.body.barcode.deadline', deadline: @presenter.formatted_due_date) %></strong></p>