-
Notifications
You must be signed in to change notification settings - Fork 113
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
LG-13006: remove instances of skip_doc_auth #11043
base: main
Are you sure you want to change the base?
Conversation
01fa496
to
653f4c2
Compare
54ce8f5
to
7c0b2f7
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Everything looks good to me. Nice Job! I just had one quick question.
Does skip_doc_auth
need to be removed from the VALID_SESSION_ATTRIBUTES
constant in app/services/idv/session.rb
?
identity-idp/app/services/idv/session.rb
Line 28 in 959fa81
skip_doc_auth |
@shanechesnutt-ft Great observation and question! We actually will be removing it after the deployment. It was actually called out specifically in the ticket as the last and final step 👉 https://cm-jira.usa.gov/browse/LG-13006 |
@@ -49,7 +49,6 @@ def extra_view_variables | |||
flow_path: 'standard', | |||
sp_name: decorated_sp_session.sp_name, | |||
failure_to_proof_url: return_to_sp_failure_to_proof_url(step: 'document_capture'), | |||
skip_doc_auth: idv_session.skip_doc_auth, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@KeithNava
(I’m starting this general conversation on a specific file so that replies are threaded.)
When I look at the “Progress” section of the ticket LG-13006, I see checkbox 4
- remove decision points with the old value skip_doc_auth and replace with skip_doc_auth_from_how_to_verify. PR created (23 May), wait for next deploy to merge.
After the “wait for deploy” line, I see checkbox 5
- remove skip_doc_auth from everywhere, except session.rb.
Based on the "Summary of changes" in the PR description, I think this PR is meant to take care of checkbox 5, correct? I don’t see that Micah N’s PR #10690, which I believe took care of checkbox 4, was ever merged. Are you planning on merging that PR before this one? Does it need a review?
Let me know, thanks! I haven’t yet had a chance to review this PR, but I wanted to ask this question upfront because I know sequencing gets tricky for PRs that are affected by 50-50 state.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@eileen-nava Thanks. I actually noticed that the logic in PR #10690 was updated via this commit da81567#diff-ffdec6293037a40f4daee9914c58a356de09f502e897c0e73ea4f02c76787c02 so I don't think we would need Micah's PR anymore. I'm tagging @n1zyy to help confirm though.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@KeithNava I have to plead some level of ignorance here. 😇
I wasn't intentionally changing anything relating to skip_doc_auth
in that PR; I just removed it as appearing to be unused. This comment paints some context for the change—we were passing that value into the constructor but didn't seem to ever be using its value in the show
method, so I removed it as dead code. (TBH I don't completely remember why I thought it was unused, but it seems like people agreed with me. I've lost some of this context to time.)
I didn't have Micah's PR in mind when I worked on this. It looks like his change to this file would be unnecessary, but he did also update the HybridHandoffController which I didn't touch, so that likely still needs attention.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I left some comments and will get back to this after retro.
@@ -48,10 +48,10 @@ def self.selected_remote(idv_session:) | |||
if IdentityConfig.store.in_person_proofing_opt_in_enabled && | |||
IdentityConfig.store.in_person_proofing_enabled && | |||
idv_session.service_provider&.in_person_proofing_enabled | |||
idv_session.skip_doc_auth == false | |||
idv_session.skip_doc_auth_from_how_to_verify == false |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I’m concerned that the changes to this method will cause problems during deployment. When I check the 50/50 state docs, it says in the first deploy to read from both fields with new_name || old_name
and then in the second deploy to remove references to the old name.
In one deploy, this change reads from only the new variable name and removes references to the old variable name.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I did some local manual testing of the hybrid handoff page and I think I found an error.
- I started the app running locally on this branch
- I navigated to the hybrid handoff page
- While leaving the hybrid handoff page open in my browser, I killed the app and restarted it running on main
- The hybrid handoff page reloaded (without me clicking anything) and displayed the “how to verify page” which comes before the hybrid handoff page.
I made a screenrecording and uploaded it to our team google drive here.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for this, we were able to somewhat (not consistently) reproduce this so I went ahead and added back the original check. I also created follow up ticket to remove this secondary check once this is deployed.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@KeithNava I again followed the below steps
- I started the app running locally on this branch
- I navigated to the hybrid handoff page
- While leaving the hybrid handoff page open in my browser, I killed the app and restarted it running on main
- The hybrid handoff page reloaded (without me clicking anything) and displayed the “how to verify page” which comes before the hybrid handoff page.
Again, I made a screenrecording and uploaded it to our team google drive as LG-13006Sep2550:50StateBug.mov.
Please let me know if you'd like to pair on this. If you want, we could try these steps on your local setup and see if you encounter the same bug.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks like this is happening because the hybrid_handoff controller (https://github.com/18F/identity-idp/blob/main/app/controllers/idv/hybrid_handoff_controller.rb#L51) is expecting skip_doc_auth
to be set which it wouldn't be when coming from this branch since it's being removed.
I'm not exactly sure how to get around this given our strategy around removing all instances of skip_doc_auth in this PR - Unless we preemptively change the logic to expect either skip_doc_auth
or skip_doc_auth_from_how_to_verify
in this logic. 🤔
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Since you added idv_session.skip_doc_auth_from_how_to_verify == false || idv_session.skip_doc_auth == false
to line 51 of the hybrid_handoff_controller, I wouldn't expect there to be a problem here. The code is following the instruction in 50/50 state documentation about reading from both the old and new field. 🤔
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hi, as I noted in my comment at the top of this thread:
When I check the 50/50 state docs, it says in the first deploy to read from both fields with
new_name || old_name
and then in the second deploy to remove references to the old name.
In one deploy, this change reads from only the new variable name and removes references to the old variable name.
This pattern persisted in the how_to_verify_controller. I modified the how_to_verify_controller to read from both fields with new_name || old_name
. After that change, I no longer see an error when I follow the below steps.
- I started the app running locally on this branch
- I navigated to the hybrid handoff page
- While leaving the hybrid handoff page open in my browser, I killed the app and restarted it running on main. I was able to navigate forwarding in the IPP flow. Success!
I took a screenrecording. Let me know if it would be helpful to see.
Below is a git diff of the change.
diff --git a/app/controllers/idv/how_to_verify_controller.rb b/app/controllers/idv/how_to_verify_controller.rb
index 233d6165d..0cd089dda 100644
--- a/app/controllers/idv/how_to_verify_controller.rb
+++ b/app/controllers/idv/how_to_verify_controller.rb
@@ -34,12 +34,12 @@ module Idv
if result.success?
if how_to_verify_form_params['selection'] == Idv::HowToVerifyForm::REMOTE
idv_session.opted_in_to_in_person_proofing = false
- idv_session.skip_doc_auth_from_how_to_verify = false
+ idv_session.skip_doc_auth_from_how_to_verify = false || idv_session.skip_doc_auth = false
redirect_to idv_hybrid_handoff_url
else
idv_session.opted_in_to_in_person_proofing = true
idv_session.flow_path = 'standard'
- idv_session.skip_doc_auth_from_how_to_verify = true
+ idv_session.skip_doc_auth_from_how_to_verify = true || idv_session.skip_doc_auth = true
redirect_to idv_document_capture_url
end
else
@@ -63,7 +63,7 @@ module Idv
idv_session.service_provider&.in_person_proofing_enabled
end,
undo_step: ->(idv_session:, user:) {
- idv_session.skip_doc_auth_from_how_to_verify = nil
+ idv_session.skip_doc_auth_from_how_to_verify = nil || idv_session.skip_doc_auth = nil
idv_session.opted_in_to_in_person_proofing = nil
},
)
@@ -34,13 +34,12 @@ def update | |||
if result.success? | |||
if how_to_verify_form_params['selection'] == Idv::HowToVerifyForm::REMOTE | |||
idv_session.opted_in_to_in_person_proofing = false | |||
idv_session.skip_doc_auth = false | |||
idv_session.skip_doc_auth_from_handoff = false |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I understand removing idv_session.skip_doc_auth = false
. I'm not sure why idv_session.skip_doc_auth_from_handoff = false
was added here.
959fa81
to
ba7e30a
Compare
72ec6fb
to
462f4bc
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Did some regression testing and things look good to me! 👍🏻
462f4bc
to
c000812
Compare
@KeithNava Your pipeline is failing. It looks like lint and specs need to be fixed. Also, you mentioned that you had some follow up work that could not be complete in the PR. Can you link the tickets in here? Thank you I'd prefer to review this after specs are passing in-case more code changes need to be made. Please reach out in the Joy Channel via Slack when the pipeline is passing so we can give you a review. |
7df9046
to
ef5a198
Compare
🎫 Ticket
Link to the relevant ticket:
LG-13006
🛠 Summary of changes
Removing instances of the old variable
skip_doc_auth
📜 Testing Plan
Since this touches a large portion of the application, I would recommend a full regression for in person enrollment flow.