LG-15321: relax vendor redirect in test mode

app/controllers/concerns/idv/document_capture_concern.rb

@@ -59,6 +59,8 @@ def selfie_requirement_met?
     end
 
     def redirect_to_correct_vendor(vendor, in_hybrid_mobile)
+      return if IdentityConfig.store.doc_auth_redirect_to_correct_vendor_disabled
+
       expected_doc_auth_vendor = doc_auth_vendor
       return if vendor == expected_doc_auth_vendor
       return if vendor == Idp::Constants::Vendors::LEXIS_NEXIS &&

config/application.yml.default

@@ -107,6 +107,7 @@ doc_auth_max_attempts: 5
 doc_auth_max_capture_attempts_before_native_camera: 3
 doc_auth_max_submission_attempts_before_native_camera: 3
 doc_auth_read_additional_pii_attributes_enabled: false
+doc_auth_redirect_to_correct_vendor_disabled: false
 doc_auth_selfie_desktop_test_mode: false
 doc_auth_socure_wait_polling_refresh_max_seconds: 15
 doc_auth_socure_wait_polling_timeout_minutes: 2

lib/identity_config.rb

@@ -118,6 +118,7 @@ def self.store
     config.add(:doc_auth_check_failed_image_resubmission_enabled, type: :boolean)
     config.add(:doc_auth_client_glare_threshold, type: :integer)
     config.add(:doc_auth_client_sharpness_threshold, type: :integer)
+    config.add(:doc_auth_redirect_to_correct_vendor_disabled, type: :boolean)
     config.add(:doc_auth_error_dpi_threshold, type: :integer)
     config.add(:doc_auth_error_glare_threshold, type: :integer)
     config.add(:doc_auth_error_sharpness_threshold, type: :integer)

spec/controllers/idv/document_capture_controller_spec.rb

@@ -20,6 +20,7 @@
   # selfie related test flags
   let(:sp_selfie_enabled) { false }
   let(:flow_path) { 'standard' }
+  let(:doc_auth_selfie_desktop_test_mode) { false }
 
   before do
     stub_sign_in(user)
@@ -41,6 +42,9 @@
     allow(IdentityConfig.store).to receive(:doc_auth_vendor_default).and_return(
       Idp::Constants::Vendors::LEXIS_NEXIS,
     )
+
+    allow(IdentityConfig.store).to receive(:doc_auth_selfie_desktop_test_mode)
+      .and_return(doc_auth_selfie_desktop_test_mode)
   end
 
   describe '#step_info' do
@@ -64,11 +68,6 @@
       describe 'with sp selfie enabled' do
         let(:sp_selfie_enabled) { true }
 
-        before do
-          allow(IdentityConfig.store).to receive(:doc_auth_selfie_desktop_test_mode)
-            .and_return(false)
-        end
-
         it 'does satisfy precondition' do
           expect(Idv::DocumentCaptureController.step_info.preconditions.is_a?(Proc))
           expect(subject).not_to receive(:render).with(:show, locals: an_instance_of(Hash))
@@ -172,6 +171,19 @@
 
         expect(response).to redirect_to idv_socure_document_capture_url
       end
+
+      context 'when redirect to correct vendor is disabled' do
+        before do
+          allow(IdentityConfig.store)
+            .to receive(:doc_auth_redirect_to_correct_vendor_disabled).and_return(true)
+        end
+
+        it 'redirects to the Socure controller' do
+          get :show
+
+          expect(response).to render_template :show
+        end
+      end
     end
 
     context 'socure is the default vendor but facial match is required' do
@@ -193,13 +205,8 @@
 
     context 'when a selfie is requested' do
       let(:sp_selfie_enabled) { true }
-      let(:desktop_selfie_enabled) { false }
-      before do
-        allow(IdentityConfig.store).to receive(:doc_auth_selfie_desktop_test_mode)
-          .and_return(desktop_selfie_enabled)
-      end
+
       describe 'when desktop selfie disabled' do
-        let(:desktop_selfie_enabled) { false }
         it 'redirect back to handoff page' do
           expect(subject).not_to receive(:render).with(
             :show,
@@ -216,7 +223,7 @@
       end
 
       describe 'when desktop selfie enabled' do
-        let(:desktop_selfie_enabled) { true }
+        let(:doc_auth_selfie_desktop_test_mode) { true }
         it 'allows capture' do
           expect(subject).to receive(:render).with(
             :show,
@@ -321,7 +328,6 @@
       let(:sp_selfie_enabled) { true }
 
       before do
-        allow(IdentityConfig.store).to receive(:doc_auth_selfie_desktop_test_mode).and_return(false)
         allow(Idv::InPersonConfig).to receive(:enabled_for_issuer?).with(anything).and_return(false)
       end
 

spec/controllers/idv/hybrid_mobile/document_capture_controller_spec.rb

@@ -67,6 +67,19 @@
 
           expect(response).to redirect_to idv_hybrid_mobile_socure_document_capture_url
         end
+
+        context 'when redirect to correct vendor is disabled' do
+          before do
+            allow(IdentityConfig.store)
+              .to receive(:doc_auth_redirect_to_correct_vendor_disabled).and_return(true)
+          end
+
+          it 'allows the user to use this controller' do
+            get :show
+
+            expect(response).to render_template :show
+          end
+        end
       end
 
       it 'renders the show template' do

spec/controllers/idv/hybrid_mobile/socure/document_capture_controller_spec.rb

@@ -211,6 +211,30 @@
           expect(document_capture_session.socure_docv_transaction_token)
             .to eq(docv_transaction_token)
         end
+
+        context 'when we try to use this controller but we should be using the LN/mock version' do
+          let(:idv_vendor) { Idp::Constants::Vendors::LEXIS_NEXIS }
+
+          it 'redirects to the LN/Mock controller' do
+            get :show
+
+            expect(response).to redirect_to(idv_hybrid_mobile_document_capture_url)
+          end
+
+          context 'when redirect to correct vendor is disabled' do
+            before do
+              allow(IdentityConfig.store)
+                .to receive(:doc_auth_redirect_to_correct_vendor_disabled).and_return(true)
+            end
+
+            it 'renders to the Socure controller' do
+              get :show
+
+              expect(response).to have_http_status 200
+              expect(response.body).to have_link(href: socure_capture_app_url)
+            end
+          end
+        end
       end
     end
 

spec/controllers/idv/socure/document_capture_controller_spec.rb

@@ -39,7 +39,6 @@
     allow(IdentityConfig.store).to receive(:doc_auth_vendor_switching_enabled)
       .and_return(vendor_switching_enabled)
     allow_any_instance_of(ApplicationController).to receive(:current_user).and_return(user)
-
     allow(subject).to receive(:stored_result).and_return(stored_result)
 
     user_session = {}
@@ -98,6 +97,28 @@
           get :show
           expect(response).to redirect_to idv_document_capture_url
         end
+
+        context 'when redirect to correct vendor is disabled' do
+          let(:socure_capture_app_url) { 'https://verify.socure.test/' }
+          let(:response_body) do
+            {
+              data: {
+                docvTransactionToken: SecureRandom.hex(6),
+                url: socure_capture_app_url,
+              },
+            }
+          end
+          before do
+            allow(IdentityConfig.store)
+              .to receive(:doc_auth_redirect_to_correct_vendor_disabled).and_return(true)
+          end
+
+          it 'redirects to the Socure controller' do
+            get :show
+
+            expect(response).to have_http_status 200
+          end
+        end
       end
 
       context 'when facial match is required' do

spec/features/idv/doc_auth/document_capture_spec.rb

@@ -96,11 +96,21 @@
       expect(page).to have_content(I18n.t('doc_auth.errors.general.network_error'))
     end
 
-    it 'does not track state if state tracking is disabled' do
-      allow(IdentityConfig.store).to receive(:state_tracking_enabled).and_return(false)
-      attach_and_submit_images
+    context 'state tracking is disabled' do
+      before do
+        allow(IdentityConfig.store).to receive(:state_tracking_enabled).and_return(false)
+        allow(IdentityConfig.store).to receive(:socure_docv_enabled).and_return(true)
+      end
+      it 'does not track state' do
+        # Confirm that we end up on the LN / Mock page even if we try to
+        # go to the Socure one.
+        visit idv_socure_document_capture_url
+        expect(page).to have_current_path(idv_document_capture_url)
 
-      expect(DocAuthLog.find_by(user_id: @user.id).state).to be_nil
+        attach_and_submit_images
+
+        expect(DocAuthLog.find_by(user_id: @user.id).state).to be_nil
+      end
     end
   end
 

spec/features/idv/doc_auth/socure_document_capture_spec.rb

@@ -293,6 +293,11 @@
           docv_transaction_token: @docv_transaction_token,
         )
 
+        # Confirm that we end up on the Socure page even if we try to
+        # go to the LN / Mock one.
+        visit idv_document_capture_url
+        expect(page).to have_current_path(idv_socure_document_capture_url)
+
         visit idv_socure_document_capture_update_path
         expect(DocAuthLog.find_by(user_id: @user.id).state).to be_nil
       end

spec/features/idv/hybrid_mobile/hybrid_socure_mobile_spec.rb

@@ -68,9 +68,9 @@
         visit idv_link_sent_url
         expect(page).to have_current_path(root_url)
 
-        # Confirm that we end up on the LN / Mock page even if we try to
-        # go to the Socure one.
-        visit idv_hybrid_mobile_socure_document_capture_url
+        # Confirm that we end up on the Socure page even if we try to
+        # go to the LN / Mock one.
+        visit idv_hybrid_mobile_document_capture_url
         expect(page).to have_current_path(idv_hybrid_mobile_socure_document_capture_url)
 
         # Confirm that clicking cancel and then coming back doesn't cause errors
@@ -459,56 +459,48 @@
   end
 
   context 'with a network error requesting the capture app url' do
-    before do
-      allow_any_instance_of(Faraday::Connection).to receive(:post)
-        .and_raise(Faraday::ConnectionFailed)
-    end
-
-    it 'shows the network error page on the phone and the link sent page on the desktop',
-       js: true do
-      user = nil
+    shared_examples 'document request API failure' do
+      it 'shows the network error page on the phone and the link sent page on the desktop',
+         js: true do
+        perform_in_browser(:desktop) do
+          visit_idp_from_sp_with_ial2(sp)
+          sign_up_and_2fa_ial1_user
 
-      perform_in_browser(:desktop) do
-        visit_idp_from_sp_with_ial2(sp)
-        user = sign_up_and_2fa_ial1_user
+          complete_doc_auth_steps_before_hybrid_handoff_step
+          clear_and_fill_in(:doc_auth_phone, phone_number)
+          click_send_link
+        end
 
-        complete_doc_auth_steps_before_hybrid_handoff_step
-        clear_and_fill_in(:doc_auth_phone, phone_number)
-        click_send_link
-      end
+        perform_in_browser(:mobile) do
+          visit @sms_link
 
-      perform_in_browser(:mobile) do
-        visit @sms_link
+          expect(page).to have_text(t('doc_auth.headers.general.network_error'))
+          expect(page).to have_text(t('doc_auth.errors.general.new_network_error'))
+          expect(@analytics).to have_logged_event(:idv_socure_document_request_submitted)
+        end
 
-        expect(page).to have_text(t('doc_auth.headers.general.network_error'))
-        expect(page).to have_text(t('doc_auth.errors.general.new_network_error'))
-        expect(@analytics).to have_logged_event(:idv_socure_document_request_submitted)
+        perform_in_browser(:desktop) do
+          expect(page).to have_current_path(idv_link_sent_path)
+        end
       end
+    end
 
-      perform_in_browser(:desktop) do
-        expect(page).to have_current_path(idv_link_sent_path)
+    context 'Faraday connection error' do
+      before do
+        allow_any_instance_of(Faraday::Connection).to receive(:post)
+          .and_raise(Faraday::ConnectionFailed)
       end
+
+      it_behaves_like 'document request API failure'
     end
-  end
 
-  context 'invalid request', allow_browser_log: true do
-    context 'getting the capture path w wrong api key' do
+    context 'invalid request (ie: wrong api key)', allow_browser_log: true do
       before do
-        user = user_with_2fa
-        visit_idp_from_oidc_sp_with_ial2
-        sign_in_and_2fa_user(user)
-        complete_doc_auth_steps_before_document_capture_step
-        click_idv_continue
         DocAuth::Mock::DocAuthMockClient.reset!
         stub_docv_document_request(status: 401)
       end
 
-      it 'correctly logs event', js: true do
-        visit idv_socure_document_capture_path
-        expect(@analytics).to have_logged_event(
-          :idv_socure_document_request_submitted,
-        )
-      end
+      it_behaves_like 'document request API failure'
     end
   end
 end