Deploy RC 333 to Prod

.irbrc

@@ -1,5 +1,3 @@
-IRB.conf[:USE_AUTOCOMPLETE] = false
+require_relative './lib/env_irb_prompt'
 
-on_deployed_box = File.directory?('/srv/idp/releases/')
-
-IRB.conf[:SAVE_HISTORY] = on_deployed_box ? nil : 1000
+EnvIrbPrompt.new.configure!

app/controllers/concerns/idv_step_concern.rb

@@ -134,4 +134,8 @@ def url_for_latest_step
     step_info = flow_policy.info_for_latest_step
     url_for(controller: step_info.controller, action: step_info.action)
   end
+
+  def clear_invalid_steps!
+    flow_policy.undo_steps_from_controller!(controller: self.class)
+  end
 end

app/controllers/idv/agreement_controller.rb

@@ -21,6 +21,7 @@ def show
     end
 
     def update
+      clear_invalid_steps!
       skip_to_capture if params[:skip_hybrid_handoff]
 
       result = Idv::ConsentForm.new.submit(consent_form_params)
@@ -48,6 +49,7 @@ def self.step_info
         controller: controller_name,
         next_steps: [:hybrid_handoff, :document_capture, :phone_question, :how_to_verify],
         preconditions: ->(idv_session:, user:) { idv_session.welcome_visited },
+        undo_step: ->(idv_session:, user:) { idv_session.idv_consent_given = nil },
       )
     end
 

app/controllers/idv/document_capture_controller.rb

@@ -22,6 +22,7 @@ def show
     end
 
     def update
+      clear_invalid_steps!
       idv_session.redo_document_capture = nil # done with this redo
       # Not used in standard flow, here for data consistency with hybrid flow.
       document_capture_session.confirm_ocr
@@ -60,6 +61,10 @@ def self.step_info
         controller: controller_name,
         next_steps: [:success], # [:ssn],
         preconditions: ->(idv_session:, user:) { idv_session.flow_path == 'standard' },
+        undo_step: ->(idv_session:, user:) do
+          idv_session.pii_from_doc = nil
+          idv_session.invalidate_in_person_pii_from_user!
+        end,
       )
     end
 

app/controllers/idv/how_to_verify_controller.rb

@@ -13,6 +13,7 @@ def show
     end
 
     def update
+      clear_invalid_steps!
       result = Idv::HowToVerifyForm.new.submit(how_to_verify_form_params)
 
       analytics.idv_doc_auth_how_to_verify_submitted(
@@ -39,6 +40,7 @@ def self.step_info
         preconditions: ->(idv_session:, user:) do
           self.enabled?
         end,
+        undo_step: ->(idv_session:, user:) {}, # clear any saved data
       )
     end
 

app/controllers/idv/hybrid_handoff_controller.rb

@@ -24,6 +24,7 @@ def show
     end
 
     def update
+      clear_invalid_steps!
       irs_attempts_api_tracker.idv_document_upload_method_selected(
         upload_method: params[:type],
       )
@@ -41,6 +42,7 @@ def self.step_info
         controller: controller_name,
         next_steps: [:link_sent, :document_capture],
         preconditions: ->(idv_session:, user:) { idv_session.idv_consent_given },
+        undo_step: ->(idv_session:, user:) { idv_session.flow_path = nil },
       )
     end
 

app/controllers/idv/in_person/address_controller.rb

@@ -5,14 +5,34 @@ class AddressController < ApplicationController
 
       before_action :render_404_if_in_person_residential_address_controller_enabled_not_set
       before_action :confirm_in_person_state_id_step_complete
-      before_action :confirm_in_person_address_step_needed
+      before_action :confirm_in_person_address_step_needed, only: :show
 
       def show
         analytics.idv_in_person_proofing_address_visited(**analytics_arguments)
 
         render :show, locals: extra_view_variables
       end
 
+      def update
+        attrs = Idv::InPerson::AddressForm::ATTRIBUTES.difference([:same_address_as_id])
+        pii_from_user[:same_address_as_id] = 'false' if updating_address?
+        form_result = form.submit(flow_params)
+
+        analytics.idv_in_person_proofing_residential_address_submitted(
+          **analytics_arguments.merge(**form_result.to_h),
+        )
+
+        if form_result.success?
+          attrs.each do |attr|
+            pii_from_user[attr] = flow_params[attr]
+          end
+          flow_session['Idv::Steps::InPerson::AddressStep'] = true
+          redirect_to_next_page
+        else
+          render :show, locals: extra_view_variables
+        end
+      end
+
       def extra_view_variables
         {
           form:,
@@ -47,19 +67,23 @@ def flow_params
         )
       end
 
-      def form_submit
-        form.submit(flow_params)
-      end
-
       def analytics_arguments
         {
-          flow_path: flow_path,
+          flow_path: idv_session.flow_path,
           step: 'address',
           analytics_id: 'In Person Proofing',
           irs_reproofing: irs_reproofing?,
         }
       end
 
+      def redirect_to_next_page
+        if updating_address?
+          redirect_to idv_in_person_verify_info_url
+        else
+          redirect_to idv_in_person_ssn_url
+        end
+      end
+
       def render_404_if_in_person_residential_address_controller_enabled_not_set
         render_not_found unless
             IdentityConfig.store.in_person_residential_address_controller_enabled
@@ -73,6 +97,7 @@ def confirm_in_person_state_id_step_complete
       def confirm_in_person_address_step_needed
         return if pii_from_user && pii_from_user[:same_address_as_id] == 'false' &&
                   !pii_from_user.has_key?(:address1)
+        return if request.referer == idv_in_person_verify_info_url
         redirect_to idv_in_person_ssn_url
       end
     end

app/controllers/idv/in_person/ssn_controller.rb

@@ -12,25 +12,36 @@ class SsnController < ApplicationController
       before_action :confirm_repeat_ssn, only: :show
       before_action :override_csp_for_threat_metrix
 
+      attr_reader :ssn_presenter
+
       # Keep this code in sync with Idv::SsnController
 
       def show
-        @step_indicator_steps = step_indicator_steps
-        @ssn_form = Idv::SsnFormatForm.new(idv_session.ssn)
+        @ssn_presenter = Idv::SsnPresenter.new(
+          sp_name: decorated_sp_session.sp_name,
+          ssn_form: Idv::SsnFormatForm.new(idv_session.ssn),
+          step_indicator_steps: step_indicator_steps,
+        )
 
-        analytics.idv_doc_auth_redo_ssn_submitted(**analytics_arguments) if @ssn_form.updating_ssn?
+        if ssn_presenter.updating_ssn?
+          analytics.idv_doc_auth_redo_ssn_submitted(**analytics_arguments)
+        end
         analytics.idv_doc_auth_ssn_visited(**analytics_arguments)
 
         Funnel::DocAuth::RegisterStep.new(current_user.id, sp_session[:issuer]).
           call('ssn', :view, true)
 
-        render 'idv/shared/ssn', locals: threatmetrix_view_variables
+        render 'idv/shared/ssn', locals: threatmetrix_view_variables(ssn_presenter.updating_ssn?)
       end
 
       def update
-        @ssn_form = Idv::SsnFormatForm.new(idv_session.ssn)
-        form_response = @ssn_form.submit(params.require(:doc_auth).permit(:ssn))
-
+        ssn_form = Idv::SsnFormatForm.new(idv_session.ssn)
+        form_response = ssn_form.submit(params.require(:doc_auth).permit(:ssn))
+        @ssn_presenter = Idv::SsnPresenter.new(
+          sp_name: decorated_sp_session.sp_name,
+          ssn_form: ssn_form,
+          step_indicator_steps: step_indicator_steps,
+        )
         analytics.idv_doc_auth_ssn_submitted(
           **analytics_arguments.merge(form_response.to_h),
         )
@@ -45,8 +56,7 @@ def update
           redirect_to next_url
         else
           flash[:error] = form_response.first_error_message
-          @step_indicator_steps = step_indicator_steps
-          render 'idv/shared/ssn', locals: threatmetrix_view_variables
+          render 'idv/shared/ssn', locals: threatmetrix_view_variables(ssn_presenter.updating_ssn?)
         end
       end
 

app/controllers/idv/in_person/verify_info_controller.rb

@@ -62,7 +62,7 @@ def flow_session
 
       def analytics_arguments
         {
-          flow_path: flow_session[:flow_path],
+          flow_path: idv_session.flow_path,
           step: 'verify',
           analytics_id: 'In Person Proofing',
           irs_reproofing: irs_reproofing?,

app/controllers/idv/link_sent_controller.rb

@@ -20,6 +20,7 @@ def show
     end
 
     def update
+      clear_invalid_steps!
       analytics.idv_doc_auth_link_sent_submitted(**analytics_arguments)
 
       return render_document_capture_cancelled if document_capture_session&.cancelled_at
@@ -46,6 +47,10 @@ def self.step_info
         controller: controller_name,
         next_steps: [:success], # [:ssn],
         preconditions: ->(idv_session:, user:) { idv_session.flow_path == 'hybrid' },
+        undo_step: ->(idv_session:, user:) do
+          idv_session.pii_from_doc = nil
+          idv_session.invalidate_in_person_pii_from_user!
+        end,
       )
     end
 

app/controllers/idv/personal_key_controller.rb

@@ -30,7 +30,9 @@ def update
         fraud_review_pending: fraud_review_pending?,
         fraud_rejection: fraud_rejection?,
       )
-      idv_session.personal_key = nil
+
+      idv_session.acknowledge_personal_key!
+
       redirect_to next_step
     end
 

app/controllers/idv/phone_question_controller.rb

@@ -16,13 +16,15 @@ def show
     end
 
     def phone_with_camera
+      clear_invalid_steps!
       idv_session.phone_with_camera = true
       analytics.idv_doc_auth_phone_question_submitted(**analytics_arguments)
 
       redirect_to idv_hybrid_handoff_url
     end
 
     def phone_without_camera
+      clear_invalid_steps!
       idv_session.flow_path = 'standard'
       idv_session.phone_with_camera = false
       analytics.idv_doc_auth_phone_question_submitted(**analytics_arguments)
@@ -39,6 +41,7 @@ def self.step_info
           AbTests::IDV_PHONE_QUESTION.bucket(user.uuid) == :show_phone_question &&
             idv_session.idv_consent_given
         end,
+        undo_step: ->(idv_session:, user:) { idv_session.phone_with_camera = nil },
       )
     end
 

app/controllers/idv/ssn_controller.rb

@@ -11,25 +11,36 @@ class SsnController < ApplicationController
     before_action :confirm_repeat_ssn, only: :show
     before_action :override_csp_for_threat_metrix
 
+    attr_reader :ssn_presenter
+
     # Keep this code in sync with Idv::InPerson::SsnController
 
     def show
-      @step_indicator_steps = step_indicator_steps
-      @ssn_form = Idv::SsnFormatForm.new(idv_session.ssn)
+      @ssn_presenter = Idv::SsnPresenter.new(
+        sp_name: decorated_sp_session.sp_name,
+        ssn_form: Idv::SsnFormatForm.new(idv_session.ssn),
+        step_indicator_steps: step_indicator_steps,
+      )
 
-      analytics.idv_doc_auth_redo_ssn_submitted(**analytics_arguments) if @ssn_form.updating_ssn?
+      if ssn_presenter.updating_ssn?
+        analytics.idv_doc_auth_redo_ssn_submitted(**analytics_arguments)
+      end
       analytics.idv_doc_auth_ssn_visited(**analytics_arguments)
 
       Funnel::DocAuth::RegisterStep.new(current_user.id, sp_session[:issuer]).
         call('ssn', :view, true)
 
-      render 'idv/shared/ssn', locals: threatmetrix_view_variables
+      render 'idv/shared/ssn', locals: threatmetrix_view_variables(ssn_presenter.updating_ssn?)
     end
 
     def update
-      @ssn_form = Idv::SsnFormatForm.new(idv_session.ssn)
-      form_response = @ssn_form.submit(params.require(:doc_auth).permit(:ssn))
-
+      ssn_form = Idv::SsnFormatForm.new(idv_session.ssn)
+      form_response = ssn_form.submit(params.require(:doc_auth).permit(:ssn))
+      @ssn_presenter = Idv::SsnPresenter.new(
+        sp_name: decorated_sp_session.sp_name,
+        ssn_form: ssn_form,
+        step_indicator_steps: step_indicator_steps,
+      )
       analytics.idv_doc_auth_ssn_submitted(
         **analytics_arguments.merge(form_response.to_h),
       )
@@ -43,8 +54,7 @@ def update
         redirect_to next_url
       else
         flash[:error] = form_response.first_error_message
-        @step_indicator_steps = step_indicator_steps
-        render 'idv/shared/ssn', locals: threatmetrix_view_variables
+        render 'idv/shared/ssn', locals: threatmetrix_view_variables(ssn_presenter.updating_ssn?)
       end
     end
 
@@ -58,7 +68,7 @@ def confirm_repeat_ssn
     end
 
     def next_url
-      if idv_session.pii_from_doc[:state] == 'PR' && !@ssn_form.updating_ssn?
+      if idv_session.pii_from_doc[:state] == 'PR' && !ssn_presenter.updating_ssn?
         idv_address_url
       else
         idv_verify_info_url

app/controllers/idv/welcome_controller.rb

@@ -23,6 +23,7 @@ def show
     end
 
     def update
+      clear_invalid_steps!
       analytics.idv_doc_auth_welcome_submitted(**analytics_arguments)
 
       create_document_capture_session
@@ -39,6 +40,7 @@ def self.step_info
         controller: controller_name,
         next_steps: [:agreement],
         preconditions: ->(idv_session:, user:) { true },
+        undo_step: ->(idv_session:, user:) { idv_session.welcome_visited = nil },
       )
     end
 

app/controllers/idv_controller.rb

@@ -21,6 +21,11 @@ def index
   end
 
   def activated
+    if idv_session.personal_key.present?
+      redirect_to idv_personal_key_url
+      return
+    end
+
     redirect_to idv_url unless active_profile?
     idv_session.clear
   end

app/controllers/sign_up/completions_controller.rb

@@ -99,7 +99,8 @@ def track_completion_event(last_page)
     end
 
     def pii
-      Pii::Cacher.new(current_user, user_session).fetch || Pii::Attributes.new
+      Pii::Cacher.new(current_user, user_session).fetch(current_user.active_profile&.id) ||
+        Pii::Attributes.new
     end
 
     def send_in_person_completion_survey

app/javascript/packages/document-capture/components/document-capture-not-ready.tsx

@@ -14,13 +14,13 @@ export interface DocumentCaptureNotReadyProps {
 function DocumentCaptureNotReady({ navigate }: DocumentCaptureNotReadyProps) {
   const { t } = useI18n();
   const { trackEvent } = useContext(AnalyticsContext);
-  const { currentStep } = useContext(FlowContext);
+  const { currentStep, accountURL } = useContext(FlowContext);
   const { name: spName, failureToProofURL } = useContext(ServiceProviderContext);
   const appName = getConfigValue('appName');
   const handleExit = () => {
     trackEvent('IdV: docauth not ready link clicked');
     forceRedirect(
-      addSearchParams(spName ? failureToProofURL : '/account', {
+      addSearchParams(spName ? failureToProofURL : accountURL, {
         step: currentStep,
         location: 'not_ready',
       }),