From 0ad494b052be19cfebf7ed173e645277267ac858 Mon Sep 17 00:00:00 2001 From: Lauren George Date: Wed, 11 Dec 2024 15:18:18 -0500 Subject: [PATCH 01/19] Use leading dot operators (#11623) * Use leading dot operators **Why** * Leading dots are the de facto style for chained methods in many programming languages, including the ones Ruby drew inspiration from * Leading dots make it clear that the next line is part of the previous code call. * RuboCop's default is leading dot style and has been since the cop was added in 2017. * Leading dot-operators have been supported in Ruby since 1.9 * IRB has supported pasting multiline code with leading dot operators since 2021 [skip changelog] --- .rubocop.yml | 2 +- app/components/flash_component.rb | 10 +- ...anageable_authenticator_component.html.erb | 8 +- app/components/phone_input_component.rb | 8 +- .../accounts/personal_keys_controller.rb | 8 +- .../concerns/idv/document_capture_concern.rb | 12 +- .../concerns/idv/verify_info_concern.rb | 4 +- .../recommend_webauthn_platform_concern.rb | 5 +- .../concerns/saml_idp_auth_concern.rb | 6 +- .../concerns/saml_idp_logout_concern.rb | 5 +- app/controllers/events_controller.rb | 6 +- .../idv/by_mail/enter_code_controller.rb | 14 +- .../idv/by_mail/request_letter_controller.rb | 8 +- .../idv/by_mail/resend_letter_controller.rb | 4 +- .../idv/cancellations_controller.rb | 4 +- .../idv/document_capture_controller.rb | 8 +- .../idv/enter_password_controller.rb | 8 +- .../capture_complete_controller.rb | 4 +- .../document_capture_controller.rb | 8 +- .../socure/document_capture_controller.rb | 4 +- .../idv/in_person/address_controller.rb | 4 +- .../idv/in_person/ssn_controller.rb | 8 +- .../idv/in_person/state_id_controller.rb | 4 +- .../idv/in_person/verify_info_controller.rb | 8 +- app/controllers/idv/link_sent_controller.rb | 4 +- app/controllers/idv/phone_controller.rb | 8 +- app/controllers/idv/sessions_controller.rb | 4 +- .../idv/socure/document_capture_controller.rb | 8 +- app/controllers/idv/ssn_controller.rb | 4 +- app/controllers/idv/verify_info_controller.rb | 4 +- app/controllers/idv/welcome_controller.rb | 8 +- .../authorization_controller.rb | 4 +- app/controllers/robots_controller.rb | 6 +- .../sign_up/completions_controller.rb | 4 +- .../otp_verification_controller.rb | 4 +- .../sms_opt_in_controller.rb | 4 +- .../webauthn_verification_controller.rb | 10 +- app/controllers/users/delete_controller.rb | 4 +- .../users/email_confirmations_controller.rb | 4 +- app/controllers/users/emails_controller.rb | 4 +- .../users/reset_passwords_controller.rb | 4 +- app/forms/add_user_email_form.rb | 4 +- app/forms/backup_code_verification_form.rb | 4 +- app/forms/gpo_verify_form.rb | 5 +- app/forms/idv/api_image_upload_form.rb | 34 +- app/forms/idv/phone_form.rb | 6 +- app/forms/openid_connect_logout_form.rb | 6 +- app/forms/openid_connect_token_form.rb | 5 +- app/forms/phone_recaptcha_form.rb | 8 +- app/forms/register_user_email_form.rb | 8 +- app/forms/webauthn_setup_form.rb | 8 +- .../daily_sensitive_column_job.rb | 6 +- app/jobs/get_usps_proofing_results_job.rb | 36 +- app/jobs/gpo_expiration_job.rb | 18 +- app/jobs/gpo_reminder_job.rb | 4 +- .../enrollment_pipeline.rb | 14 +- .../send_proofing_notification_job.rb | 20 +- .../combined_invoice_supplement_report_v2.rb | 10 +- app/jobs/reports/daily_auths_report.rb | 4 +- app/jobs/reports/daily_dropoffs_report.rb | 4 +- .../reports/daily_registrations_report.rb | 10 +- app/jobs/reports/duplicate_ssn_report.rb | 30 +- app/models/backup_code_configuration.rb | 10 +- app/models/gpo_confirmation.rb | 10 +- app/models/in_person_enrollment.rb | 24 +- app/models/phone_configuration.rb | 8 +- app/models/service_provider.rb | 6 +- app/models/user.rb | 35 +- app/models/webauthn_configuration.rb | 4 +- app/policies/idv/gpo_verify_by_mail_policy.rb | 4 +- .../idv/by_mail/letter_enqueued_presenter.rb | 4 +- .../generic_delivery_presenter.rb | 4 +- .../two_factor_options_presenter.rb | 6 +- app/services/account_reset/cancel.rb | 4 +- app/services/account_reset/create_request.rb | 4 +- app/services/account_reset/delete_account.rb | 4 +- .../grant_requests_and_send_emails.rb | 4 +- .../account_reset/pending_request_for_user.rb | 4 +- app/services/auth_methods_session.rb | 6 +- app/services/calendar_service.rb | 44 +- app/services/create_new_device_alert.rb | 4 +- app/services/doc_auth/mock/result_response.rb | 6 +- .../processed_alert_to_log_alert_formatter.rb | 8 +- .../socure/requests/docv_result_request.rb | 4 +- app/services/email_normalizer.rb | 4 +- app/services/flow/flow_state_machine.rb | 4 +- app/services/frontend_logger.rb | 8 +- app/services/gpo_reminder_sender.rb | 8 +- app/services/iaa_reporting_helper.rb | 12 +- app/services/id_token_builder.rb | 8 +- app/services/idv/analytics_events_enhancer.rb | 14 +- .../idv/in_person/completion_survey_sender.rb | 4 +- app/services/pii/attributes.rb | 6 +- app/services/proofing/aamva/proofer.rb | 16 +- .../resolution/plugins/aamva_plugin.rb | 8 +- .../plugins/state_id_address_plugin.rb | 4 +- .../proofing/resolution/result_adjudicator.rb | 8 +- .../proofing/socure/id_plus/response.rb | 4 +- app/services/push_notification/http_push.rb | 8 +- app/services/random_phrase.rb | 6 +- app/services/rate_limiter.rb | 4 +- .../reporting/account_deletion_rate_report.rb | 8 +- .../reporting/account_reuse_report.rb | 5 +- .../reporting/active_users_count_report.rb | 8 +- .../reporting/agency_and_sp_report.rb | 24 +- app/services/reset_user_password.rb | 8 +- app/services/send_add_email_confirmation.rb | 10 +- .../alert_user_about_account_rejected.rb | 6 +- .../alert_user_about_password_change.rb | 4 +- .../enrollment_helper.rb | 28 +- app/services/uuid_reporter.rb | 28 +- .../service_provider_inactive/index.html.erb | 4 +- config/initializers/devise.rb | 4 +- lib/action_account.rb | 4 +- lib/analytics_events_documenter.rb | 4 +- lib/data_pull.rb | 14 +- lib/makefile_help_parser.rb | 6 +- lib/pinpoint_supported_countries.rb | 16 +- lib/pwned_password_downloader.rb | 12 +- lib/query_tracker.rb | 4 +- lib/reporting/fraud_metrics_lg99_report.rb | 6 +- lib/reporting/protocols_report.rb | 28 +- .../remove_verified_at_for_non_verified.rake | 4 +- scripts/changelog_check.rb | 30 +- spec/bin/oncall/email-deliveries_spec.rb | 12 +- spec/bin/query-cloudwatch_spec.rb | 4 +- .../captcha_submit_button_component_spec.rb | 4 +- spec/components/icon_component_spec.rb | 8 +- .../password_confirmation_component_spec.rb | 6 +- .../previews/tooltip_component_preview.rb | 6 +- spec/config/initializers/ab_tests_spec.rb | 40 +- spec/config/initializers/ahoy_spec.rb | 4 +- .../initializers/job_configurations_spec.rb | 4 +- .../initializers/secure_headers_spec.rb | 4 +- .../account_reset/cancel_controller_spec.rb | 4 +- .../account_reset/pending_controller_spec.rb | 16 +- .../account_reset/request_controller_spec.rb | 16 +- .../selected_email_controller_spec.rb | 8 +- .../accounts/personal_keys_controller_spec.rb | 4 +- .../auth_app_controller_spec.rb | 4 +- .../piv_cac_controller_spec.rb | 4 +- .../webauthn_controller_spec.rb | 4 +- .../application_controller_spec.rb | 16 +- .../concerns/account_reset_concern_spec.rb | 16 +- .../concerns/billable_event_trackable_spec.rb | 8 +- .../idv/ab_test_analytics_concern_spec.rb | 12 +- .../concerns/idv/acuant_concern_spec.rb | 16 +- .../concerns/mfa_setup_concern_spec.rb | 6 +- ...ecommend_webauthn_platform_concern_spec.rb | 24 +- .../second_mfa_reminder_concern_spec.rb | 4 +- .../concerns/threat_metrix_concern_spec.rb | 4 +- ...two_factor_authenticatable_methods_spec.rb | 4 +- spec/controllers/fake_s3_controller_spec.rb | 4 +- .../frontend_log_controller_spec.rb | 12 +- .../health/database_controller_spec.rb | 4 +- .../health/health_controller_spec.rb | 16 +- .../health/outbound_controller_spec.rb | 4 +- ...nt_verified_cta_visited_controller_spec.rb | 4 +- .../idv/by_mail/enter_code_controller_spec.rb | 28 +- .../letter_enqueued_controller_spec.rb | 4 +- .../by_mail/request_letter_controller_spec.rb | 8 +- .../by_mail/resend_letter_controller_spec.rb | 6 +- .../idv/document_capture_controller_spec.rb | 24 +- .../idv/enter_password_controller_spec.rb | 32 +- .../idv/hybrid_handoff_controller_spec.rb | 16 +- .../capture_complete_controller_spec.rb | 4 +- .../document_capture_controller_spec.rb | 4 +- .../hybrid_mobile/entry_controller_spec.rb | 16 +- .../document_capture_controller_spec.rb | 64 +-- .../idv/image_uploads_controller_spec.rb | 20 +- .../idv/in_person/address_controller_spec.rb | 12 +- .../ready_to_verify_controller_spec.rb | 16 +- .../idv/in_person/ssn_controller_spec.rb | 4 +- .../idv/in_person/state_id_controller_spec.rb | 4 +- .../usps_locations_controller_spec.rb | 12 +- .../in_person/verify_info_controller_spec.rb | 12 +- .../idv/in_person_controller_spec.rb | 8 +- .../idv/link_sent_controller_spec.rb | 4 +- .../idv/otp_verification_controller_spec.rb | 12 +- spec/controllers/idv/phone_controller_spec.rb | 8 +- .../idv/please_call_controller_spec.rb | 24 +- .../document_capture_controller_spec.rb | 64 +-- spec/controllers/idv/ssn_controller_spec.rb | 12 +- .../idv/verify_info_controller_spec.rb | 5 +- .../idv/welcome_controller_spec.rb | 4 +- .../authorization_controller_spec.rb | 376 +++++++++--------- .../openid_connect/logout_controller_spec.rb | 160 ++++---- .../user_info_controller_spec.rb | 4 +- .../risc/security_events_controller_spec.rb | 8 +- spec/controllers/saml_idp_controller_spec.rb | 64 +-- .../service_provider_controller_spec.rb | 4 +- spec/controllers/sign_out_controller_spec.rb | 4 +- .../sign_up/cancellations_controller_spec.rb | 4 +- .../sign_up/completions_controller_spec.rb | 8 +- .../email_confirmations_controller_spec.rb | 8 +- .../sign_up/registrations_controller_spec.rb | 20 +- .../sign_up/select_email_controller_spec.rb | 8 +- .../socure_webhook_controller_spec.rb | 24 +- .../test/device_profiling_controller_spec.rb | 8 +- ...ackup_code_verification_controller_spec.rb | 10 +- .../otp_verification_controller_spec.rb | 56 +-- ...rsonal_key_verification_controller_spec.rb | 26 +- .../piv_cac_verification_controller_spec.rb | 10 +- .../sms_opt_in_controller_spec.rb | 8 +- .../totp_verification_controller_spec.rb | 18 +- .../webauthn_verification_controller_spec.rb | 10 +- .../backup_code_setup_controller_spec.rb | 4 +- .../users/edit_phone_controller_spec.rb | 4 +- .../email_confirmations_controller_spec.rb | 12 +- .../users/email_language_controller_spec.rb | 6 +- .../users/emails_controller_spec.rb | 8 +- .../forget_all_browsers_controller_spec.rb | 6 +- .../users/personal_keys_controller_spec.rb | 4 +- .../users/phone_setup_controller_spec.rb | 4 +- .../users/piv_cac_login_controller_spec.rb | 4 +- .../users/reset_passwords_controller_spec.rb | 26 +- .../users/rules_of_use_controller_spec.rb | 12 +- .../second_mfa_reminder_controller_spec.rb | 8 +- ...service_provider_revoke_controller_spec.rb | 4 +- .../users/sessions_controller_spec.rb | 60 +-- ...o_factor_authentication_controller_spec.rb | 30 +- ...or_authentication_setup_controller_spec.rb | 12 +- .../users/verify_password_controller_spec.rb | 4 +- .../users/webauthn_controller_spec.rb | 4 +- ...hn_platform_recommended_controller_spec.rb | 18 +- .../vendor_outage_controller_spec.rb | 4 +- spec/decorators/event_decorator_spec.rb | 4 +- .../service_provider_session_spec.rb | 32 +- spec/factories/agencies.rb | 10 +- spec/features/account/backup_codes_spec.rb | 6 +- .../account_creation/threat_metrix_spec.rb | 4 +- .../account_reset/cancel_request_spec.rb | 12 +- .../account_reset/delete_account_spec.rb | 60 +-- .../account_reset/pending_request_spec.rb | 8 +- spec/features/event_disavowal_spec.rb | 4 +- spec/features/ialmax/saml_sign_in_spec.rb | 6 +- spec/features/idv/analytics_spec.rb | 20 +- spec/features/idv/cancel_spec.rb | 4 +- spec/features/idv/doc_auth/agreement_spec.rb | 4 +- .../idv/doc_auth/document_capture_spec.rb | 28 +- .../idv/doc_auth/how_to_verify_spec.rb | 4 +- .../idv/doc_auth/hybrid_handoff_spec.rb | 26 +- spec/features/idv/doc_auth/link_sent_spec.rb | 4 +- .../doc_auth/redo_document_capture_spec.rb | 28 +- .../doc_auth/socure_document_capture_spec.rb | 60 +-- .../idv/doc_auth/test_credentials_spec.rb | 4 +- .../idv/doc_auth/verify_info_step_spec.rb | 20 +- spec/features/idv/end_to_end_idv_spec.rb | 12 +- spec/features/idv/hybrid_mobile/entry_spec.rb | 4 +- .../hybrid_socure_mobile_spec.rb | 20 +- spec/features/idv/in_person_spec.rb | 16 +- .../idv/in_person_threatmetrix_spec.rb | 10 +- spec/features/idv/outage_spec.rb | 16 +- .../pending_profile_password_reset_spec.rb | 4 +- .../idv/phone_otp_rate_limiting_spec.rb | 8 +- spec/features/idv/proofing_components_spec.rb | 4 +- .../idv/steps/enter_code_step_spec.rb | 4 +- .../idv/steps/enter_password_step_spec.rb | 12 +- .../idv/steps/in_person/address_spec.rb | 4 +- .../idv/steps/in_person/state_id_spec.rb | 4 +- .../idv/steps/in_person/verify_info_spec.rb | 4 +- .../idv/steps/in_person_opt_in_ipp_spec.rb | 30 +- .../idv/steps/resend_letter_step_spec.rb | 16 +- .../authorization_confirmation_spec.rb | 4 +- .../openid_connect/openid_connect_spec.rb | 68 ++-- .../redirect_uri_validation_spec.rb | 44 +- spec/features/openid_connect/vtr_spec.rb | 4 +- .../phone/default_phone_selection_spec.rb | 4 +- .../remember_device/sp_expiration_spec.rb | 5 +- .../features/remember_device/webauthn_spec.rb | 10 +- .../saml/redirect_uri_validation_spec.rb | 6 +- spec/features/saml/saml_logout_spec.rb | 4 +- spec/features/saml/saml_spec.rb | 22 +- .../sign_in/remember_device_default_spec.rb | 4 +- .../setup_piv_cac_after_sign_in_spec.rb | 4 +- .../sign_in/two_factor_options_spec.rb | 256 ++++++------ spec/features/sp_cost_tracking_spec.rb | 4 +- .../change_factor_spec.rb | 4 +- .../multiple_mfa_sign_up_spec.rb | 62 +-- .../two_factor_authentication/sign_in_spec.rb | 28 +- ...assword_recovery_via_recovery_code_spec.rb | 4 +- .../features/users/piv_cac_management_spec.rb | 4 +- .../users/regenerate_personal_key_spec.rb | 4 +- spec/features/users/sign_in_spec.rb | 64 +-- spec/features/users/sign_up_spec.rb | 12 +- spec/features/users/totp_management_spec.rb | 4 +- spec/features/users/user_edit_spec.rb | 4 +- spec/features/users/user_profile_spec.rb | 4 +- .../visitors/email_confirmation_spec.rb | 12 +- .../visitors/password_recovery_spec.rb | 8 +- .../visitors/sign_up_with_email_spec.rb | 8 +- spec/features/webauthn/hidden_spec.rb | 8 +- .../backup_code_verification_form_spec.rb | 8 +- spec/forms/delete_user_email_form_spec.rb | 12 +- spec/forms/edit_phone_form_spec.rb | 8 +- spec/forms/gpo_verify_form_spec.rb | 12 +- spec/forms/idv/api_image_upload_form_spec.rb | 28 +- spec/forms/idv/doc_pii_form_spec.rb | 4 +- ...confirmation_otp_verification_form_spec.rb | 4 +- spec/forms/idv/phone_form_spec.rb | 4 +- spec/forms/idv/ssn_format_form_spec.rb | 4 +- spec/forms/new_phone_form_spec.rb | 36 +- .../openid_connect_authorize_form_spec.rb | 80 ++-- spec/forms/openid_connect_logout_form_spec.rb | 36 +- spec/forms/openid_connect_token_form_spec.rb | 36 +- spec/forms/password_form_spec.rb | 4 +- spec/forms/phone_recaptcha_form_spec.rb | 16 +- spec/forms/recaptcha_enterprise_form_spec.rb | 20 +- spec/forms/recaptcha_form_spec.rb | 10 +- spec/forms/register_user_email_form_spec.rb | 18 +- spec/forms/security_event_form_spec.rb | 16 +- spec/forms/select_email_form_spec.rb | 6 +- spec/forms/sign_in_recaptcha_form_spec.rb | 12 +- spec/forms/totp_setup_form_spec.rb | 4 +- spec/forms/update_user_password_form_spec.rb | 8 +- spec/forms/user_piv_cac_setup_form_spec.rb | 30 +- spec/forms/webauthn_setup_form_spec.rb | 20 +- spec/forms/webauthn_verification_form_spec.rb | 4 +- spec/helpers/application_helper_spec.rb | 4 +- spec/helpers/locale_helper_spec.rb | 4 +- spec/helpers/script_helper_spec.rb | 42 +- spec/helpers/threat_metrix_helper_spec.rb | 56 +-- spec/i18n_spec.rb | 14 +- ...account_creation_threat_metrix_job_spec.rb | 12 +- .../daily_sensitive_column_report_spec.rb | 4 +- .../table_summary_stats_export_job_spec.rb | 16 +- spec/jobs/fraud_rejection_daily_job_spec.rb | 4 +- .../get_usps_proofing_results_job_spec.rb | 8 +- ...et_usps_ready_proofing_results_job_spec.rb | 14 +- ..._usps_waiting_proofing_results_job_spec.rb | 14 +- spec/jobs/gpo_daily_job_spec.rb | 4 +- spec/jobs/gpo_expiration_job_spec.rb | 4 +- spec/jobs/gpo_reminder_job_spec.rb | 4 +- .../batch_processor_spec.rb | 36 +- .../enrollment_pipeline_spec.rb | 38 +- .../sqs_batch_wrapper_spec.rb | 6 +- ...llments_ready_for_status_check_job_spec.rb | 38 +- .../send_proofing_notification_job_spec.rb | 50 +-- .../jobs/job_helpers/stale_job_helper_spec.rb | 4 +- spec/jobs/reports/daily_auths_report_spec.rb | 16 +- .../reports/daily_dropoffs_report_spec.rb | 16 +- .../reports/daily_registration_report_spec.rb | 16 +- .../jobs/reports/duplicate_ssn_report_spec.rb | 4 +- .../jobs/reports/fraud_metrics_report_spec.rb | 24 +- .../monthly_key_metrics_report_spec.rb | 20 +- .../reports/quarterly_account_stats_spec.rb | 6 +- spec/jobs/reports/query_helpers_spec.rb | 4 +- .../sp_issuer_user_counts_report_spec.rb | 8 +- spec/jobs/resolution_proofing_job_spec.rb | 92 ++--- spec/jobs/risc_delivery_job_spec.rb | 8 +- spec/jobs/socure_docv_results_job_spec.rb | 8 +- .../socure_reason_code_download_job_spec.rb | 8 +- .../socure_shadow_mode_proofing_job_spec.rb | 8 +- .../threat_metrix_js_verification_job_spec.rb | 22 +- spec/lib/aamva_test_spec.rb | 34 +- spec/lib/ab_test_spec.rb | 6 +- spec/lib/action_account_spec.rb | 12 +- spec/lib/analytics_events_documenter_spec.rb | 20 +- .../local/write_cloudwatch_logs_spec.rb | 4 +- spec/lib/deploy/activate_spec.rb | 14 +- spec/lib/env_irb_prompt_spec.rb | 8 +- spec/lib/feature_management_spec.rb | 48 +-- spec/lib/identity_config_spec.rb | 16 +- spec/lib/otp_code_generator_spec.rb | 8 +- spec/lib/pinpoint_supported_countries_spec.rb | 8 +- spec/lib/pwned_password_downloader_spec.rb | 16 +- spec/lib/reporting/cloudwatch_client_spec.rb | 12 +- .../fraud_metrics_lg99_report_spec.rb | 8 +- spec/lib/reporting/monthly_idv_report_spec.rb | 4 +- spec/lib/tasks/dev_rake_spec.rb | 52 +-- spec/lib/tasks/partners_rake_spec.rb | 12 +- spec/lib/telephony/otp_sender_spec.rb | 8 +- .../pinpoint/opt_out_manager_spec.rb | 8 +- .../telephony/pinpoint/voice_sender_spec.rb | 34 +- spec/lib/telephony/telephony_spec.rb | 8 +- spec/mailers/previews/user_mailer_preview.rb | 28 +- spec/mailers/report_mailer_spec.rb | 8 +- spec/mailers/user_mailer_spec.rb | 154 +++---- spec/models/agreements/iaa_gtc_spec.rb | 14 +- spec/models/agreements/iaa_order_spec.rb | 26 +- spec/models/agreements/integration_spec.rb | 6 +- spec/models/in_person_enrollment_spec.rb | 32 +- spec/models/phone_number_opt_out_spec.rb | 8 +- spec/models/profile_spec.rb | 40 +- spec/models/service_provider_identity_spec.rb | 20 +- spec/models/service_provider_spec.rb | 20 +- spec/models/user_spec.rb | 74 ++-- spec/policies/idv/flow_policy_spec.rb | 8 +- .../idv/gpo_verify_by_mail_policy_spec.rb | 28 +- spec/policies/idv/step_info_spec.rb | 4 +- .../account_reset/pending_presenter_spec.rb | 4 +- .../presenters/account_show_presenter_spec.rb | 6 +- .../confirm_delete_email_presenter_spec.rb | 4 +- .../account_verified_email_presenter_spec.rb | 4 +- .../ready_to_verify_presenter_spec.rb | 16 +- .../mfa_confirmation_presenter_spec.rb | 20 +- ...id_connect_configuration_presenter_spec.rb | 4 +- ...openid_connect_user_info_presenter_spec.rb | 4 +- .../risc_configuration_presenter_spec.rb | 4 +- .../authenticator_delivery_presenter_spec.rb | 4 +- .../piv_cac_edit_presenter_spec.rb | 12 +- .../sign_in_phone_selection_presenter_spec.rb | 8 +- .../two_factor_options_presenter_spec.rb | 4 +- spec/requests/csp_spec.rb | 8 +- .../requests/openid_connect_authorize_spec.rb | 8 +- spec/requests/rack_attack_spec.rb | 36 +- spec/routing/gpo_verification_routing_spec.rb | 12 +- spec/services/access_token_verifier_spec.rb | 8 +- .../account_creation/device_profiling_spec.rb | 8 +- .../account_reset/grant_request_spec.rb | 4 +- .../grant_requests_and_send_emails_spec.rb | 8 +- .../pending_request_for_user_spec.rb | 8 +- spec/services/agency_identity_linker_spec.rb | 16 +- .../agreements/integration_seeder_spec.rb | 6 +- spec/services/analytics_spec.rb | 16 +- spec/services/attribute_asserter_spec.rb | 36 +- spec/services/auth_methods_session_spec.rb | 18 +- spec/services/authn_context_resolver_spec.rb | 18 +- spec/services/backup_code_generator_spec.rb | 16 +- spec/services/browser_support_spec.rb | 8 +- spec/services/database_health_checker_spec.rb | 4 +- .../services/doc_auth/error_generator_spec.rb | 44 +- .../lexis_nexis/lexis_nexis_client_spec.rb | 8 +- .../responses/true_id_response_spec.rb | 54 +-- .../doc_auth/mock/result_response_spec.rb | 8 +- spec/services/doc_auth/socure/request_spec.rb | 4 +- .../socure/requests/document_request_spec.rb | 16 +- .../requests/docv_result_request_spec.rb | 8 +- spec/services/encrypted_attribute_spec.rb | 4 +- .../encrypted_redis_struct_storage_spec.rb | 4 +- .../encryption/contextless_kms_client_spec.rb | 24 +- .../background_proofing_arg_encryptor_spec.rb | 12 +- .../encryptors/pii_encryptor_spec.rb | 34 +- spec/services/encryption/kms_client_spec.rb | 24 +- .../encryption/password_verifier_spec.rb | 6 +- spec/services/forget_all_browsers_spec.rb | 6 +- spec/services/frontend_error_logger_spec.rb | 4 +- .../funnel/registration/add_mfa_spec.rb | 6 +- spec/services/gpo_confirmation_maker_spec.rb | 4 +- spec/services/gpo_confirmation_spec.rb | 4 +- .../gpo_confirmation_uploader_spec.rb | 22 +- spec/services/gpo_daily_test_sender_spec.rb | 14 +- spec/services/gpo_reminder_sender_spec.rb | 28 +- spec/services/id_token_builder_spec.rb | 12 +- spec/services/identity_linker_spec.rb | 38 +- .../completion_survey_sender_spec.rb | 8 +- spec/services/idv/in_person_config_spec.rb | 4 +- spec/services/idv/profile_maker_spec.rb | 16 +- spec/services/idv/proofing_components_spec.rb | 12 +- .../idv/send_phone_confirmation_otp_spec.rb | 12 +- spec/services/otp_preference_updater_spec.rb | 4 +- spec/services/otp_rate_limiter_spec.rb | 4 +- spec/services/outage_status_spec.rb | 24 +- spec/services/outbound_health_checker_spec.rb | 20 +- spec/services/piv_cac/check_config_spec.rb | 4 +- spec/services/piv_cac_service_spec.rb | 26 +- spec/services/profanity_detector_spec.rb | 4 +- .../aamva/authentication_client_spec.rb | 32 +- spec/services/proofing/aamva/proofer_spec.rb | 20 +- .../authentication_token_request_spec.rb | 18 +- .../request/security_token_request_spec.rb | 38 +- .../request/verification_request_spec.rb | 12 +- .../aamva/verification_client_spec.rb | 18 +- .../proofing/lexis_nexis/ddp/proofing_spec.rb | 8 +- .../lexis_nexis/ddp/response_redacter_spec.rb | 4 +- .../ddp/verification_request_spec.rb | 8 +- .../lexis_nexis/phone_finder/proofing_spec.rb | 12 +- .../mock/device_profiling_backend_spec.rb | 4 +- .../resolution/plugins/aamva_plugin_spec.rb | 16 +- .../plugins/state_id_address_plugin_spec.rb | 108 ++--- .../plugins/threatmetrix_plugin_spec.rb | 12 +- .../resolution/progressive_proofer_spec.rb | 24 +- .../proofing/socure/id_plus/proofer_spec.rb | 8 +- .../proofing/socure/id_plus/request_spec.rb | 24 +- .../socure/reason_codes/importer_spec.rb | 12 +- .../push_notification/http_push_spec.rb | 4 +- spec/services/random_phrase_spec.rb | 4 +- spec/services/rate_limiter_spec.rb | 28 +- spec/services/recaptcha_annotator_spec.rb | 20 +- spec/services/redis_rate_limiter_spec.rb | 4 +- .../reporting/agency_and_sp_report_spec.rb | 8 +- spec/services/request_password_reset_spec.rb | 70 ++-- spec/services/reset_user_password_spec.rb | 12 +- .../revoke_service_provider_consent_spec.rb | 12 +- spec/services/saml_request_validator_spec.rb | 8 +- .../service_provider_request_proxy_spec.rb | 24 +- spec/services/service_provider_seeder_spec.rb | 8 +- .../services/service_provider_updater_spec.rb | 36 +- spec/services/sp_handoff_bouncer_spec.rb | 4 +- spec/services/string_redacter_spec.rb | 4 +- .../update_user_phone_configuration_spec.rb | 8 +- .../alert_user_about_new_device_spec.rb | 12 +- ...rt_user_about_personal_key_sign_in_spec.rb | 8 +- spec/services/user_event_creator_spec.rb | 10 +- .../enrollment_helper_spec.rb | 46 +-- .../usps_in_person_proofing/proofer_spec.rb | 60 +-- .../transliterable_validator_spec.rb | 12 +- .../transliterator_spec.rb | 6 +- spec/services/vot/parser_spec.rb | 7 +- spec/simplecov_helper.rb | 6 +- spec/support/aamva_fixtures.rb | 16 +- spec/support/controller_helper.rb | 4 +- spec/support/deprecated_classes.rb | 8 +- spec/support/diff_helper.rb | 8 +- spec/support/fake_analytics.rb | 30 +- spec/support/fake_analytics_spec.rb | 180 ++++----- .../features/document_capture_step_helper.rb | 10 +- spec/support/features/session_helper.rb | 14 +- spec/support/idv_examples/sp_handoff.rb | 4 +- spec/support/key_rotation_helper.rb | 4 +- spec/support/matchers/accessibility.rb | 24 +- spec/support/saml_response_doc.rb | 16 +- spec/support/shared_examples/lexis_nexis.rb | 18 +- .../shared_examples/phone/rate_limiting.rb | 12 +- .../shared_examples/remember_device.rb | 4 +- spec/support/shared_examples/sign_in.rb | 24 +- .../support/shared_examples/webauthn_setup.rb | 6 +- .../shared_examples_for_email_validation.rb | 8 +- ..._for_otp_delivery_preference_validation.rb | 4 +- ...shared_examples_for_password_validation.rb | 4 +- spec/support/sp_auth_helper.rb | 4 +- spec/support/usps_ipp_helper.rb | 12 +- .../connected_accounts/show.html.erb_spec.rb | 4 +- .../devise/passwords/new.html.erb_spec.rb | 12 +- .../devise/sessions/new.html.erb_spec.rb | 20 +- .../forgot_password/show.html.erb_spec.rb | 8 +- .../idv/enter_password/new.html.erb_spec.rb | 4 +- .../ready_to_verify/show.html.erb_spec.rb | 32 +- .../idv/please_call/show.html.erb_spec.rb | 4 +- spec/views/idv/shared/ssn.html.erb_spec.rb | 16 +- .../sign_up/emails/show.html.erb_spec.rb | 4 +- .../registrations/new.html.erb_spec.rb | 12 +- .../show.html.erb_spec.rb | 16 +- .../backup_code_setup/create.html.erb_spec.rb | 8 +- spec/views/users/delete/show.html.erb_spec.rb | 8 +- .../index.html.erb_spec.rb | 4 +- 536 files changed, 4104 insertions(+), 4085 deletions(-) diff --git a/.rubocop.yml b/.rubocop.yml index e4e614283cd..44b0c7a76db 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -127,7 +127,7 @@ Layout/DefEndAlignment: Layout/DotPosition: Description: Checks the position of the dot in multi-line method calls. StyleGuide: https://github.com/bbatsov/ruby-style-guide#consistent-multi-line-chains - EnforcedStyle: trailing + EnforcedStyle: leading SupportedStyles: - leading - trailing diff --git a/app/components/flash_component.rb b/app/components/flash_component.rb index a09e31605eb..703342b2a57 100644 --- a/app/components/flash_component.rb +++ b/app/components/flash_component.rb @@ -10,11 +10,11 @@ def initialize(flash:) end def alerts - flash. - to_hash. - slice(*VALID_FLASH_TYPES). - select { |_flash_type, message| message.present? }. - map { |flash_type, message| [alert_type(flash_type), message] } + flash + .to_hash + .slice(*VALID_FLASH_TYPES) + .select { |_flash_type, message| message.present? } + .map { |flash_type, message| [alert_type(flash_type), message] } end def alert_type(flash_type) diff --git a/app/components/manageable_authenticator_component.html.erb b/app/components/manageable_authenticator_component.html.erb index d26a684a5ec..f1f7a2f47d5 100644 --- a/app/components/manageable_authenticator_component.html.erb +++ b/app/components/manageable_authenticator_component.html.erb @@ -9,10 +9,10 @@ ) do %> <%= content_tag( :script, - strings. - slice(:renamed, :delete_confirm, :deleted). - transform_keys { |key| key.to_s.camelcase(:lower) }. - to_json, + strings + .slice(:renamed, :delete_confirm, :deleted) + .transform_keys { |key| key.to_s.camelcase(:lower) } + .to_json, { type: 'application/json', class: 'manageable-authenticator__strings', diff --git a/app/components/phone_input_component.rb b/app/components/phone_input_component.rb index 8b251b4139a..d4c97f71a91 100644 --- a/app/components/phone_input_component.rb +++ b/app/components/phone_input_component.rb @@ -43,8 +43,8 @@ def translated_country_code_names def international_phone_codes translated_international_codes = PhoneNumberCapabilities.translated_international_codes - supported_country_codes. - map do |code_key| + supported_country_codes + .map do |code_key| code_data = translated_international_codes[code_key] [ @@ -52,8 +52,8 @@ def international_phone_codes code_key, { data: international_phone_codes_data(code_data) }, ] - end. - sort_by do |label, code_key, _data| + end + .sort_by do |label, code_key, _data| # Sort alphabetically by label, but put the US first in the list [code_key == 'US' ? -1 : 1, label] end diff --git a/app/controllers/accounts/personal_keys_controller.rb b/app/controllers/accounts/personal_keys_controller.rb index 3dbbd850ba7..146704d95c5 100644 --- a/app/controllers/accounts/personal_keys_controller.rb +++ b/app/controllers/accounts/personal_keys_controller.rb @@ -40,12 +40,12 @@ def pii_locked? # @return [FormResponse] def send_new_personal_key_notifications emails = current_user.confirmed_email_addresses.map do |email_address| - UserMailer.with(user: current_user, email_address: email_address).personal_key_regenerated. - deliver_now_or_later + UserMailer.with(user: current_user, email_address: email_address).personal_key_regenerated + .deliver_now_or_later end - telephony_responses = MfaContext.new(current_user). - phone_configurations.map do |phone_configuration| + telephony_responses = MfaContext.new(current_user) + .phone_configurations.map do |phone_configuration| phone = phone_configuration.phone Telephony.send_personal_key_regeneration_notice( to: phone, diff --git a/app/controllers/concerns/idv/document_capture_concern.rb b/app/controllers/concerns/idv/document_capture_concern.rb index 746657959a4..1d61388a6dd 100644 --- a/app/controllers/concerns/idv/document_capture_concern.rb +++ b/app/controllers/concerns/idv/document_capture_concern.rb @@ -85,8 +85,8 @@ def fetch_test_verification_data return unless IdentityConfig.store.socure_docv_verification_data_test_mode docv_transaction_token_override = params.permit(:docv_token)[:docv_token] - return unless IdentityConfig.store.socure_docv_verification_data_test_mode_tokens. - include?(docv_transaction_token_override) + return unless IdentityConfig.store.socure_docv_verification_data_test_mode_tokens + .include?(docv_transaction_token_override) SocureDocvResultsJob.perform_now( document_capture_session_uuid:, @@ -106,10 +106,12 @@ def track_document_request_event(document_request:, document_response:, timer:) document_type: document_request_body[:documentType], docv_transaction_token: response_hash.dig(:data, :docvTransactionToken), } - analytics_hash = log_extras.merge(analytics_arguments). - merge(document_request_body).except( + analytics_hash = log_extras + .merge(analytics_arguments) + .merge(document_request_body).except( :documentType, # requested document type - ).merge(response_body: document_response.to_h) + ) + .merge(response_body: document_response.to_h) analytics.idv_socure_document_request_submitted(**analytics_hash) end diff --git a/app/controllers/concerns/idv/verify_info_concern.rb b/app/controllers/concerns/idv/verify_info_concern.rb index fc71a949363..0166442e024 100644 --- a/app/controllers/concerns/idv/verify_info_concern.rb +++ b/app/controllers/concerns/idv/verify_info_concern.rb @@ -16,8 +16,8 @@ def threatmetrix_session_id_present_or_not_required?(idv_session:) def shared_update return if idv_session.verify_info_step_document_capture_session_uuid analytics.idv_doc_auth_verify_submitted(**analytics_arguments) - Funnel::DocAuth::RegisterStep.new(current_user.id, sp_session[:issuer]). - call('verify', :update, true) + Funnel::DocAuth::RegisterStep.new(current_user.id, sp_session[:issuer]) + .call('verify', :update, true) ssn_rate_limiter.increment! diff --git a/app/controllers/concerns/recommend_webauthn_platform_concern.rb b/app/controllers/concerns/recommend_webauthn_platform_concern.rb index c3affcab8e2..2cb9a5fb6d1 100644 --- a/app/controllers/concerns/recommend_webauthn_platform_concern.rb +++ b/app/controllers/concerns/recommend_webauthn_platform_concern.rb @@ -32,8 +32,9 @@ def user_set_up_or_authenticated_with_phone? phone_configuration.mfa_enabled? && phone_configuration.delivery_preference == 'sms' end else - auth_methods_session.auth_events.pluck(:auth_method). - include?(TwoFactorAuthenticatable::AuthMethod::SMS) + auth_methods_session.auth_events + .pluck(:auth_method) + .include?(TwoFactorAuthenticatable::AuthMethod::SMS) end end end diff --git a/app/controllers/concerns/saml_idp_auth_concern.rb b/app/controllers/concerns/saml_idp_auth_concern.rb index f31c2f6c992..60443489dfd 100644 --- a/app/controllers/concerns/saml_idp_auth_concern.rb +++ b/app/controllers/concerns/saml_idp_auth_concern.rb @@ -131,9 +131,9 @@ def response_authn_context end def link_identity_from_session_data - IdentityLinker. - new(current_user, saml_request_service_provider). - link_identity( + IdentityLinker + .new(current_user, saml_request_service_provider) + .link_identity( ial: resolved_authn_context_int_ial, rails_session_id: session.id, email_address_id: email_address_id, diff --git a/app/controllers/concerns/saml_idp_logout_concern.rb b/app/controllers/concerns/saml_idp_logout_concern.rb index ef3fb9f7d2e..343f00e4934 100644 --- a/app/controllers/concerns/saml_idp_logout_concern.rb +++ b/app/controllers/concerns/saml_idp_logout_concern.rb @@ -25,8 +25,9 @@ def handle_valid_sp_logout_request def handle_valid_sp_remote_logout_request(user_id:, issuer:) # Remotely delete the user's current session - session_id = ServiceProviderIdentity. - where(user_id: user_id, service_provider: issuer).pick(:rails_session_id) + session_id = ServiceProviderIdentity + .where(user_id: user_id, service_provider: issuer) + .pick(:rails_session_id) if session_id OutOfBandSessionAccessor.new(session_id).destroy diff --git a/app/controllers/events_controller.rb b/app/controllers/events_controller.rb index d950e090f40..d7070325060 100644 --- a/app/controllers/events_controller.rb +++ b/app/controllers/events_controller.rb @@ -29,9 +29,9 @@ def device_and_events device = Device.where(user_id: user_id).find(device_id) return if !device - @events = Event.where(user_id: user_id, device_id: device.id).order(created_at: :desc). - limit(EVENTS_PAGE_SIZE). - map(&:decorate) + @events = Event.where(user_id: user_id, device_id: device.id).order(created_at: :desc) + .limit(EVENTS_PAGE_SIZE) + .map(&:decorate) @device = device.decorate end diff --git a/app/controllers/idv/by_mail/enter_code_controller.rb b/app/controllers/idv/by_mail/enter_code_controller.rb index 88fe02b3782..76f0654177b 100644 --- a/app/controllers/idv/by_mail/enter_code_controller.rb +++ b/app/controllers/idv/by_mail/enter_code_controller.rb @@ -38,8 +38,8 @@ def index end def pii - Pii::Cacher.new(current_user, user_session). - fetch(current_user.gpo_verification_pending_profile.id) + Pii::Cacher.new(current_user, user_session) + .fetch(current_user.gpo_verification_pending_profile.id) end def create @@ -155,11 +155,11 @@ def user_did_not_receive_letter? def last_date_letter_was_sent return @last_date_letter_was_sent if defined?(@last_date_letter_was_sent) - @last_date_letter_was_sent = current_user. - gpo_verification_pending_profile&. - gpo_confirmation_codes&. - pluck(:updated_at)&. - max + @last_date_letter_was_sent = current_user + .gpo_verification_pending_profile + &.gpo_confirmation_codes + &.pluck(:updated_at) + &.max end end end diff --git a/app/controllers/idv/by_mail/request_letter_controller.rb b/app/controllers/idv/by_mail/request_letter_controller.rb index e78689f9488..77197dbb477 100644 --- a/app/controllers/idv/by_mail/request_letter_controller.rb +++ b/app/controllers/idv/by_mail/request_letter_controller.rb @@ -15,8 +15,8 @@ class RequestLetterController < ApplicationController def index @applicant = idv_session.applicant - Funnel::DocAuth::RegisterStep.new(current_user.id, current_sp&.issuer). - call(:usps_address, :view, true) + Funnel::DocAuth::RegisterStep.new(current_user.id, current_sp&.issuer) + .call(:usps_address, :view, true) analytics.idv_request_letter_visited end @@ -43,8 +43,8 @@ def self.step_info private def update_tracking - Funnel::DocAuth::RegisterStep.new(current_user.id, current_sp&.issuer). - call(:usps_letter_sent, :update, true) + Funnel::DocAuth::RegisterStep.new(current_user.id, current_sp&.issuer) + .call(:usps_letter_sent, :update, true) log_letter_requested_analytics(resend: false) create_user_event(:gpo_mail_sent, current_user) diff --git a/app/controllers/idv/by_mail/resend_letter_controller.rb b/app/controllers/idv/by_mail/resend_letter_controller.rb index 10f81cb71b1..9e583cc46af 100644 --- a/app/controllers/idv/by_mail/resend_letter_controller.rb +++ b/app/controllers/idv/by_mail/resend_letter_controller.rb @@ -70,8 +70,8 @@ def confirmation_maker_perform end def pii - Pii::Cacher.new(current_user, user_session). - fetch(current_user.gpo_verification_pending_profile.id) + Pii::Cacher.new(current_user, user_session) + .fetch(current_user.gpo_verification_pending_profile.id) end def send_reminder diff --git a/app/controllers/idv/cancellations_controller.rb b/app/controllers/idv/cancellations_controller.rb index 5622fb6c3f1..a2f138fa606 100644 --- a/app/controllers/idv/cancellations_controller.rb +++ b/app/controllers/idv/cancellations_controller.rb @@ -115,8 +115,8 @@ def session_go_back_path def cancel_establishing_in_person_enrollments return if !IdentityConfig.store.in_person_proofing_enabled - UspsInPersonProofing::EnrollmentHelper. - cancel_stale_establishing_enrollments_for_user(current_user) + UspsInPersonProofing::EnrollmentHelper + .cancel_stale_establishing_enrollments_for_user(current_user) end end end diff --git a/app/controllers/idv/document_capture_controller.rb b/app/controllers/idv/document_capture_controller.rb index 1b8cf732cb4..d2e50e17a87 100644 --- a/app/controllers/idv/document_capture_controller.rb +++ b/app/controllers/idv/document_capture_controller.rb @@ -18,8 +18,8 @@ class DocumentCaptureController < ApplicationController def show analytics.idv_doc_auth_document_capture_visited(**analytics_arguments) - Funnel::DocAuth::RegisterStep.new(current_user.id, sp_session[:issuer]). - call('document_capture', :view, true) + Funnel::DocAuth::RegisterStep.new(current_user.id, sp_session[:issuer]) + .call('document_capture', :view, true) render :show, locals: extra_view_variables end @@ -33,8 +33,8 @@ def update result = handle_stored_result analytics.idv_doc_auth_document_capture_submitted(**result.to_h.merge(analytics_arguments)) - Funnel::DocAuth::RegisterStep.new(current_user.id, sp_session[:issuer]). - call('document_capture', :update, true) + Funnel::DocAuth::RegisterStep.new(current_user.id, sp_session[:issuer]) + .call('document_capture', :update, true) if result.success? redirect_to idv_ssn_url diff --git a/app/controllers/idv/enter_password_controller.rb b/app/controllers/idv/enter_password_controller.rb index c91ab6044a3..af6da96312f 100644 --- a/app/controllers/idv/enter_password_controller.rb +++ b/app/controllers/idv/enter_password_controller.rb @@ -18,8 +18,8 @@ class EnterPasswordController < ApplicationController with: :handle_request_enroll_exception def new - Funnel::DocAuth::RegisterStep.new(current_user.id, current_sp&.issuer). - call(:encrypt, :view, true) + Funnel::DocAuth::RegisterStep.new(current_user.id, current_sp&.issuer) + .call(:encrypt, :view, true) analytics.idv_enter_password_visited( address_verification_method: idv_session.address_verification_mechanism, **ab_test_analytics_buckets, @@ -56,8 +56,8 @@ def create proofing_workflow_time_in_seconds: idv_session.proofing_workflow_time_in_seconds, **ab_test_analytics_buckets, ) - Funnel::DocAuth::RegisterStep.new(current_user.id, current_sp&.issuer). - call(:verified, :view, true) + Funnel::DocAuth::RegisterStep.new(current_user.id, current_sp&.issuer) + .call(:verified, :view, true) analytics.idv_final( success: true, fraud_review_pending: idv_session.profile.fraud_review_pending?, diff --git a/app/controllers/idv/hybrid_mobile/capture_complete_controller.rb b/app/controllers/idv/hybrid_mobile/capture_complete_controller.rb index e92a7a7fd84..72b14dd7a0c 100644 --- a/app/controllers/idv/hybrid_mobile/capture_complete_controller.rb +++ b/app/controllers/idv/hybrid_mobile/capture_complete_controller.rb @@ -11,8 +11,8 @@ class CaptureCompleteController < ApplicationController def show analytics.idv_doc_auth_capture_complete_visited(**analytics_arguments) - Funnel::DocAuth::RegisterStep.new(document_capture_user.id, sp_session[:issuer]). - call('capture_complete', :view, true) + Funnel::DocAuth::RegisterStep.new(document_capture_user.id, sp_session[:issuer]) + .call('capture_complete', :view, true) render :show end diff --git a/app/controllers/idv/hybrid_mobile/document_capture_controller.rb b/app/controllers/idv/hybrid_mobile/document_capture_controller.rb index 5893501d39b..7190c4ee291 100644 --- a/app/controllers/idv/hybrid_mobile/document_capture_controller.rb +++ b/app/controllers/idv/hybrid_mobile/document_capture_controller.rb @@ -17,8 +17,8 @@ class DocumentCaptureController < ApplicationController def show analytics.idv_doc_auth_document_capture_visited(**analytics_arguments) - Funnel::DocAuth::RegisterStep.new(document_capture_user.id, sp_session[:issuer]). - call('document_capture', :view, true) + Funnel::DocAuth::RegisterStep.new(document_capture_user.id, sp_session[:issuer]) + .call('document_capture', :view, true) render :show, locals: extra_view_variables end @@ -32,8 +32,8 @@ def update analytics.idv_doc_auth_document_capture_submitted(**result.to_h.merge(analytics_arguments)) - Funnel::DocAuth::RegisterStep.new(document_capture_user.id, sp_session[:issuer]). - call('document_capture', :update, true) + Funnel::DocAuth::RegisterStep.new(document_capture_user.id, sp_session[:issuer]) + .call('document_capture', :update, true) # rate limiting redirect is in ImageUploadResponsePresenter if result.success? diff --git a/app/controllers/idv/hybrid_mobile/socure/document_capture_controller.rb b/app/controllers/idv/hybrid_mobile/socure/document_capture_controller.rb index 163c4d438d8..e6334e73e4a 100644 --- a/app/controllers/idv/hybrid_mobile/socure/document_capture_controller.rb +++ b/app/controllers/idv/hybrid_mobile/socure/document_capture_controller.rb @@ -17,8 +17,8 @@ class DocumentCaptureController < ApplicationController before_action :fetch_test_verification_data, only: [:update] def show - Funnel::DocAuth::RegisterStep.new(document_capture_user.id, sp_session[:issuer]). - call('hybrid_mobile_socure_document_capture', :view, true) + Funnel::DocAuth::RegisterStep.new(document_capture_user.id, sp_session[:issuer]) + .call('hybrid_mobile_socure_document_capture', :view, true) if document_capture_session.socure_docv_capture_app_url.present? @url = document_capture_session.socure_docv_capture_app_url diff --git a/app/controllers/idv/in_person/address_controller.rb b/app/controllers/idv/in_person/address_controller.rb index eed9d0527db..a8afa17e58b 100644 --- a/app/controllers/idv/in_person/address_controller.rb +++ b/app/controllers/idv/in_person/address_controller.rb @@ -94,8 +94,8 @@ def analytics_arguments flow_path: idv_session.flow_path, step: 'address', analytics_id: 'In Person Proofing', - }.merge(ab_test_analytics_buckets). - merge(extra_analytics_properties) + }.merge(ab_test_analytics_buckets) + .merge(extra_analytics_properties) end def redirect_to_next_page diff --git a/app/controllers/idv/in_person/ssn_controller.rb b/app/controllers/idv/in_person/ssn_controller.rb index 2630d35cd61..d1ca08e83de 100644 --- a/app/controllers/idv/in_person/ssn_controller.rb +++ b/app/controllers/idv/in_person/ssn_controller.rb @@ -30,8 +30,8 @@ def show end analytics.idv_doc_auth_ssn_visited(**analytics_arguments) - Funnel::DocAuth::RegisterStep.new(current_user.id, sp_session[:issuer]). - call('ssn', :view, true) + Funnel::DocAuth::RegisterStep.new(current_user.id, sp_session[:issuer]) + .call('ssn', :view, true) render 'idv/shared/ssn', locals: threatmetrix_view_variables(ssn_presenter.updating_ssn?) end @@ -92,8 +92,8 @@ def analytics_arguments step: 'ssn', analytics_id: 'In Person Proofing', previous_ssn_edit_distance: previous_ssn_edit_distance, - }.merge(ab_test_analytics_buckets). - merge(**extra_analytics_properties) + }.merge(ab_test_analytics_buckets) + .merge(**extra_analytics_properties) end def confirm_in_person_address_step_complete diff --git a/app/controllers/idv/in_person/state_id_controller.rb b/app/controllers/idv/in_person/state_id_controller.rb index 8ea1678d6dc..638aa26a08f 100644 --- a/app/controllers/idv/in_person/state_id_controller.rb +++ b/app/controllers/idv/in_person/state_id_controller.rb @@ -104,8 +104,8 @@ def analytics_arguments flow_path: idv_session.flow_path, step: 'state_id', analytics_id: 'In Person Proofing', - }.merge(ab_test_analytics_buckets). - merge(extra_analytics_properties) + }.merge(ab_test_analytics_buckets) + .merge(extra_analytics_properties) end def clear_residential_address(pii_from_user) diff --git a/app/controllers/idv/in_person/verify_info_controller.rb b/app/controllers/idv/in_person/verify_info_controller.rb index 999aa3addb2..6fa73bb5999 100644 --- a/app/controllers/idv/in_person/verify_info_controller.rb +++ b/app/controllers/idv/in_person/verify_info_controller.rb @@ -18,8 +18,8 @@ def show @ssn = idv_session.ssn @pii = pii - Funnel::DocAuth::RegisterStep.new(current_user.id, sp_session[:issuer]). - call('verify', :view, true) # specify in_person? + Funnel::DocAuth::RegisterStep.new(current_user.id, sp_session[:issuer]) + .call('verify', :view, true) # specify in_person? process_async_state(load_async_state) end @@ -84,8 +84,8 @@ def analytics_arguments flow_path: idv_session.flow_path, step: 'verify', analytics_id: 'In Person Proofing', - }.merge(ab_test_analytics_buckets). - merge(**extra_analytics_properties) + }.merge(ab_test_analytics_buckets) + .merge(**extra_analytics_properties) end def confirm_ssn_step_complete diff --git a/app/controllers/idv/link_sent_controller.rb b/app/controllers/idv/link_sent_controller.rb index 93a8137bc86..9070b461809 100644 --- a/app/controllers/idv/link_sent_controller.rb +++ b/app/controllers/idv/link_sent_controller.rb @@ -13,8 +13,8 @@ class LinkSentController < ApplicationController def show analytics.idv_doc_auth_link_sent_visited(**analytics_arguments) - Funnel::DocAuth::RegisterStep.new(current_user.id, sp_session[:issuer]). - call('link_sent', :view, true) + Funnel::DocAuth::RegisterStep.new(current_user.id, sp_session[:issuer]) + .call('link_sent', :view, true) render :show, locals: extra_view_variables end diff --git a/app/controllers/idv/phone_controller.rb b/app/controllers/idv/phone_controller.rb index 5665976b566..f5c7d0dd074 100644 --- a/app/controllers/idv/phone_controller.rb +++ b/app/controllers/idv/phone_controller.rb @@ -30,8 +30,8 @@ def new return if confirm_not_rate_limited_for_phone_address_verification if async_state.none? - Funnel::DocAuth::RegisterStep.new(current_user.id, current_sp&.issuer). - call(:verify_phone, :view, true) + Funnel::DocAuth::RegisterStep.new(current_user.id, current_sp&.issuer) + .call(:verify_phone, :view, true) analytics.idv_phone_of_record_visited( **ab_test_analytics_buckets, @@ -52,8 +52,8 @@ def create clear_future_steps! idv_session.invalidate_phone_step! result = idv_form.submit(step_params) - Funnel::DocAuth::RegisterStep.new(current_user.id, current_sp&.issuer). - call(:verify_phone, :update, result.success?) + Funnel::DocAuth::RegisterStep.new(current_user.id, current_sp&.issuer) + .call(:verify_phone, :update, result.success?) analytics.idv_phone_confirmation_form_submitted(**result, **ab_test_analytics_buckets) if result.success? diff --git a/app/controllers/idv/sessions_controller.rb b/app/controllers/idv/sessions_controller.rb index 50bdc27ac86..8537a9c181b 100644 --- a/app/controllers/idv/sessions_controller.rb +++ b/app/controllers/idv/sessions_controller.rb @@ -53,8 +53,8 @@ def cancel_verification_attempt_if_pending_profile def cancel_in_person_enrollment_if_exists return if !IdentityConfig.store.in_person_proofing_enabled current_user.pending_in_person_enrollment&.update(status: :cancelled) - UspsInPersonProofing::EnrollmentHelper. - cancel_stale_establishing_enrollments_for_user(current_user) + UspsInPersonProofing::EnrollmentHelper + .cancel_stale_establishing_enrollments_for_user(current_user) end def clear_session diff --git a/app/controllers/idv/socure/document_capture_controller.rb b/app/controllers/idv/socure/document_capture_controller.rb index ed4c8f94820..80cd61ce7ed 100644 --- a/app/controllers/idv/socure/document_capture_controller.rb +++ b/app/controllers/idv/socure/document_capture_controller.rb @@ -27,8 +27,8 @@ class DocumentCaptureController < ApplicationController def show idv_session.socure_docv_wait_polling_started_at = nil - Funnel::DocAuth::RegisterStep.new(current_user.id, sp_session[:issuer]). - call('socure_document_capture', :view, true) + Funnel::DocAuth::RegisterStep.new(current_user.id, sp_session[:issuer]) + .call('socure_document_capture', :view, true) if document_capture_session.socure_docv_capture_app_url.present? @url = document_capture_session.socure_docv_capture_app_url @@ -78,8 +78,8 @@ def update # TODO: new analytics event? analytics.idv_doc_auth_document_capture_submitted(**result.to_h.merge(analytics_arguments)) - Funnel::DocAuth::RegisterStep.new(current_user.id, sp_session[:issuer]). - call('socure_document_capture', :update, true) + Funnel::DocAuth::RegisterStep.new(current_user.id, sp_session[:issuer]) + .call('socure_document_capture', :update, true) if result.success? redirect_to idv_ssn_url diff --git a/app/controllers/idv/ssn_controller.rb b/app/controllers/idv/ssn_controller.rb index 1cd1e59ad15..eb20938b909 100644 --- a/app/controllers/idv/ssn_controller.rb +++ b/app/controllers/idv/ssn_controller.rb @@ -28,8 +28,8 @@ def show end analytics.idv_doc_auth_ssn_visited(**analytics_arguments) - Funnel::DocAuth::RegisterStep.new(current_user.id, sp_session[:issuer]). - call('ssn', :view, true) + Funnel::DocAuth::RegisterStep.new(current_user.id, sp_session[:issuer]) + .call('ssn', :view, true) render 'idv/shared/ssn', locals: threatmetrix_view_variables(ssn_presenter.updating_ssn?) end diff --git a/app/controllers/idv/verify_info_controller.rb b/app/controllers/idv/verify_info_controller.rb index 283fd647efc..d6e6c5d9a84 100644 --- a/app/controllers/idv/verify_info_controller.rb +++ b/app/controllers/idv/verify_info_controller.rb @@ -17,8 +17,8 @@ def show @ssn = idv_session.ssn @pii = pii - Funnel::DocAuth::RegisterStep.new(current_user.id, sp_session[:issuer]). - call('verify', :view, true) + Funnel::DocAuth::RegisterStep.new(current_user.id, sp_session[:issuer]) + .call('verify', :view, true) @had_barcode_read_failure = idv_session.had_barcode_read_failure process_async_state(load_async_state) diff --git a/app/controllers/idv/welcome_controller.rb b/app/controllers/idv/welcome_controller.rb index 1008336ded2..47bc048a266 100644 --- a/app/controllers/idv/welcome_controller.rb +++ b/app/controllers/idv/welcome_controller.rb @@ -12,8 +12,8 @@ def show idv_session.proofing_started_at ||= Time.zone.now.iso8601 analytics.idv_doc_auth_welcome_visited(**analytics_arguments) - Funnel::DocAuth::RegisterStep.new(current_user.id, sp_session[:issuer]). - call('welcome', :view, true) + Funnel::DocAuth::RegisterStep.new(current_user.id, sp_session[:issuer]) + .call('welcome', :view, true) @presenter = Idv::WelcomePresenter.new(decorated_sp_session) end @@ -62,8 +62,8 @@ def create_document_capture_session def cancel_previous_in_person_enrollments return unless IdentityConfig.store.in_person_proofing_enabled - UspsInPersonProofing::EnrollmentHelper. - cancel_stale_establishing_enrollments_for_user(current_user) + UspsInPersonProofing::EnrollmentHelper + .cancel_stale_establishing_enrollments_for_user(current_user) end end end diff --git a/app/controllers/openid_connect/authorization_controller.rb b/app/controllers/openid_connect/authorization_controller.rb index f2d4f45a8b8..b6567e4b234 100644 --- a/app/controllers/openid_connect/authorization_controller.rb +++ b/app/controllers/openid_connect/authorization_controller.rb @@ -265,8 +265,8 @@ def sp_handoff_bouncer def unknown_authn_contexts return nil if params[:vtr].present? || params[:acr_values].blank? - (params[:acr_values].split - Saml::Idp::Constants::VALID_AUTHN_CONTEXTS). - join(' ').presence + (params[:acr_values].split - Saml::Idp::Constants::VALID_AUTHN_CONTEXTS) + .join(' ').presence end end end diff --git a/app/controllers/robots_controller.rb b/app/controllers/robots_controller.rb index b86f0145064..0c4ad37bd0a 100644 --- a/app/controllers/robots_controller.rb +++ b/app/controllers/robots_controller.rb @@ -18,9 +18,9 @@ def index private def allowed_paths - I18n.available_locales. - map { |locale| locale == I18n.default_locale ? nil : locale }. - flat_map do |locale| + I18n.available_locales + .map { |locale| locale == I18n.default_locale ? nil : locale } + .flat_map do |locale| ALLOWED_ROUTES.map { |route| route_for(route, only_path: true, locale:) } end end diff --git a/app/controllers/sign_up/completions_controller.rb b/app/controllers/sign_up/completions_controller.rb index 76fb9b252d4..9eb9aec9edb 100644 --- a/app/controllers/sign_up/completions_controller.rb +++ b/app/controllers/sign_up/completions_controller.rb @@ -22,8 +22,8 @@ def update update_verified_attributes send_in_person_completion_survey if user_session[:selected_email_id_for_linked_identity].nil? - user_session[:selected_email_id_for_linked_identity] = EmailContext.new(current_user). - last_sign_in_email_address.id + user_session[:selected_email_id_for_linked_identity] = EmailContext.new(current_user) + .last_sign_in_email_address.id end if decider.go_back_to_mobile_app? sign_user_out_and_instruct_to_go_back_to_mobile_app diff --git a/app/controllers/two_factor_authentication/otp_verification_controller.rb b/app/controllers/two_factor_authentication/otp_verification_controller.rb index 4c11f1908c4..73f5572b3c7 100644 --- a/app/controllers/two_factor_authentication/otp_verification_controller.rb +++ b/app/controllers/two_factor_authentication/otp_verification_controller.rb @@ -249,8 +249,8 @@ def phone_confirmed def send_phone_added_email _event, disavowal_token = create_user_event_with_disavowal(:phone_added, current_user) current_user.confirmed_email_addresses.each do |email_address| - UserMailer.with(user: current_user, email_address: email_address). - phone_added(disavowal_token: disavowal_token).deliver_now_or_later + UserMailer.with(user: current_user, email_address: email_address) + .phone_added(disavowal_token: disavowal_token).deliver_now_or_later end end diff --git a/app/controllers/two_factor_authentication/sms_opt_in_controller.rb b/app/controllers/two_factor_authentication/sms_opt_in_controller.rb index 339ff519730..99383004414 100644 --- a/app/controllers/two_factor_authentication/sms_opt_in_controller.rb +++ b/app/controllers/two_factor_authentication/sms_opt_in_controller.rb @@ -74,8 +74,8 @@ def cancel_url end def has_other_auth_methods? - two_factor_configurations. - any? { |config| config.mfa_enabled? && config != @phone_configuration } + two_factor_configurations + .any? { |config| config.mfa_enabled? && config != @phone_configuration } end def new_user? diff --git a/app/controllers/two_factor_authentication/webauthn_verification_controller.rb b/app/controllers/two_factor_authentication/webauthn_verification_controller.rb index f546783cbe4..3f0e7de2ee2 100644 --- a/app/controllers/two_factor_authentication/webauthn_verification_controller.rb +++ b/app/controllers/two_factor_authentication/webauthn_verification_controller.rb @@ -84,9 +84,9 @@ def save_challenge_in_session end def credentials - webauthn_configurations. - select { |configuration| configuration.platform_authenticator? == platform_authenticator? }. - map do |configuration| + webauthn_configurations + .select { |configuration| configuration.platform_authenticator? == platform_authenticator? } + .map do |configuration| { id: configuration.credential_id, transports: configuration.transports } end end @@ -102,8 +102,8 @@ def analytics_properties context: context, multi_factor_auth_method: auth_method, webauthn_configuration_id: form&.webauthn_configuration&.id, - multi_factor_auth_method_created_at: form&.webauthn_configuration&. - created_at&.strftime('%s%L'), + multi_factor_auth_method_created_at: form&.webauthn_configuration + &.created_at&.strftime('%s%L'), } end diff --git a/app/controllers/users/delete_controller.rb b/app/controllers/users/delete_controller.rb index c76d65b904a..5c901b2dd90 100644 --- a/app/controllers/users/delete_controller.rb +++ b/app/controllers/users/delete_controller.rb @@ -56,8 +56,8 @@ def send_push_notifications # rubocop:disable IdentityIdp/MailLaterLinter def notify_user_via_email_of_deletion current_user.confirmed_email_addresses.each do |email_address| - UserMailer.with(user: current_user, email_address: email_address). - account_delete_submitted.deliver_now + UserMailer.with(user: current_user, email_address: email_address) + .account_delete_submitted.deliver_now end end # rubocop:enable IdentityIdp/MailLaterLinter diff --git a/app/controllers/users/email_confirmations_controller.rb b/app/controllers/users/email_confirmations_controller.rb index e0f0c989fb4..a5f26574d83 100644 --- a/app/controllers/users/email_confirmations_controller.rb +++ b/app/controllers/users/email_confirmations_controller.rb @@ -55,8 +55,8 @@ def process_successful_confirmation(email_address) def confirm_and_notify(email_address) email_address.update!(confirmed_at: Time.zone.now) email_address.user.confirmed_email_addresses.each do |confirmed_email_address| - UserMailer.with(user: email_address.user, email_address: confirmed_email_address). - email_added.deliver_now_or_later + UserMailer.with(user: email_address.user, email_address: confirmed_email_address) + .email_added.deliver_now_or_later end notify_subscribers(email_address) end diff --git a/app/controllers/users/emails_controller.rb b/app/controllers/users/emails_controller.rb index 0a229b41e13..240e1b90283 100644 --- a/app/controllers/users/emails_controller.rb +++ b/app/controllers/users/emails_controller.rb @@ -139,8 +139,8 @@ def send_delete_email_notification # when run asynchronously @current_confirmed_emails.each do |confirmed_email| # rubocop:disable IdentityIdp/MailLaterLinter - UserMailer.with(user: current_user, email_address: confirmed_email). - email_deleted.deliver_now + UserMailer.with(user: current_user, email_address: confirmed_email) + .email_deleted.deliver_now # rubocop:enable IdentityIdp/MailLaterLinter end end diff --git a/app/controllers/users/reset_passwords_controller.rb b/app/controllers/users/reset_passwords_controller.rb index e609bd5b0df..863f1dba0b9 100644 --- a/app/controllers/users/reset_passwords_controller.rb +++ b/app/controllers/users/reset_passwords_controller.rb @@ -157,8 +157,8 @@ def create_reset_event_and_send_notification end def user_params - params.require(:reset_password_form). - permit(:password, :password_confirmation, :reset_password_token) + params.require(:reset_password_form) + .permit(:password, :password_confirmation, :reset_password_token) end def assert_reset_token_passed diff --git a/app/forms/add_user_email_form.rb b/app/forms/add_user_email_form.rb index b7fe652b9d8..5aa782412c3 100644 --- a/app/forms/add_user_email_form.rb +++ b/app/forms/add_user_email_form.rb @@ -52,8 +52,8 @@ def email_address_record(email) def process_successful_submission @success = true email_address.save! - SendAddEmailConfirmation.new(user). - call(email_address:, in_select_email_flow: in_select_email_flow?, request_id:) + SendAddEmailConfirmation.new(user) + .call(email_address:, in_select_email_flow: in_select_email_flow?, request_id:) end def extra_analytics_attributes diff --git a/app/forms/backup_code_verification_form.rb b/app/forms/backup_code_verification_form.rb index 6c95e530f32..479ec1bfe4b 100644 --- a/app/forms/backup_code_verification_form.rb +++ b/app/forms/backup_code_verification_form.rb @@ -53,8 +53,8 @@ def valid_backup_code? def valid_backup_code_config_created_at return @valid_backup_code_config_created_at if defined?(@valid_backup_code_config_created_at) - @valid_backup_code_config_created_at = BackupCodeGenerator.new(user). - if_valid_consume_code_return_config_created_at(backup_code) + @valid_backup_code_config_created_at = BackupCodeGenerator.new(user) + .if_valid_consume_code_return_config_created_at(backup_code) end def rate_limiter diff --git a/app/forms/gpo_verify_form.rb b/app/forms/gpo_verify_form.rb index e267595f7c8..150ae095719 100644 --- a/app/forms/gpo_verify_form.rb +++ b/app/forms/gpo_verify_form.rb @@ -76,8 +76,9 @@ def schedule_in_person_enrollment_and_deactivate_profile(is_enhanced_ipp) def which_letter return if !valid_otp? - pending_profile.gpo_confirmation_codes.sort_by(&:code_sent_at). - index(gpo_confirmation_code) + 1 + pending_profile.gpo_confirmation_codes + .sort_by(&:code_sent_at) + .index(gpo_confirmation_code) + 1 end def letter_count diff --git a/app/forms/idv/api_image_upload_form.rb b/app/forms/idv/api_image_upload_form.rb index 3372422bfc3..a0765d4e07f 100644 --- a/app/forms/idv/api_image_upload_form.rb +++ b/app/forms/idv/api_image_upload_form.rb @@ -371,9 +371,9 @@ def update_analytics(client_response:, vendor_request_time_in_ms:) vendor_request_time_in_ms: vendor_request_time_in_ms, zip_code: zip_code, issue_year: issue_year, - ).except(:classification_info). - merge(acuant_sdk_upgrade_ab_test_data). - merge(processed_selfie_attempts_data), + ).except(:classification_info) + .merge(acuant_sdk_upgrade_ab_test_data) + .merge(processed_selfie_attempts_data), ) end @@ -403,31 +403,31 @@ def acuant_sdk_autocaptured_id? end def image_metadata - @image_metadata ||= params. - permit(:front_image_metadata, :back_image_metadata, :selfie_image_metadata).to_h. - transform_values do |str| + @image_metadata ||= params + .permit(:front_image_metadata, :back_image_metadata, :selfie_image_metadata).to_h + .transform_values do |str| JSON.parse(str) rescue JSON::ParserError nil - end. - compact. - transform_keys { |key| key.gsub(/_image_metadata$/, '') }. - deep_symbolize_keys + end + .compact + .transform_keys { |key| key.gsub(/_image_metadata$/, '') } + .deep_symbolize_keys end def add_costs(response) - Db::AddDocumentVerificationAndSelfieCosts. - new(user_id: user_id, - service_provider: service_provider, - liveness_checking_enabled: liveness_checking_required). - call(response) + Db::AddDocumentVerificationAndSelfieCosts + .new(user_id: user_id, + service_provider: service_provider, + liveness_checking_enabled: liveness_checking_required) + .call(response) end def update_funnel(client_response) steps = %i[front_image back_image] steps.each do |step| - Funnel::DocAuth::RegisterStep.new(user_id, service_provider&.issuer). - call(step.to_s, :update, client_response.success?) + Funnel::DocAuth::RegisterStep.new(user_id, service_provider&.issuer) + .call(step.to_s, :update, client_response.success?) end end diff --git a/app/forms/idv/phone_form.rb b/app/forms/idv/phone_form.rb index 0b8839e8a28..3a94aade953 100644 --- a/app/forms/idv/phone_form.rb +++ b/app/forms/idv/phone_form.rb @@ -33,9 +33,9 @@ def initialize( @hybrid_handoff_phone_number = hybrid_handoff_phone_number @international_code, @phone = determine_initial_values( - **previous_params. - symbolize_keys. - slice(:international_code, :phone), + **previous_params + .symbolize_keys + .slice(:international_code, :phone), ) end diff --git a/app/forms/openid_connect_logout_form.rb b/app/forms/openid_connect_logout_form.rb index 582906342a2..061daf9019a 100644 --- a/app/forms/openid_connect_logout_form.rb +++ b/app/forms/openid_connect_logout_form.rb @@ -79,9 +79,9 @@ def reject_id_token_hint? end def load_identity - identity_from_client_id = current_user&. - identities&. - find_by(service_provider: client_id) + identity_from_client_id = current_user + &.identities + &.find_by(service_provider: client_id) if reject_id_token_hint? identity_from_client_id diff --git a/app/forms/openid_connect_token_form.rb b/app/forms/openid_connect_token_form.rb index 3ae404bc13b..3baaa626ae1 100644 --- a/app/forms/openid_connect_token_form.rb +++ b/app/forms/openid_connect_token_form.rb @@ -73,8 +73,9 @@ def url_options def find_identity_with_code return if code.blank? || code.include?("\x00") - @identity = ServiceProviderIdentity.where(session_uuid: code). - order(updated_at: :desc).first + @identity = ServiceProviderIdentity + .where(session_uuid: code) + .order(updated_at: :desc).first end def pkce? diff --git a/app/forms/phone_recaptcha_form.rb b/app/forms/phone_recaptcha_form.rb index 58c7206b8ab..61ef0bc8945 100644 --- a/app/forms/phone_recaptcha_form.rb +++ b/app/forms/phone_recaptcha_form.rb @@ -35,9 +35,9 @@ def form end def score_threshold_country_override - parsed_phone.valid_countries. - map { |country| self.class.country_score_overrides[country.to_sym] }. - compact. - min + parsed_phone.valid_countries + .map { |country| self.class.country_score_overrides[country.to_sym] } + .compact + .min end end diff --git a/app/forms/register_user_email_form.rb b/app/forms/register_user_email_form.rb index 07afaf21bc2..947949e2147 100644 --- a/app/forms/register_user_email_form.rb +++ b/app/forms/register_user_email_form.rb @@ -169,8 +169,8 @@ def send_sign_up_confirmed_email limiter_type: :reg_confirmed_email, ) else - UserMailer.with(user: existing_user, email_address: email_address_record). - signup_with_your_email(request_id: request_id).deliver_now_or_later + UserMailer.with(user: existing_user, email_address: email_address_record) + .signup_with_your_email(request_id: request_id).deliver_now_or_later end end @@ -204,7 +204,7 @@ def email_request_id(request_id) def blocked_email_address return @blocked_email_address if defined?(@blocked_email_address) - @blocked_email_address = SuspendedEmail.find_with_email_digest(digested_base_email)&. - email_address + @blocked_email_address = SuspendedEmail.find_with_email_digest(digested_base_email) + &.email_address end end diff --git a/app/forms/webauthn_setup_form.rb b/app/forms/webauthn_setup_form.rb index 9c593c9aaaf..727e6f60c39 100644 --- a/app/forms/webauthn_setup_form.rb +++ b/app/forms/webauthn_setup_form.rb @@ -82,10 +82,10 @@ def consume_parameters(params) def name_is_unique return unless WebauthnConfiguration.exists?(user_id: @user.id, name: @name) if @platform_authenticator - num_existing_devices = WebauthnConfiguration. - where(user_id: @user.id). - where('name LIKE ?', "#{@name}%"). - count + num_existing_devices = WebauthnConfiguration + .where(user_id: @user.id) + .where('name LIKE ?', "#{@name}%") + .count @name = "#{@name} (#{num_existing_devices})" else name_error = if platform_authenticator? diff --git a/app/jobs/data_warehouse/daily_sensitive_column_job.rb b/app/jobs/data_warehouse/daily_sensitive_column_job.rb index 068676e3581..e483e3bb35a 100644 --- a/app/jobs/data_warehouse/daily_sensitive_column_job.rb +++ b/app/jobs/data_warehouse/daily_sensitive_column_job.rb @@ -17,9 +17,9 @@ def fetch_columns insensitive_hash = [] tables.each do |table| - true_sensitives, false_sensitives = ActiveRecord::Base.connection.columns(table). - reject { |col| col.name == 'id' }. - partition do |column| + true_sensitives, false_sensitives = ActiveRecord::Base.connection.columns(table) + .reject { |col| col.name == 'id' } + .partition do |column| column.comment&.match?(/sensitive=true/i) end insensitive_hash.concat(generate_column_data(false_sensitives, table)) diff --git a/app/jobs/get_usps_proofing_results_job.rb b/app/jobs/get_usps_proofing_results_job.rb index e529c76b334..78ad7a08c5b 100644 --- a/app/jobs/get_usps_proofing_results_job.rb +++ b/app/jobs/get_usps_proofing_results_job.rb @@ -62,8 +62,8 @@ def perform(_now) attr_accessor :enrollment_outcomes DEFAULT_EMAIL_DELAY_IN_HOURS = 1 - REQUEST_DELAY_IN_SECONDS = (IdentityConfig.store. - get_usps_proofing_results_job_request_delay_milliseconds / MILLISECONDS_PER_SECOND).freeze + REQUEST_DELAY_IN_SECONDS = (IdentityConfig.store + .get_usps_proofing_results_job_request_delay_milliseconds / MILLISECONDS_PER_SECOND).freeze def proofer @proofer ||= UspsInPersonProofing::EnrollmentHelper.usps_proofer @@ -291,8 +291,8 @@ def handle_unsupported_id_type(enrollment, response) def handle_incomplete_status_update(enrollment, response_message) enrollment_outcomes[:enrollments_in_progress] += 1 - analytics(user: enrollment.user). - idv_in_person_usps_proofing_results_job_enrollment_incomplete( + analytics(user: enrollment.user) + .idv_in_person_usps_proofing_results_job_enrollment_incomplete( **enrollment_analytics_attributes(enrollment, complete: false), response_message: response_message, job_name: self.class.name, @@ -328,16 +328,16 @@ def handle_expired_status_update(enrollment, response, response_message) end rescue StandardError => err NewRelic::Agent.notice_error(err) - analytics(user: enrollment.user). - idv_in_person_usps_proofing_results_job_deadline_passed_email_exception( + analytics(user: enrollment.user) + .idv_in_person_usps_proofing_results_job_deadline_passed_email_exception( enrollment_id: enrollment.id, exception_class: err.class.to_s, exception_message: err.message, job_name: self.class.name, ) else - analytics(user: enrollment.user). - idv_in_person_usps_proofing_results_job_deadline_passed_email_initiated( + analytics(user: enrollment.user) + .idv_in_person_usps_proofing_results_job_deadline_passed_email_initiated( **email_analytics_attributes(enrollment), enrollment_id: enrollment.id, job_name: self.class.name, @@ -384,8 +384,8 @@ def handle_invalid_applicant_unique_id(enrollment, response, response_message) def handle_fraud_review_pending(enrollment) enrollment.profile.deactivate_for_fraud_review - analytics(user: enrollment.user). - idv_in_person_usps_proofing_results_job_user_sent_to_fraud_review( + analytics(user: enrollment.user) + .idv_in_person_usps_proofing_results_job_user_sent_to_fraud_review( **enrollment_analytics_attributes(enrollment, complete: true), ) end @@ -394,8 +394,8 @@ def handle_unexpected_response(enrollment, response_message, reason:, cancel: tr if cancel cancel_enrollment(enrollment) end - analytics(user: enrollment.user). - idv_in_person_usps_proofing_results_job_unexpected_response( + analytics(user: enrollment.user) + .idv_in_person_usps_proofing_results_job_unexpected_response( **enrollment_analytics_attributes(enrollment, complete: cancel), response_message: response_message, reason: reason, @@ -488,8 +488,8 @@ def handle_passed_with_fraud_review_pending(enrollment, response) # send email send_please_call_email(enrollment:, visited_location_name: response['proofingPostOffice']) - analytics(user: enrollment.user). - idv_in_person_usps_proofing_results_job_please_call_email_initiated( + analytics(user: enrollment.user) + .idv_in_person_usps_proofing_results_job_please_call_email_initiated( **email_analytics_attributes(enrollment), job_name: self.class.name, ) @@ -576,9 +576,11 @@ def send_verified_email(enrollment:, visited_location_name:) def send_deadline_passed_email(enrollment:, visited_location_name:) # rubocop:disable IdentityIdp/MailLaterLinter enrollment.user.confirmed_email_addresses.each do |email_address| - UserMailer.with(user: enrollment.user, email_address: email_address). - in_person_deadline_passed(enrollment: enrollment, - visited_location_name: visited_location_name).deliver_later + UserMailer + .with(user: enrollment.user, email_address: email_address) + .in_person_deadline_passed(enrollment: enrollment, + visited_location_name: visited_location_name) + .deliver_later # rubocop:enable IdentityIdp/MailLaterLinter end end diff --git a/app/jobs/gpo_expiration_job.rb b/app/jobs/gpo_expiration_job.rb index 201a1c69c1e..073e900480d 100644 --- a/app/jobs/gpo_expiration_job.rb +++ b/app/jobs/gpo_expiration_job.rb @@ -30,11 +30,11 @@ def perform( end def gpo_profiles_that_should_be_expired(as_of:, min_profile_age: nil) - Profile. - and(are_pending_gpo_verification). - and(user_cant_request_more_letters(as_of: as_of)). - and(most_recent_code_has_expired(as_of: as_of)). - and(are_old_enough(as_of: as_of, min_profile_age: min_profile_age)) + Profile + .and(are_pending_gpo_verification) + .and(user_cant_request_more_letters(as_of: as_of)) + .and(most_recent_code_has_expired(as_of: as_of)) + .and(are_old_enough(as_of: as_of, min_profile_age: min_profile_age)) end private @@ -84,10 +84,10 @@ def most_recent_code_has_expired(as_of:) max_code_sent_at = as_of - IdentityConfig.store.usps_confirmation_max_days.days Profile.where( - id: GpoConfirmationCode. - select(:profile_id). - group(:profile_id). - having('max(code_sent_at) < ?', max_code_sent_at), + id: GpoConfirmationCode + .select(:profile_id) + .group(:profile_id) + .having('max(code_sent_at) < ?', max_code_sent_at), ) end diff --git a/app/jobs/gpo_reminder_job.rb b/app/jobs/gpo_reminder_job.rb index a30b2099237..44767dbf831 100644 --- a/app/jobs/gpo_reminder_job.rb +++ b/app/jobs/gpo_reminder_job.rb @@ -6,7 +6,7 @@ class GpoReminderJob < ApplicationJob # Send email reminders to people with USPS proofing letters whose # letters were sent a while ago, and haven't yet entered their code def perform(cutoff_time_for_sending_reminders) - GpoReminderSender.new. - send_emails(cutoff_time_for_sending_reminders) + GpoReminderSender.new + .send_emails(cutoff_time_for_sending_reminders) end end diff --git a/app/jobs/in_person/enrollments_ready_for_status_check/enrollment_pipeline.rb b/app/jobs/in_person/enrollments_ready_for_status_check/enrollment_pipeline.rb index fb2f8a0d060..da2dfe8d330 100644 --- a/app/jobs/in_person/enrollments_ready_for_status_check/enrollment_pipeline.rb +++ b/app/jobs/in_person/enrollments_ready_for_status_check/enrollment_pipeline.rb @@ -67,8 +67,8 @@ def process_message(sqs_message) error_extra[:ses_mail_source] = ses_message.dig(:mail, :source) # https://datatracker.ietf.org/doc/html/rfc5322#section-3.6.1 - error_extra[:ses_rfc_origination_date] = ses_message. - dig(:mail, :commonHeaders, :date)&.then do |date| + error_extra[:ses_rfc_origination_date] = ses_message + .dig(:mail, :commonHeaders, :date)&.then do |date| DateTime.parse(date).to_s end # https://datatracker.ietf.org/doc/html/rfc5322#section-3.6.4 @@ -119,11 +119,11 @@ def process_message(sqs_message) error_extra[:enrollment_code] = enrollment_code # Look up existing enrollment - id, user_id, ready_for_status_check = InPersonEnrollment. - where(enrollment_code:, status: :pending). - order(created_at: :desc). - limit(1). - pick( + id, user_id, ready_for_status_check = InPersonEnrollment + .where(enrollment_code:, status: :pending) + .order(created_at: :desc) + .limit(1) + .pick( :id, :user_id, :ready_for_status_check ) diff --git a/app/jobs/in_person/send_proofing_notification_job.rb b/app/jobs/in_person/send_proofing_notification_job.rb index b5db32eadcf..ea8b4d47aa9 100644 --- a/app/jobs/in_person/send_proofing_notification_job.rb +++ b/app/jobs/in_person/send_proofing_notification_job.rb @@ -15,16 +15,16 @@ def perform(enrollment_id) ) if enrollment.nil? || !enrollment.eligible_for_notification? - analytics(user: enrollment&.user || AnonymousUser.new). - idv_in_person_send_proofing_notification_job_skipped( + analytics(user: enrollment&.user || AnonymousUser.new) + .idv_in_person_send_proofing_notification_job_skipped( enrollment_code: enrollment&.enrollment_code, enrollment_id: enrollment_id, ) return end - analytics(user: enrollment.user). - idv_in_person_send_proofing_notification_job_started( + analytics(user: enrollment.user) + .idv_in_person_send_proofing_notification_job_started( enrollment_code: enrollment.enrollment_code, enrollment_id: enrollment.id, ) @@ -42,8 +42,8 @@ def perform(enrollment_id) log_job_completed(enrollment: enrollment) rescue StandardError => err - analytics(user: enrollment&.user || AnonymousUser.new). - idv_in_person_send_proofing_notification_job_exception( + analytics(user: enrollment&.user || AnonymousUser.new) + .idv_in_person_send_proofing_notification_job_exception( enrollment_code: enrollment&.enrollment_code, enrollment_id: enrollment_id, exception_class: err.class.to_s, @@ -58,15 +58,15 @@ def formatter end def log_job_completed(enrollment:) - analytics(user: enrollment.user). - idv_in_person_send_proofing_notification_job_completed( + analytics(user: enrollment.user) + .idv_in_person_send_proofing_notification_job_completed( enrollment_code: enrollment.enrollment_code, enrollment_id: enrollment.id, ) end def handle_telephony_response(enrollment:, phone:, telephony_response:) - analytics(user: enrollment.user). - idv_in_person_send_proofing_notification_attempted( + analytics(user: enrollment.user) + .idv_in_person_send_proofing_notification_attempted( success: telephony_response.success?, enrollment_code: enrollment.enrollment_code, enrollment_id: enrollment.id, diff --git a/app/jobs/reports/combined_invoice_supplement_report_v2.rb b/app/jobs/reports/combined_invoice_supplement_report_v2.rb index 6de8bb3fa4b..254f165bdcd 100644 --- a/app/jobs/reports/combined_invoice_supplement_report_v2.rb +++ b/app/jobs/reports/combined_invoice_supplement_report_v2.rb @@ -75,11 +75,11 @@ def combine_by_iaa_month( [result[:key], result[:year_month]] end - by_issuer_iaa_issuer_year_months = by_issuer_results. - group_by { |r| r[:iaa] }. - transform_values do |iaa| - iaa.group_by { |r| r[:issuer] }. - transform_values { |issuer| issuer.group_by { |r| r[:year_month] } } + by_issuer_iaa_issuer_year_months = by_issuer_results + .group_by { |r| r[:iaa] } + .transform_values do |iaa| + iaa.group_by { |r| r[:issuer] } + .transform_values { |issuer| issuer.group_by { |r| r[:year_month] } } end # rubocop:disable Metrics/BlockLength diff --git a/app/jobs/reports/daily_auths_report.rb b/app/jobs/reports/daily_auths_report.rb index b8ab5c6f334..f311e14d43c 100644 --- a/app/jobs/reports/daily_auths_report.rb +++ b/app/jobs/reports/daily_auths_report.rb @@ -15,8 +15,8 @@ def perform(report_date) [ bucket_name, # default reporting bucket IdentityConfig.store.s3_public_reports_enabled && public_bucket_name, - ].select(&:present?). - each do |bucket_name| + ].select(&:present?) + .each do |bucket_name| upload_file_to_s3_bucket( path: path, body: body, diff --git a/app/jobs/reports/daily_dropoffs_report.rb b/app/jobs/reports/daily_dropoffs_report.rb index 01807089f73..230c1864fb0 100644 --- a/app/jobs/reports/daily_dropoffs_report.rb +++ b/app/jobs/reports/daily_dropoffs_report.rb @@ -32,8 +32,8 @@ def perform(report_date) [ bucket_name, # default reporting bucket IdentityConfig.store.s3_public_reports_enabled && public_bucket_name, - ].select(&:present?). - each do |bucket_name| + ].select(&:present?) + .each do |bucket_name| upload_file_to_s3_bucket( path: path, body: body, diff --git a/app/jobs/reports/daily_registrations_report.rb b/app/jobs/reports/daily_registrations_report.rb index 9ed3fd62ac6..0298527c730 100644 --- a/app/jobs/reports/daily_registrations_report.rb +++ b/app/jobs/reports/daily_registrations_report.rb @@ -17,8 +17,8 @@ def perform(report_date) [ bucket_name, # default reporting bucket IdentityConfig.store.s3_public_reports_enabled && public_bucket_name, - ].select(&:present?). - each do |bucket_name| + ].select(&:present?) + .each do |bucket_name| upload_file_to_s3_bucket( path: path, body: body, @@ -33,9 +33,9 @@ def finish end def report_body - results = [*total_users, *fully_registered_users, *deleted_users]. - group_by { |row| row['date'] }. - map do |date, rows| + results = [*total_users, *fully_registered_users, *deleted_users] + .group_by { |row| row['date'] } + .map do |date, rows| { date: date, total_users: rows.map { |r| r['total_users'] }.compact.first || 0, diff --git a/app/jobs/reports/duplicate_ssn_report.rb b/app/jobs/reports/duplicate_ssn_report.rb index bbb1da3be1b..c7272c56bbc 100644 --- a/app/jobs/reports/duplicate_ssn_report.rb +++ b/app/jobs/reports/duplicate_ssn_report.rb @@ -28,10 +28,10 @@ def finish def report_body todays_profiles = transaction_with_timeout do # note, this will table scan until we add an index, for a once-a-day job it may be ok - Profile. - select(:id, :ssn_signature). - where(active: true, activated_at: start..finish). - to_a + Profile + .select(:id, :ssn_signature) + .where(active: true, activated_at: start..finish) + .to_a end todays_profile_ids = todays_profiles.map(&:id).to_set @@ -39,21 +39,21 @@ def report_body ssn_signatures = todays_profiles.map(&:ssn_signature).uniq profiles_connected_by_ssn = ssn_signatures.each_slice(1000).flat_map do |ssn_signature_slice| - Profile. - includes(:user). - where(ssn_signature: ssn_signature_slice). - to_a + Profile + .includes(:user) + .where(ssn_signature: ssn_signature_slice) + .to_a end profiles_connected_by_ssn.sort_by!(&:id).reverse! - count_by_ssn = profiles_connected_by_ssn. - group_by(&:ssn_signature). - transform_values(&:count) - count_by_ssn_active = profiles_connected_by_ssn. - select(&:active?). - group_by(&:ssn_signature). - transform_values(&:count) + count_by_ssn = profiles_connected_by_ssn + .group_by(&:ssn_signature) + .transform_values(&:count) + count_by_ssn_active = profiles_connected_by_ssn + .select(&:active?) + .group_by(&:ssn_signature) + .transform_values(&:count) CSV.generate do |csv| csv << %w[ diff --git a/app/models/backup_code_configuration.rb b/app/models/backup_code_configuration.rb index 4a744e885d2..f0f40a1a995 100644 --- a/app/models/backup_code_configuration.rb +++ b/app/models/backup_code_configuration.rb @@ -41,11 +41,11 @@ def find_with_code(code:, user_id:) end def salted_fingerprints(code:, user_id:) - user_salt_costs = select(:code_salt, :code_cost). - distinct. - where(user_id: user_id). - where.not(code_salt: nil).where.not(code_cost: nil). - pluck(:code_salt, :code_cost) + user_salt_costs = select(:code_salt, :code_cost) + .distinct + .where(user_id: user_id) + .where.not(code_salt: nil).where.not(code_cost: nil) + .pluck(:code_salt, :code_cost) user_salt_costs.map do |salt, cost| scrypt_password_digest(password: code, salt: salt, cost: cost) diff --git a/app/models/gpo_confirmation.rb b/app/models/gpo_confirmation.rb index 6d69cbca090..93805fdecda 100644 --- a/app/models/gpo_confirmation.rb +++ b/app/models/gpo_confirmation.rb @@ -20,12 +20,12 @@ class GpoConfirmation < ApplicationRecord def entry=(entry_hash) @entry = nil self[:entry] = encryptor.encrypt( - entry_hash. - dup. - tap do |h| + entry_hash + .dup + .tap do |h| h[:zipcode] = self.class.normalize_zipcode(h[:zipcode]) if h[:zipcode].present? - end. - to_json, + end + .to_json, ) end diff --git a/app/models/in_person_enrollment.rb b/app/models/in_person_enrollment.rb index 2b719acf9ea..395a7598f92 100644 --- a/app/models/in_person_enrollment.rb +++ b/app/models/in_person_enrollment.rb @@ -52,19 +52,19 @@ def needs_late_email_reminder(early_benchmark, late_benchmark) # Find enrollments that need a status check via the USPS API def needs_usps_status_check(check_interval) - where(status: :pending). - and( - where(last_batch_claimed_at: check_interval). - or(where(last_batch_claimed_at: nil)), + where(status: :pending) + .and( + where(last_batch_claimed_at: check_interval) + .or(where(last_batch_claimed_at: nil)), ) end def needs_usps_status_check_batch(batch_at) - where(status: :pending). - and( + where(status: :pending) + .and( where(last_batch_claimed_at: batch_at), - ). - order(status_check_attempted_at: :asc) + ) + .order(status_check_attempted_at: :asc) end # Find enrollments that are ready for a status check via the USPS API @@ -85,11 +85,11 @@ def generate_unique_id private def pending_and_established_between(early_benchmark, late_benchmark) - where(status: :pending). - and( + where(status: :pending) + .and( where(enrollment_established_at: late_benchmark...(early_benchmark.end_of_day)), - ). - order(enrollment_established_at: :asc) + ) + .order(enrollment_established_at: :asc) end end # end class methods diff --git a/app/models/phone_configuration.rb b/app/models/phone_configuration.rb index 7320b24b951..97766c6b3de 100644 --- a/app/models/phone_configuration.rb +++ b/app/models/phone_configuration.rb @@ -22,13 +22,13 @@ def selection_presenters options = [] if capabilities.supports_sms? - options << TwoFactorAuthentication::SignInPhoneSelectionPresenter. - new(user:, configuration: self, delivery_method: :sms) + options << TwoFactorAuthentication::SignInPhoneSelectionPresenter + .new(user:, configuration: self, delivery_method: :sms) end if capabilities.supports_voice? - options << TwoFactorAuthentication::SignInPhoneSelectionPresenter. - new(user:, configuration: self, delivery_method: :voice) + options << TwoFactorAuthentication::SignInPhoneSelectionPresenter + .new(user:, configuration: self, delivery_method: :voice) end options diff --git a/app/models/service_provider.rb b/app/models/service_provider.rb index 8146db65b21..ff1d631d755 100644 --- a/app/models/service_provider.rb +++ b/app/models/service_provider.rb @@ -35,9 +35,9 @@ class ServiceProvider < ApplicationRecord scope( :with_push_notification_urls, -> { - where.not(push_notification_url: nil). - where.not(push_notification_url: ''). - where(active: true) + where.not(push_notification_url: nil) + .where.not(push_notification_url: '') + .where(active: true) }, ) diff --git a/app/models/user.rb b/app/models/user.rb index 88c89cc9daf..c75b7fc2ef2 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -257,19 +257,19 @@ def default_phone_configuration # @return [Boolean] Whether the user should receive a survey for completing in-person proofing def should_receive_in_person_completion_survey?(issuer) Idv::InPersonConfig.enabled_for_issuer?(issuer) && - in_person_enrollments. - where(issuer: issuer, status: :passed).order(created_at: :desc). - pick(:follow_up_survey_sent) == false + in_person_enrollments + .where(issuer: issuer, status: :passed).order(created_at: :desc) + .pick(:follow_up_survey_sent) == false end ## # Record that the in-person proofing survey was sent # @param [String] issuer def mark_in_person_completion_survey_sent(issuer) - enrollment_id, follow_up_survey_sent = in_person_enrollments. - where(issuer: issuer, status: :passed). - order(created_at: :desc). - pick(:id, :follow_up_survey_sent) + enrollment_id, follow_up_survey_sent = in_person_enrollments + .where(issuer: issuer, status: :passed) + .order(created_at: :desc) + .pick(:id, :follow_up_survey_sent) if follow_up_survey_sent == false # Enrollment record is present and survey was not previously sent @@ -407,8 +407,8 @@ def no_longer_locked_out? end def recent_events - events = Event.where(user_id: id).order('created_at DESC').limit(MAX_RECENT_EVENTS). - map(&:decorate) + events = Event.where(user_id: id).order('created_at DESC').limit(MAX_RECENT_EVENTS) + .map(&:decorate) (events + identity_events).sort_by(&:happened_at).reverse end @@ -417,8 +417,8 @@ def identity_events end def recent_devices - @recent_devices ||= devices.order(last_used_at: :desc).limit(MAX_RECENT_DEVICES). - map(&:decorate) + @recent_devices ||= devices.order(last_used_at: :desc).limit(MAX_RECENT_DEVICES) + .map(&:decorate) end def has_devices? @@ -441,12 +441,15 @@ def authenticated_device?(cookie_uuid:) # # @param [ActiveSupport::TimeWithZone] since Time window to query user's events def sign_in_count(since:) - events.where(event_type: :sign_in_before_2fa).where(created_at: since..).count + events + .where(event_type: :sign_in_before_2fa).where(created_at: since..) + .count end def second_last_signed_in_at - events.where(event_type: 'sign_in_after_2fa'). - order(created_at: :desc).limit(2).pluck(:created_at).second + events + .where(event_type: 'sign_in_after_2fa') + .order(created_at: :desc).limit(2).pluck(:created_at).second end def connected_apps @@ -508,8 +511,8 @@ def send_email_to_all_addresses(user_mailer_template) UserMailer.with( user: self, email_address: email_address, - ).send(user_mailer_template). - deliver_now_or_later + ).send(user_mailer_template) + .deliver_now_or_later end end diff --git a/app/models/webauthn_configuration.rb b/app/models/webauthn_configuration.rb index cf57bac4d54..5973745835f 100644 --- a/app/models/webauthn_configuration.rb +++ b/app/models/webauthn_configuration.rb @@ -31,8 +31,8 @@ def mfa_enabled? def selection_presenters if platform_authenticator? - [TwoFactorAuthentication::SignInWebauthnPlatformSelectionPresenter. - new(user:, configuration: self)] + [TwoFactorAuthentication::SignInWebauthnPlatformSelectionPresenter + .new(user:, configuration: self)] else [TwoFactorAuthentication::SignInWebauthnSelectionPresenter.new(user:, configuration: self)] end diff --git a/app/policies/idv/gpo_verify_by_mail_policy.rb b/app/policies/idv/gpo_verify_by_mail_policy.rb index 31748e409d2..703f7f8c1f8 100644 --- a/app/policies/idv/gpo_verify_by_mail_policy.rb +++ b/app/policies/idv/gpo_verify_by_mail_policy.rb @@ -29,8 +29,8 @@ def rate_limited? def profile_too_old? return false if !user.pending_profile - min_creation_date = IdentityConfig.store. - gpo_max_profile_age_to_send_letter_in_days.days.ago + min_creation_date = IdentityConfig.store + .gpo_max_profile_age_to_send_letter_in_days.days.ago user.pending_profile.created_at < min_creation_date end diff --git a/app/presenters/idv/by_mail/letter_enqueued_presenter.rb b/app/presenters/idv/by_mail/letter_enqueued_presenter.rb index fc1592e56cc..d0706951117 100644 --- a/app/presenters/idv/by_mail/letter_enqueued_presenter.rb +++ b/app/presenters/idv/by_mail/letter_enqueued_presenter.rb @@ -57,8 +57,8 @@ def pii_from_session_applicant end def pii_from_gpo_pending_profile - Pii::Cacher.new(current_user, user_session). - fetch(current_user&.gpo_verification_pending_profile&.id) + Pii::Cacher.new(current_user, user_session) + .fetch(current_user&.gpo_verification_pending_profile&.id) end end end diff --git a/app/presenters/two_factor_auth_code/generic_delivery_presenter.rb b/app/presenters/two_factor_auth_code/generic_delivery_presenter.rb index 60217a50c28..5bd7a3c8acb 100644 --- a/app/presenters/two_factor_auth_code/generic_delivery_presenter.rb +++ b/app/presenters/two_factor_auth_code/generic_delivery_presenter.rb @@ -31,8 +31,8 @@ def troubleshooting_options end def choose_another_method_troubleshooting_option - BlockLinkComponent.new(url: login_two_factor_options_path). - with_content(t('two_factor_authentication.login_options_link_text')) + BlockLinkComponent.new(url: login_two_factor_options_path) + .with_content(t('two_factor_authentication.login_options_link_text')) end def learn_more_about_authentication_options_troubleshooting_option diff --git a/app/presenters/two_factor_options_presenter.rb b/app/presenters/two_factor_options_presenter.rb index 1dc080b59e4..10853275358 100644 --- a/app/presenters/two_factor_options_presenter.rb +++ b/app/presenters/two_factor_options_presenter.rb @@ -52,9 +52,9 @@ def all_options_sorted user_agent:, desktop_ft_ab_test:, ) - end. - partition(&:recommended?). - flatten + end + .partition(&:recommended?) + .flatten end def icon diff --git a/app/services/account_reset/cancel.rb b/app/services/account_reset/cancel.rb index 7e8d0f5649f..66e6e650f6a 100644 --- a/app/services/account_reset/cancel.rb +++ b/app/services/account_reset/cancel.rb @@ -27,8 +27,8 @@ def call def notify_user_via_email_of_account_reset_cancellation user.confirmed_email_addresses.each do |email_address| - UserMailer.with(user: user, email_address: email_address).account_reset_cancel. - deliver_now_or_later + UserMailer.with(user: user, email_address: email_address).account_reset_cancel + .deliver_now_or_later end end diff --git a/app/services/account_reset/create_request.rb b/app/services/account_reset/create_request.rb index f1a22b61e8f..33d6ec9689d 100644 --- a/app/services/account_reset/create_request.rb +++ b/app/services/account_reset/create_request.rb @@ -40,8 +40,8 @@ def create_request def notify_user_by_email(request) user.confirmed_email_addresses.each do |email_address| - UserMailer.with(user: user, email_address: email_address).account_reset_request(request). - deliver_now_or_later + UserMailer.with(user: user, email_address: email_address).account_reset_request(request) + .deliver_now_or_later end end diff --git a/app/services/account_reset/delete_account.rb b/app/services/account_reset/delete_account.rb index ee0403c490c..55fee8c5182 100644 --- a/app/services/account_reset/delete_account.rb +++ b/app/services/account_reset/delete_account.rb @@ -60,8 +60,8 @@ def send_push_notifications # rubocop:disable IdentityIdp/MailLaterLinter def notify_user_via_email_of_deletion user.confirmed_email_addresses.each do |email_address| - UserMailer.with(user: user, email_address: email_address). - account_reset_complete.deliver_now + UserMailer.with(user: user, email_address: email_address) + .account_reset_complete.deliver_now end end # rubocop:enable IdentityIdp/MailLaterLinter diff --git a/app/services/account_reset/grant_requests_and_send_emails.rb b/app/services/account_reset/grant_requests_and_send_emails.rb index 74687d5404d..ad148f93276 100644 --- a/app/services/account_reset/grant_requests_and_send_emails.rb +++ b/app/services/account_reset/grant_requests_and_send_emails.rb @@ -45,8 +45,8 @@ def grant_request_and_send_email(arr) arr = arr.reload user.confirmed_email_addresses.each do |email_address| - UserMailer.with(user: user, email_address: email_address). - account_reset_granted(arr).deliver_now_or_later + UserMailer.with(user: user, email_address: email_address) + .account_reset_granted(arr).deliver_now_or_later end true end diff --git a/app/services/account_reset/pending_request_for_user.rb b/app/services/account_reset/pending_request_for_user.rb index 0760767918a..52919c5f69c 100644 --- a/app/services/account_reset/pending_request_for_user.rb +++ b/app/services/account_reset/pending_request_for_user.rb @@ -45,8 +45,8 @@ def notify_user! def notify_user_via_email_of_account_reset_cancellation user.confirmed_email_addresses.each do |email_address| - UserMailer.with(user: user, email_address: email_address).account_reset_cancel. - deliver_now_or_later + UserMailer.with(user: user, email_address: email_address).account_reset_cancel + .deliver_now_or_later end end diff --git a/app/services/auth_methods_session.rb b/app/services/auth_methods_session.rb index 7f1db175d35..8ce5b0f75d5 100644 --- a/app/services/auth_methods_session.rb +++ b/app/services/auth_methods_session.rb @@ -11,9 +11,9 @@ def initialize(user_session:) def authenticate!(auth_method) user_session[TwoFactorAuthenticatable::NEED_AUTHENTICATION] = false - user_session[:auth_events] = auth_events. - push({ auth_method:, at: Time.zone.now }). - last(MAX_AUTH_EVENTS) + user_session[:auth_events] = auth_events + .push({ auth_method:, at: Time.zone.now }) + .last(MAX_AUTH_EVENTS) end def auth_events diff --git a/app/services/calendar_service.rb b/app/services/calendar_service.rb index 9bc036aef86..38c26d8a28b 100644 --- a/app/services/calendar_service.rb +++ b/app/services/calendar_service.rb @@ -72,10 +72,10 @@ def holidays end def observed_holidays - holidays. - concat([next_new_years]). - map(&method(:observed)). - select { |oh| oh.year == year } + holidays + .concat([next_new_years]) + .map(&method(:observed)) + .select { |oh| oh.year == year } end # January 1st @@ -85,23 +85,23 @@ def new_years # 3rd Monday of January def mlk - Date.new(year, 1, 1). - step(Date.new(year, 2, 1)). - select(&:monday?)[2] + Date.new(year, 1, 1) + .step(Date.new(year, 2, 1)) + .select(&:monday?)[2] end # 3rd Monday of February def washington - Date.new(year, 2, 1). - step(Date.new(year, 3, 1)). - select(&:monday?)[2] + Date.new(year, 2, 1) + .step(Date.new(year, 3, 1)) + .select(&:monday?)[2] end # Last Monday of May def memorial - Date.new(year, 6, 1). - step(Date.new(year, 5, 1), -1). - find(&:monday?) + Date.new(year, 6, 1) + .step(Date.new(year, 5, 1), -1) + .find(&:monday?) end # June 19th @@ -116,16 +116,16 @@ def independence # First Monday of September def labor - Date.new(year, 9, 1). - step(Date.new(year, 10, 1)). - find(&:monday?) + Date.new(year, 9, 1) + .step(Date.new(year, 10, 1)) + .find(&:monday?) end # Second Monday of October def columbus - Date.new(year, 10, 1). - step(Date.new(year, 11, 1)). - select(&:monday?).second + Date.new(year, 10, 1) + .step(Date.new(year, 11, 1)) + .select(&:monday?).second end # November 11th @@ -135,9 +135,9 @@ def veterans # 4th Thursday of November def thanksgiving - Date.new(year, 11, 1). - step(Date.new(year, 12, 1)). - select(&:thursday?)[3] + Date.new(year, 11, 1) + .step(Date.new(year, 12, 1)) + .select(&:thursday?)[3] end # December 25th diff --git a/app/services/create_new_device_alert.rb b/app/services/create_new_device_alert.rb index cdbb443ba63..3881f8a7f96 100644 --- a/app/services/create_new_device_alert.rb +++ b/app/services/create_new_device_alert.rb @@ -31,8 +31,8 @@ def sql_query_for_users_with_new_device end def expire_sign_in_notification_timeframe_and_send_alert(user) - disavowal_event, disavowal_token = UserEventCreator.new(current_user: user). - create_out_of_band_user_event_with_disavowal(:sign_in_notification_timeframe_expired) + disavowal_event, disavowal_token = UserEventCreator.new(current_user: user) + .create_out_of_band_user_event_with_disavowal(:sign_in_notification_timeframe_expired) UserAlerts::AlertUserAboutNewDevice.send_alert(user:, disavowal_event:, disavowal_token:) end diff --git a/app/services/doc_auth/mock/result_response.rb b/app/services/doc_auth/mock/result_response.rb index 36391ed1200..59c1fcb8e6f 100644 --- a/app/services/doc_auth/mock/result_response.rb +++ b/app/services/doc_auth/mock/result_response.rb @@ -156,9 +156,9 @@ def doc_auth_result_from_uploaded_file end def portrait_match_results - parsed_data_from_uploaded_file.dig('portrait_match_results')&. - transform_keys! { |key| key.to_s.camelize }&. - deep_symbolize_keys + parsed_data_from_uploaded_file.dig('portrait_match_results') + &.transform_keys! { |key| key.to_s.camelize } + &.deep_symbolize_keys end def classification_info diff --git a/app/services/doc_auth/processed_alert_to_log_alert_formatter.rb b/app/services/doc_auth/processed_alert_to_log_alert_formatter.rb index 817487661f7..f622d0eb096 100644 --- a/app/services/doc_auth/processed_alert_to_log_alert_formatter.rb +++ b/app/services/doc_auth/processed_alert_to_log_alert_formatter.rb @@ -7,10 +7,10 @@ def log_alerts(alerts) alerts.each do |_key, key_alerts| key_alerts.each do |alert| - alert_name_key = alert[:name]. - downcase. - parameterize(separator: '_'). - to_sym + alert_name_key = alert[:name] + .downcase + .parameterize(separator: '_') + .to_sym side = alert[:side] || 'no_side' diff --git a/app/services/doc_auth/socure/requests/docv_result_request.rb b/app/services/doc_auth/socure/requests/docv_result_request.rb index 8a3662343a6..5be48264e33 100644 --- a/app/services/doc_auth/socure/requests/docv_result_request.rb +++ b/app/services/doc_auth/socure/requests/docv_result_request.rb @@ -68,8 +68,8 @@ def metric_name def docv_transaction_token if IdentityConfig.store.socure_docv_verification_data_test_mode && - IdentityConfig.store.socure_docv_verification_data_test_mode_tokens. - include?(@docv_transaction_token_override) + IdentityConfig.store.socure_docv_verification_data_test_mode_tokens + .include?(@docv_transaction_token_override) return @docv_transaction_token_override end diff --git a/app/services/email_normalizer.rb b/app/services/email_normalizer.rb index ba66230c1ff..e5fc49bc937 100644 --- a/app/services/email_normalizer.rb +++ b/app/services/email_normalizer.rb @@ -37,8 +37,8 @@ def google_mx_record? def mx_records(domain) Resolv::DNS.open do |dns| - dns.getresources(domain, Resolv::DNS::Resource::IN::MX). - map { |r| r.exchange.to_s } + dns.getresources(domain, Resolv::DNS::Resource::IN::MX) + .map { |r| r.exchange.to_s } end end end diff --git a/app/services/flow/flow_state_machine.rb b/app/services/flow/flow_state_machine.rb index a8d35f496e3..0eab05f6c43 100644 --- a/app/services/flow/flow_state_machine.rb +++ b/app/services/flow/flow_state_machine.rb @@ -183,8 +183,8 @@ def analytics_properties flow_path: flow.flow_path, step: current_step, analytics_id: @analytics_id, - }.merge(flow.extra_analytics_properties). - merge(**opt_in_analytics_properties) + }.merge(flow.extra_analytics_properties) + .merge(**opt_in_analytics_properties) end def current_step_name diff --git a/app/services/frontend_logger.rb b/app/services/frontend_logger.rb index b64384e8819..58e7af3ae85 100644 --- a/app/services/frontend_logger.rb +++ b/app/services/frontend_logger.rb @@ -43,9 +43,9 @@ def hash_from_kwargs(hash, callable) # @param [Proc,Method] callable # @return [Array] the names of the kwargs for the callable (both optional and required) def kwargs(callable) - callable. - parameters. - map { |type, name| name if [:key, :keyreq].include?(type) }. - compact + callable + .parameters + .map { |type, name| name if [:key, :keyreq].include?(type) } + .compact end end diff --git a/app/services/gpo_reminder_sender.rb b/app/services/gpo_reminder_sender.rb index 47d49472918..8058ee01ef7 100644 --- a/app/services/gpo_reminder_sender.rb +++ b/app/services/gpo_reminder_sender.rb @@ -32,10 +32,10 @@ def profiles_due_for_reminder(for_letters_sent_before) profile_eligible_range = (IdentityConfig.store.usps_confirmation_max_days + - IdentityConfig.store.gpo_max_profile_age_to_send_letter_in_days). - days.ago..for_letters_sent_before - Profile.joins(:gpo_confirmation_codes). - where( + IdentityConfig.store.gpo_max_profile_age_to_send_letter_in_days) + .days.ago..for_letters_sent_before + Profile.joins(:gpo_confirmation_codes) + .where( gpo_verification_pending_at: profile_eligible_range, gpo_confirmation_codes: { reminder_sent_at: nil }, deactivation_reason: nil, diff --git a/app/services/iaa_reporting_helper.rb b/app/services/iaa_reporting_helper.rb index 2422c1d71df..ce96744ac2f 100644 --- a/app/services/iaa_reporting_helper.rb +++ b/app/services/iaa_reporting_helper.rb @@ -27,9 +27,9 @@ def key # @return [Array] def iaas - Agreements::IaaGtc. - includes(iaa_orders: { integration_usages: :integration }). - flat_map do |gtc| + Agreements::IaaGtc + .includes(iaa_orders: { integration_usages: :integration }) + .flat_map do |gtc| gtc.iaa_orders.flat_map do |iaa_order| issuers = iaa_order.integration_usages.map { |usage| usage.integration.issuer } @@ -47,9 +47,9 @@ def iaas end def partner_accounts - Agreements::PartnerAccount. - includes(integrations: { service_provider: {}, integration_usages: :iaa_order }). - flat_map do |partner_account| + Agreements::PartnerAccount + .includes(integrations: { service_provider: {}, integration_usages: :iaa_order }) + .flat_map do |partner_account| issuers = partner_account.integrations.map do |integration| integration.service_provider.issuer end diff --git a/app/services/id_token_builder.rb b/app/services/id_token_builder.rb index 4222a1fd590..4ce7f9c926e 100644 --- a/app/services/id_token_builder.rb +++ b/app/services/id_token_builder.rb @@ -31,10 +31,10 @@ def ttl attr_reader :code def jwt_payload - OpenidConnectUserInfoPresenter.new(identity, session_accessor: session_accessor). - user_info. - merge(id_token_claims). - merge(timestamp_claims) + OpenidConnectUserInfoPresenter.new(identity, session_accessor: session_accessor) + .user_info + .merge(id_token_claims) + .merge(timestamp_claims) end def id_token_claims diff --git a/app/services/idv/analytics_events_enhancer.rb b/app/services/idv/analytics_events_enhancer.rb index 2b713d57d8d..41c8c2994e9 100644 --- a/app/services/idv/analytics_events_enhancer.rb +++ b/app/services/idv/analytics_events_enhancer.rb @@ -160,11 +160,11 @@ def self.extra_args_for_method(method_name) private def analytics_attributes(method_name) - AnalyticsEventsEnhancer.extra_args_for_method(method_name). - index_with do |arg_name| + AnalyticsEventsEnhancer.extra_args_for_method(method_name) + .index_with do |arg_name| send(arg_name.to_s).presence - end. - compact + end + .compact end def active_profile_idv_level @@ -178,9 +178,9 @@ def pending_profile_idv_level def profile_history return if !user&.respond_to?(:profiles) - (user&.profiles || []). - sort_by { |profile| profile.created_at }. - map { |profile| ProfileLogging.new(profile) } + (user&.profiles || []) + .sort_by { |profile| profile.created_at } + .map { |profile| ProfileLogging.new(profile) } end def proofing_components diff --git a/app/services/idv/in_person/completion_survey_sender.rb b/app/services/idv/in_person/completion_survey_sender.rb index a295d6d27b0..cfff32ca610 100644 --- a/app/services/idv/in_person/completion_survey_sender.rb +++ b/app/services/idv/in_person/completion_survey_sender.rb @@ -10,8 +10,8 @@ def self.send_completion_survey(user, issuer) return unless user.should_receive_in_person_completion_survey?(issuer) user.confirmed_email_addresses.each do |email_address| - UserMailer.with(user: user, email_address: email_address).in_person_completion_survey. - deliver_now_or_later + UserMailer.with(user: user, email_address: email_address).in_person_completion_survey + .deliver_now_or_later end user.mark_in_person_completion_survey_sent(issuer) diff --git a/app/services/pii/attributes.rb b/app/services/pii/attributes.rb index 47c7dc3a9aa..7ab24e3f1bf 100644 --- a/app/services/pii/attributes.rb +++ b/app/services/pii/attributes.rb @@ -23,9 +23,9 @@ module Pii ) do def self.new_from_hash(hash) attrs = new - hash.with_indifferent_access. - slice(*members). - each { |key, val| attrs[key] = val.is_a?(String) ? val.squish : val } + hash.with_indifferent_access + .slice(*members) + .each { |key, val| attrs[key] = val.is_a?(String) ? val.squish : val } attrs end diff --git a/app/services/proofing/aamva/proofer.rb b/app/services/proofing/aamva/proofer.rb index fd7493632bc..d5481d63cb6 100644 --- a/app/services/proofing/aamva/proofer.rb +++ b/app/services/proofing/aamva/proofer.rb @@ -98,19 +98,19 @@ def parse_verification_errors(verification_response) end def requested_attributes(verification_response) - attributes = verification_response. - verification_results.filter { |_, verified| !verified.nil? }. - keys. - to_set + attributes = verification_response + .verification_results.filter { |_, verified| !verified.nil? } + .keys + .to_set normalize_address_attributes(attributes) end def verified_attributes(verification_response) - attributes = verification_response. - verification_results.filter { |_, verified| verified }. - keys. - to_set + attributes = verification_response + .verification_results.filter { |_, verified| verified } + .keys + .to_set normalize_address_attributes(attributes) end diff --git a/app/services/proofing/resolution/plugins/aamva_plugin.rb b/app/services/proofing/resolution/plugins/aamva_plugin.rb index 376e8b7e9a3..16ed6bc9190 100644 --- a/app/services/proofing/resolution/plugins/aamva_plugin.rb +++ b/app/services/proofing/resolution/plugins/aamva_plugin.rb @@ -108,8 +108,8 @@ def user_can_pass_after_state_id_check?( # For failed IV results, this method validates that the user is eligible to pass if the # failed attributes are covered by the same attributes in a successful AAMVA response # aka the Get-to-Yes w/ AAMVA feature. - if !state_id_address_resolution_result. - failed_result_can_pass_with_additional_verification? + if !state_id_address_resolution_result + .failed_result_can_pass_with_additional_verification? return false end @@ -125,8 +125,8 @@ def user_can_pass_after_state_id_check?( # Make a copy of pii with the user's state ID address overwriting the address keys # Need to first remove the address keys to avoid key/value collision def with_state_id_address(pii) - pii.except(*SECONDARY_ID_ADDRESS_MAP.values). - transform_keys(SECONDARY_ID_ADDRESS_MAP) + pii.except(*SECONDARY_ID_ADDRESS_MAP.values) + .transform_keys(SECONDARY_ID_ADDRESS_MAP) end end end diff --git a/app/services/proofing/resolution/plugins/state_id_address_plugin.rb b/app/services/proofing/resolution/plugins/state_id_address_plugin.rb index 59768fbf28d..b7210e8b05e 100644 --- a/app/services/proofing/resolution/plugins/state_id_address_plugin.rb +++ b/app/services/proofing/resolution/plugins/state_id_address_plugin.rb @@ -66,8 +66,8 @@ def same_address_as_id?(applicant_pii) # Make a copy of pii with the user's state ID address overwriting the address keys # Need to first remove the address keys to avoid key/value collision def with_state_id_address(pii) - pii.except(*SECONDARY_ID_ADDRESS_MAP.values). - transform_keys(SECONDARY_ID_ADDRESS_MAP) + pii.except(*SECONDARY_ID_ADDRESS_MAP.values) + .transform_keys(SECONDARY_ID_ADDRESS_MAP) end end end diff --git a/app/services/proofing/resolution/result_adjudicator.rb b/app/services/proofing/resolution/result_adjudicator.rb index 908327ac585..020e404ad61 100644 --- a/app/services/proofing/resolution/result_adjudicator.rb +++ b/app/services/proofing/resolution/result_adjudicator.rb @@ -61,10 +61,10 @@ def should_proof_state_id? private def errors - resolution_result.errors. - merge(residential_resolution_result.errors). - merge(state_id_result.errors). - merge(device_profiling_result.errors || {}) + resolution_result.errors + .merge(residential_resolution_result.errors) + .merge(state_id_result.errors) + .merge(device_profiling_result.errors || {}) end def exception diff --git a/app/services/proofing/socure/id_plus/response.rb b/app/services/proofing/socure/id_plus/response.rb index 085e21c58dd..bf4f1bc1b2c 100644 --- a/app/services/proofing/socure/id_plus/response.rb +++ b/app/services/proofing/socure/id_plus/response.rb @@ -11,8 +11,8 @@ def initialize(http_response) # @return [Hash] def kyc_field_validations - @kyc_field_validations ||= kyc('fieldValidations'). - each_with_object({}) do |(field, valid), obj| + @kyc_field_validations ||= kyc('fieldValidations') + .each_with_object({}) do |(field, valid), obj| obj[field.to_sym] = valid.round == 1 end.freeze end diff --git a/app/services/push_notification/http_push.rb b/app/services/push_notification/http_push.rb index f89d3b700bd..a4a51e8ae99 100644 --- a/app/services/push_notification/http_push.rb +++ b/app/services/push_notification/http_push.rb @@ -21,10 +21,10 @@ def initialize(event, now: Time.zone.now) def deliver return unless IdentityConfig.store.push_notifications_enabled - event.user. - service_providers. - merge(ServiceProviderIdentity.not_deleted). - with_push_notification_urls.each do |service_provider| + event.user + .service_providers + .merge(ServiceProviderIdentity.not_deleted) + .with_push_notification_urls.each do |service_provider| deliver_one(service_provider) end end diff --git a/app/services/random_phrase.rb b/app/services/random_phrase.rb index 1c445ec4897..3c3d5ac91a0 100644 --- a/app/services/random_phrase.rb +++ b/app/services/random_phrase.rb @@ -17,9 +17,9 @@ def to_s end def self.format(str, separator: ' ') - normalize(str). - chars.each_slice(WORD_LENGTH).map(&:join).join(separator). - upcase + normalize(str) + .chars.each_slice(WORD_LENGTH).map(&:join).join(separator) + .upcase end def self.normalize(str, num_words: nil) diff --git a/app/services/rate_limiter.rb b/app/services/rate_limiter.rb index f4b18ac4fcc..9554f9e54b5 100644 --- a/app/services/rate_limiter.rb +++ b/app/services/rate_limiter.rb @@ -265,8 +265,8 @@ def self.load_rate_limit_config }, short_term_phone_otp: { max_attempts: IdentityConfig.store.short_term_phone_otp_max_attempts, - attempt_window: IdentityConfig.store. - short_term_phone_otp_max_attempt_window_in_seconds.seconds.in_minutes.to_f, + attempt_window: IdentityConfig.store + .short_term_phone_otp_max_attempt_window_in_seconds.seconds.in_minutes.to_f, }, sign_in_user_id_per_ip: { max_attempts: IdentityConfig.store.sign_in_user_id_per_ip_max_attempts, diff --git a/app/services/reporting/account_deletion_rate_report.rb b/app/services/reporting/account_deletion_rate_report.rb index ed87253b8b6..e8ceab285ae 100644 --- a/app/services/reporting/account_deletion_rate_report.rb +++ b/app/services/reporting/account_deletion_rate_report.rb @@ -29,10 +29,10 @@ def account_deletion_emailable_report def deleted_user_count @deleted_user_count ||= Reports::BaseReport.transaction_with_timeout do - DeletedUser. - where(deleted_at: start_date..end_date). - where('user_created_at < ?', end_date). - count + DeletedUser + .where(deleted_at: start_date..end_date) + .where('user_created_at < ?', end_date) + .count end end diff --git a/app/services/reporting/account_reuse_report.rb b/app/services/reporting/account_reuse_report.rb index 44425eb15fd..644c71320a6 100644 --- a/app/services/reporting/account_reuse_report.rb +++ b/app/services/reporting/account_reuse_report.rb @@ -192,8 +192,9 @@ def update_from_results(results:, total_registered:, total_proofed:) results.each do |details_section| # Only condense the rows if there is more than one row in the 10+ range if details_section.count { |details| details.num_entities >= 10 } > 1 - details_section.select { |details| details.num_entities >= 10 }. - reduce do |condensed_row, captured_row| + details_section + .select { |details| details.num_entities >= 10 } + .reduce do |condensed_row, captured_row| # Delete any rows after the first captured_row (which becomes the condensed_row) details_section.delete(captured_row) if captured_row != condensed_row condensed_row.update_details( diff --git a/app/services/reporting/active_users_count_report.rb b/app/services/reporting/active_users_count_report.rb index 7ba3fd9f871..3819354c466 100644 --- a/app/services/reporting/active_users_count_report.rb +++ b/app/services/reporting/active_users_count_report.rb @@ -112,8 +112,8 @@ def monthly_active_users_apg def fiscal_year_active_users_per_quarter_cumulative @fiscal_year_active_users_per_quarter_cumulative ||= begin data_by_quarter = {} - cumulative_quarter_ranges. - map do |quarter_range| + cumulative_quarter_ranges + .map do |quarter_range| data_by_quarter[quarter_range] ||= Reports::BaseReport.transaction_with_timeout do ReportRow.from_hash_time_range( time_range: quarter_range, @@ -131,8 +131,8 @@ def fiscal_year_active_users_per_quarter_cumulative def apg_fiscal_year_active_users_per_quarter_cumulative @apg_fiscal_year_active_users_per_quarter_cumulative ||= begin data_by_quarter = {} - cumulative_quarter_ranges. - map do |quarter_range| + cumulative_quarter_ranges + .map do |quarter_range| data_by_quarter[quarter_range] ||= Reports::BaseReport.transaction_with_timeout do ReportRow.from_hash_time_range( time_range: quarter_range, diff --git a/app/services/reporting/agency_and_sp_report.rb b/app/services/reporting/agency_and_sp_report.rb index d58744e3a31..a61f28099c2 100644 --- a/app/services/reporting/agency_and_sp_report.rb +++ b/app/services/reporting/agency_and_sp_report.rb @@ -48,30 +48,30 @@ def agency_and_sp_emailable_report end def active_agencies - @active_agencies ||= Agency.joins(:partner_accounts). - where(partner_accounts: { + @active_agencies ||= Agency.joins(:partner_accounts) + .where(partner_accounts: { partner_account_status: Agreements::PartnerAccountStatus.find_by(name: 'active'), became_partner: ..report_date, - }). - distinct + }) + .distinct end def service_providers @service_providers ||= Reports::BaseReport.transaction_with_timeout do - issuers = ServiceProviderIdentity. - where('created_at <= ?', report_date). - distinct. - pluck(:service_provider) + issuers = ServiceProviderIdentity + .where('created_at <= ?', report_date) + .distinct + .pluck(:service_provider) ServiceProvider.where(issuer: issuers).active.external end end def facial_match_issuers @facial_match_issuers ||= Reports::BaseReport.transaction_with_timeout do - Profile.active.facial_match_opt_in. - where('verified_at <= ?', report_date.end_of_day). - distinct. - pluck(:initiating_service_provider_issuer) + Profile.active.facial_match_opt_in + .where('verified_at <= ?', report_date.end_of_day) + .distinct + .pluck(:initiating_service_provider_issuer) end end end diff --git a/app/services/reset_user_password.rb b/app/services/reset_user_password.rb index d9cd79ee3a4..60ce8bf7c14 100644 --- a/app/services/reset_user_password.rb +++ b/app/services/reset_user_password.rb @@ -29,14 +29,14 @@ def forget_all_browsers end def log_event - UserEventCreator.new(current_user: user). - create_out_of_band_user_event(:password_invalidated) + UserEventCreator.new(current_user: user) + .create_out_of_band_user_event(:password_invalidated) end def notify_user user.confirmed_email_addresses.each do |email_address| - UserMailer.with(user: user, email_address: email_address).please_reset_password. - deliver_now_or_later + UserMailer.with(user: user, email_address: email_address).please_reset_password + .deliver_now_or_later end end end diff --git a/app/services/send_add_email_confirmation.rb b/app/services/send_add_email_confirmation.rb index 3fb0641b627..ec51a76c182 100644 --- a/app/services/send_add_email_confirmation.rb +++ b/app/services/send_add_email_confirmation.rb @@ -37,9 +37,9 @@ def update_email_address_record def already_confirmed_by_another_user? EmailAddress.where( email_fingerprint: Pii::Fingerprinter.fingerprint(email_address.email), - ).where.not(confirmed_at: nil). - where.not(user_id: email_address.user_id). - first + ).where.not(confirmed_at: nil) + .where.not(user_id: email_address.user_id) + .first end def send_email @@ -54,8 +54,8 @@ def send_email_associated_with_another_account_email UserMailer.with( user: user, email_address: email_address, - ).add_email_associated_with_another_account. - deliver_now_or_later + ).add_email_associated_with_another_account + .deliver_now_or_later end def send_confirmation_email diff --git a/app/services/user_alerts/alert_user_about_account_rejected.rb b/app/services/user_alerts/alert_user_about_account_rejected.rb index 3a664229755..74210e91bbf 100644 --- a/app/services/user_alerts/alert_user_about_account_rejected.rb +++ b/app/services/user_alerts/alert_user_about_account_rejected.rb @@ -4,9 +4,9 @@ module UserAlerts class AlertUserAboutAccountRejected def self.call(user) user.confirmed_email_addresses.each do |email_address| - UserMailer.with(user: user, email_address: email_address). - account_rejected. - deliver_now_or_later + UserMailer.with(user: user, email_address: email_address) + .account_rejected + .deliver_now_or_later end end end diff --git a/app/services/user_alerts/alert_user_about_password_change.rb b/app/services/user_alerts/alert_user_about_password_change.rb index ae2045b429d..97e82a49f6a 100644 --- a/app/services/user_alerts/alert_user_about_password_change.rb +++ b/app/services/user_alerts/alert_user_about_password_change.rb @@ -4,8 +4,8 @@ module UserAlerts class AlertUserAboutPasswordChange def self.call(user, disavowal_token) user.confirmed_email_addresses.each do |email_address| - UserMailer.with(user: user, email_address: email_address). - password_changed(disavowal_token: disavowal_token).deliver_now_or_later + UserMailer.with(user: user, email_address: email_address) + .password_changed(disavowal_token: disavowal_token).deliver_now_or_later end end end diff --git a/app/services/usps_in_person_proofing/enrollment_helper.rb b/app/services/usps_in_person_proofing/enrollment_helper.rb index c6599c3f2e0..374838c8965 100644 --- a/app/services/usps_in_person_proofing/enrollment_helper.rb +++ b/app/services/usps_in_person_proofing/enrollment_helper.rb @@ -20,8 +20,8 @@ def schedule_in_person_enrollment(user:, pii:, is_enhanced_ipp:, opt_in: nil) # Send state ID address to USPS pii = pii.to_h if !enrollment.current_address_matches_id? - pii = pii.except(*SECONDARY_ID_ADDRESS_MAP.values). - transform_keys(SECONDARY_ID_ADDRESS_MAP) + pii = pii.except(*SECONDARY_ID_ADDRESS_MAP.values) + .transform_keys(SECONDARY_ID_ADDRESS_MAP) end enrollment_code = create_usps_enrollment(enrollment, pii, is_enhanced_ipp) @@ -85,10 +85,10 @@ def create_usps_enrollment(enrollment, pii, is_enhanced_ipp) end def cancel_stale_establishing_enrollments_for_user(user) - user. - in_person_enrollments. - where(status: :establishing). - find_each(&:cancelled!) + user + .in_person_enrollments + .where(status: :establishing) + .find_each(&:cancelled!) end def usps_proofer @@ -120,15 +120,15 @@ def localized_hours(hours) if hours == 'Closed' I18n.t('in_person_proofing.body.barcode.retail_hours_closed') elsif hours.include?(' - ') # Hyphen - hours. - split(' - '). # Hyphen - map { |time| Time.zone.parse(time).strftime(I18n.t('time.formats.event_time')) }. - join(' – ') # Endash + hours + .split(' - ') # Hyphen + .map { |time| Time.zone.parse(time).strftime(I18n.t('time.formats.event_time')) } + .join(' – ') # Endash elsif hours.include?(' – ') # Endash - hours. - split(' – '). # Endash - map { |time| Time.zone.parse(time).strftime(I18n.t('time.formats.event_time')) }. - join(' – ') # Endash + hours + .split(' – ') # Endash + .map { |time| Time.zone.parse(time).strftime(I18n.t('time.formats.event_time')) } + .join(' – ') # Endash else hours end diff --git a/app/services/uuid_reporter.rb b/app/services/uuid_reporter.rb index a8348eaee36..e9d17649fec 100644 --- a/app/services/uuid_reporter.rb +++ b/app/services/uuid_reporter.rb @@ -64,11 +64,11 @@ def all_issuers_belong_to_an_sp? end def all_issuers_belong_to_same_agency? - agency_count = Agency. - joins(:service_providers). - where(service_providers: { issuer: issuers }). - distinct. - count + agency_count = Agency + .joins(:service_providers) + .where(service_providers: { issuer: issuers }) + .distinct + .count return if agency_count == 1 @@ -82,9 +82,9 @@ def validate_output end def find_agency - Agency. - joins(:service_providers). - find_by(service_providers: { issuer: issuers.first }) + Agency + .joins(:service_providers) + .find_by(service_providers: { issuer: issuers.first }) end def collect_user_ids @@ -102,12 +102,12 @@ def collect_identities(agency, emails_to_user_ids) # Note that we use two separate queries since the inner joins don't take # advantage of the composite indexes and are highly non-performant. actual_user_ids = emails_to_user_ids.values.select(&:present?) - user_ids_with_identities = ServiceProviderIdentity. - where(user_id: actual_user_ids, service_provider: issuers). - pluck(:user_id) - agency_identities = AgencyIdentity. - select(:uuid, :user_id). - where(user_id: user_ids_with_identities, agency_id: agency.id) + user_ids_with_identities = ServiceProviderIdentity + .where(user_id: actual_user_ids, service_provider: issuers) + .pluck(:user_id) + agency_identities = AgencyIdentity + .select(:uuid, :user_id) + .where(user_id: user_ids_with_identities, agency_id: agency.id) uuid_hash = agency_identities.map { |record| [record.user_id, record.uuid] }.to_h emails_to_user_ids.transform_values { |user_id| uuid_hash[user_id] } diff --git a/app/views/users/service_provider_inactive/index.html.erb b/app/views/users/service_provider_inactive/index.html.erb index b6a7e49e83b..1d39be207d8 100644 --- a/app/views/users/service_provider_inactive/index.html.erb +++ b/app/views/users/service_provider_inactive/index.html.erb @@ -11,6 +11,6 @@ <%= t('service_providers.errors.inactive.instructions2') %>

- <% c.with_action_button(url: root_path). - with_content(t('service_providers.errors.inactive.button_text', app_name: APP_NAME)) %> + <% c.with_action_button(url: root_path) + .with_content(t('service_providers.errors.inactive.button_text', app_name: APP_NAME)) %> <% end %> diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb index 683412da5f8..9c625df443d 100644 --- a/config/initializers/devise.rb +++ b/config/initializers/devise.rb @@ -34,8 +34,8 @@ Warden::Manager.after_authentication do |user, auth, options| if auth.env['action_dispatch.cookies'] expected_cookie_value = "#{user.class}-#{user.id}" - actual_cookie_value = auth.env['action_dispatch.cookies']. - signed[TwoFactorAuthenticatable::REMEMBER_2FA_COOKIE] + actual_cookie_value = auth.env['action_dispatch.cookies'] + .signed[TwoFactorAuthenticatable::REMEMBER_2FA_COOKIE] bypass_by_cookie = actual_cookie_value == expected_cookie_value end diff --git a/lib/action_account.rb b/lib/action_account.rb index f9fc88b0ba7..74b920e3c9d 100644 --- a/lib/action_account.rb +++ b/lib/action_account.rb @@ -283,8 +283,8 @@ def run(args:, config:) success = true if profile.active? - UserEventCreator.new(current_user: user). - create_out_of_band_user_event(:account_verified) + UserEventCreator.new(current_user: user) + .create_out_of_band_user_event(:account_verified) UserAlerts::AlertUserAboutAccountVerified.call(profile: profile) log_texts << log_text[:profile_activated] diff --git a/lib/analytics_events_documenter.rb b/lib/analytics_events_documenter.rb index 09ccf8bcf77..60161c85626 100644 --- a/lib/analytics_events_documenter.rb +++ b/lib/analytics_events_documenter.rb @@ -185,8 +185,8 @@ def analytics_methods database.select do |_k, object| # this check will fail if the namespace is nested more than once - method_object_name_parts = [object.namespace&.parent&.name, object.namespace&.name]. - select { |part| part.present? && part != :root } + method_object_name_parts = [object.namespace&.parent&.name, object.namespace&.name] + .select { |part| part.present? && part != :root } object.type == :method && method_object_name_parts == class_name_parts end.values diff --git a/lib/data_pull.rb b/lib/data_pull.rb index 35603fe46a1..1a2749dfda6 100644 --- a/lib/data_pull.rb +++ b/lib/data_pull.rb @@ -99,10 +99,10 @@ def run(args:, config:) table = [] table << %w[partner_uuid source internal_uuid deleted] - identities = ServiceProviderIdentity. - includes(:user, :deleted_user, :agency). - where(uuid: partner_uuids). - order(:uuid) + identities = ServiceProviderIdentity + .includes(:user, :deleted_user, :agency) + .where(uuid: partner_uuids) + .order(:uuid) identities.each do |identity| table << [ @@ -283,9 +283,9 @@ def run(args:, config:) table = [] table << %w[login_uuid agency issuer external_uuid] - User.includes(:agency_identities, identities: { service_provider_record: :agency }). - where(uuid: login_uuids). - then do |scope| + User.includes(:agency_identities, identities: { service_provider_record: :agency }) + .where(uuid: login_uuids) + .then do |scope| if config.requesting_issuers.present? scope.where(service_provider_record: { issuer: config.requesting_issuers }) else diff --git a/lib/makefile_help_parser.rb b/lib/makefile_help_parser.rb index 2664f300ba3..023e37c4f5f 100644 --- a/lib/makefile_help_parser.rb +++ b/lib/makefile_help_parser.rb @@ -101,9 +101,9 @@ def build_expanded_targets expanded_makefile.split("\n\n").map do |stanza| m = stanza.match(/^# .* \(from [`']#{makefile_path}', line (?\d+)\):$/) [stanza, m && m[:lineno].to_i] - end. - select { |_stanza, lineno| lineno }. - each do |stanza, lineno| + end + .select { |_stanza, lineno| lineno } + .each do |stanza, lineno| target = stanza.split("\n").first.split(':').first targets[lineno] << target diff --git a/lib/pinpoint_supported_countries.rb b/lib/pinpoint_supported_countries.rb index d712048d64b..35201f1267e 100644 --- a/lib/pinpoint_supported_countries.rb +++ b/lib/pinpoint_supported_countries.rb @@ -54,10 +54,10 @@ def merge(other) def run country_dialing_codes = load_country_dialing_codes - duplicate_iso = country_dialing_codes. - group_by(&:iso_code). - select { |_iso, arr| arr.size > 1 }. - keys + duplicate_iso = country_dialing_codes + .group_by(&:iso_code) + .select { |_iso, arr| arr.size > 1 } + .keys raise "error countries with duplicate iso codes: #{duplicate_iso}" if duplicate_iso.size > 0 @@ -71,10 +71,10 @@ def run # @return [Array] def sms_support - TableConverter.new(download(PINPOINT_SMS_URL)). - convert. - select { |sms_config| sms_config['ISO code'] }. # skip section rows - map do |sms_config| + TableConverter.new(download(PINPOINT_SMS_URL)) + .convert + .select { |sms_config| sms_config['ISO code'] } # skip section rows + .map do |sms_config| iso_code = sms_config['ISO code'] supports_sms = case trim_spaces(sms_config['Supports Sender IDs']) when 'Registration required1' diff --git a/lib/pwned_password_downloader.rb b/lib/pwned_password_downloader.rb index 21699aed998..f1ae977d447 100755 --- a/lib/pwned_password_downloader.rb +++ b/lib/pwned_password_downloader.rb @@ -96,12 +96,12 @@ def already_downloaded?(prefix) # @return [String] def download_one(prefix:, net_http: Net::HTTP::Persistent.new, keep: keep_threshold) - net_http. - request(URI.join(RANGE_API_ROOT, prefix)). - body. - each_line(chomp: true). - select { |line| line[OCCURRENCE_OFFSET..].to_i >= keep }. - reduce('') { |result, line| result + "#{prefix}#{line}\n" } + net_http + .request(URI.join(RANGE_API_ROOT, prefix)) + .body + .each_line(chomp: true) + .select { |line| line[OCCURRENCE_OFFSET..].to_i >= keep } + .reduce('') { |result, line| result + "#{prefix}#{line}\n" } end def write_one(prefix:, content:) diff --git a/lib/query_tracker.rb b/lib/query_tracker.rb index 9f89059a03a..45ea433c12a 100644 --- a/lib/query_tracker.rb +++ b/lib/query_tracker.rb @@ -11,8 +11,8 @@ class QueryTracker def self.track queries = Hash.new { |h, k| h[k] = [] } - subscriber = ActiveSupport::Notifications. - subscribe('sql.active_record') do |_name, _start, _finish, _id, payload| + subscriber = ActiveSupport::Notifications + .subscribe('sql.active_record') do |_name, _start, _finish, _id, payload| sql = payload[:sql] action = sql.split(' ').first.downcase.to_sym diff --git a/lib/reporting/fraud_metrics_lg99_report.rb b/lib/reporting/fraud_metrics_lg99_report.rb index 6dc7f0e6419..759a47858b0 100644 --- a/lib/reporting/fraud_metrics_lg99_report.rb +++ b/lib/reporting/fraud_metrics_lg99_report.rb @@ -191,9 +191,9 @@ def user_days_to_suspension_avg end def user_days_proofed_to_suspension_avg - user_data = User.where(uuid: data[Events::SUSPENDED_USERS]).includes(:profiles). - merge(Profile.active). - pluck( + user_data = User.where(uuid: data[Events::SUSPENDED_USERS]).includes(:profiles) + .merge(Profile.active) + .pluck( :activated_at, :suspended_at, ) diff --git a/lib/reporting/protocols_report.rb b/lib/reporting/protocols_report.rb index 560d7da79d7..f6a939a74ba 100644 --- a/lib/reporting/protocols_report.rb +++ b/lib/reporting/protocols_report.rb @@ -221,20 +221,20 @@ def protocol_data ) { saml: { - request_count: results. - select { |slice| slice['protocol'] == SAML_AUTH_EVENT }. - map { |slice| slice['request_count'].to_i }. - sum, + request_count: results + .select { |slice| slice['protocol'] == SAML_AUTH_EVENT } + .map { |slice| slice['request_count'].to_i } + .sum, issuer_count: by_uniq_issuers( - results. - select { |slice| slice['protocol'] == SAML_AUTH_EVENT }, + results + .select { |slice| slice['protocol'] == SAML_AUTH_EVENT }, ).count, }, oidc: { - request_count: results. - select { |slice| slice['protocol'] == OIDC_AUTH_EVENT }. - map { |slice| slice['request_count'].to_i }. - sum, + request_count: results + .select { |slice| slice['protocol'] == OIDC_AUTH_EVENT } + .map { |slice| slice['request_count'].to_i } + .sum, issuer_count: by_uniq_issuers( results.select { |slice| slice['protocol'] == OIDC_AUTH_EVENT }, ).count, @@ -254,10 +254,10 @@ def saml_signature_data unsigned: by_uniq_issuers( results.select { |slice| slice['unsigned_count'].to_i > 0 }, ), - invalid_signature: results. - select { |slice| slice['invalid_signature_count'].to_i > 0 }. - map { |slice| slice['issuer'] }. - uniq, + invalid_signature: results + .select { |slice| slice['invalid_signature_count'].to_i > 0 } + .map { |slice| slice['issuer'] } + .uniq, } end end diff --git a/lib/tasks/remove_verified_at_for_non_verified.rake b/lib/tasks/remove_verified_at_for_non_verified.rake index 86bd7ce770e..55cfb1ba3d7 100644 --- a/lib/tasks/remove_verified_at_for_non_verified.rake +++ b/lib/tasks/remove_verified_at_for_non_verified.rake @@ -17,8 +17,8 @@ namespace :profiles do update_profiles = ENV['UPDATE_PROFILES'] == 'true' - profiles = Profile.where('verified_at IS NOT NULL'). - where('fraud_review_pending_at IS NOT NULL OR fraud_rejection_at IS NOT NULL OR + profiles = Profile.where('verified_at IS NOT NULL') + .where('fraud_review_pending_at IS NOT NULL OR fraud_rejection_at IS NOT NULL OR gpo_verification_pending_at IS NOT NULL') profiles.each do |profile| diff --git a/scripts/changelog_check.rb b/scripts/changelog_check.rb index 8c113382faa..385f7f4862a 100755 --- a/scripts/changelog_check.rb +++ b/scripts/changelog_check.rb @@ -48,10 +48,10 @@ def revert_commit?(commit) end def build_changelog_from_commit(commit) - [*commit.commit_messages, commit.title]. - lazy. - map { |message| build_changelog(message, find_revert: revert_commit?(commit)) }. - find(&:itself) + [*commit.commit_messages, commit.title] + .lazy + .map { |message| build_changelog(message, find_revert: revert_commit?(commit)) } + .find(&:itself) end def get_git_log(base_branch, source_branch) @@ -107,16 +107,16 @@ def generate_invalid_changes(git_log) end def closest_change_category(change) - CATEGORIES. - map do |category| + CATEGORIES + .map do |category| CategoryDistance.new( category, DidYouMean::Levenshtein.distance(change[:category], category), ) - end. - filter { |category_distance| category_distance.distance <= MAX_CATEGORY_DISTANCE }. - max { |category_distance| category_distance.distance }&. - category + end + .filter { |category_distance| category_distance.distance <= MAX_CATEGORY_DISTANCE } + .max { |category_distance| category_distance.distance } + &.category end # Get the last valid changelog line for every Pull Request and tie it to the commit subject. @@ -167,14 +167,14 @@ def generate_changelog(git_log) # Entries with the same category and change are grouped into one changelog line so that we can # support multi-PR changes. def format_changelog(changelog_entries) - changelog_entries = changelog_entries. - sort_by(&:subcategory). - group_by { |entry| [entry.category, entry.change] } + changelog_entries = changelog_entries + .sort_by(&:subcategory) + .group_by { |entry| [entry.category, entry.change] } changelog = +'' CATEGORIES.each do |category| - category_changes = changelog_entries. - filter { |(changelog_category, _change), _changes| changelog_category == category } + category_changes = changelog_entries + .filter { |(changelog_category, _change), _changes| changelog_category == category } next if category_changes.empty? changelog.concat("## #{category}\n") diff --git a/spec/bin/oncall/email-deliveries_spec.rb b/spec/bin/oncall/email-deliveries_spec.rb index 3892c4de863..6112dc9d649 100644 --- a/spec/bin/oncall/email-deliveries_spec.rb +++ b/spec/bin/oncall/email-deliveries_spec.rb @@ -46,13 +46,13 @@ subject(:run) { instance.run(out: stdout) } before do - allow(instance).to receive(:cloudwatch_client). - with('prod_/srv/idp/shared/log/events.log'). - and_return(instance_double('Reporting::CloudwatchClient', fetch: events_log)) + allow(instance).to receive(:cloudwatch_client) + .with('prod_/srv/idp/shared/log/events.log') + .and_return(instance_double('Reporting::CloudwatchClient', fetch: events_log)) - allow(instance).to receive(:cloudwatch_client). - with('/aws/lambda/SESAllEvents_Lambda'). - and_return(instance_double('Reporting::CloudwatchClient', fetch: email_events)) + allow(instance).to receive(:cloudwatch_client) + .with('/aws/lambda/SESAllEvents_Lambda') + .and_return(instance_double('Reporting::CloudwatchClient', fetch: email_events)) end # rubocop:disable Layout/LineLength diff --git a/spec/bin/query-cloudwatch_spec.rb b/spec/bin/query-cloudwatch_spec.rb index c17ac2e9d57..09ea8ba5ba8 100644 --- a/spec/bin/query-cloudwatch_spec.rb +++ b/spec/bin/query-cloudwatch_spec.rb @@ -333,8 +333,8 @@ def build_stdin_with_query(query) end before do - allow_any_instance_of(QueryCloudwatch::SqliteOutput).to receive(:db). - and_return(db) + allow_any_instance_of(QueryCloudwatch::SqliteOutput).to receive(:db) + .and_return(db) allow_any_instance_of(QueryCloudwatch::SqliteOutput).to receive(:close_database) end diff --git a/spec/components/captcha_submit_button_component_spec.rb b/spec/components/captcha_submit_button_component_spec.rb index ec8a2a055a0..4689cabdfc2 100644 --- a/spec/components/captcha_submit_button_component_spec.rb +++ b/spec/components/captcha_submit_button_component_spec.rb @@ -83,8 +83,8 @@ let(:recaptcha_mock_validator) { nil } before do - allow(IdentityConfig.store).to receive(:recaptcha_mock_validator). - and_return(recaptcha_mock_validator) + allow(IdentityConfig.store).to receive(:recaptcha_mock_validator) + .and_return(recaptcha_mock_validator) end context 'with mock validator disabled' do diff --git a/spec/components/icon_component_spec.rb b/spec/components/icon_component_spec.rb index 745b9ca47a6..5bd22697c1c 100644 --- a/spec/components/icon_component_spec.rb +++ b/spec/components/icon_component_spec.rb @@ -17,10 +17,10 @@ inline_style = rendered.at_css('style').text.strip expect(icon).to be_present - expect(inline_style).to match(%r{##{id}\s{.+?}}). - and(include('-webkit-mask-image:')). - and(include('mask-image:')). - and(match(%r{url\([^)]+/print-\w+\.svg\)})) + expect(inline_style).to match(%r{##{id}\s{.+?}}) + .and(include('-webkit-mask-image:')) + .and(include('mask-image:')) + .and(match(%r{url\([^)]+/print-\w+\.svg\)})) end context 'with invalid icon' do diff --git a/spec/components/password_confirmation_component_spec.rb b/spec/components/password_confirmation_component_spec.rb index f88d773359a..5c9ffc227f1 100644 --- a/spec/components/password_confirmation_component_spec.rb +++ b/spec/components/password_confirmation_component_spec.rb @@ -41,9 +41,9 @@ let(:options) { super().merge(forbidden_passwords:) } it 'forwards forbidden passwords to rendered password strength component' do - expect(PasswordStrengthComponent).to receive(:new). - with(hash_including(forbidden_passwords:)). - and_call_original + expect(PasswordStrengthComponent).to receive(:new) + .with(hash_including(forbidden_passwords:)) + .and_call_original rendered end diff --git a/spec/components/previews/tooltip_component_preview.rb b/spec/components/previews/tooltip_component_preview.rb index 8ebf488239b..5dfd3cdcb34 100644 --- a/spec/components/previews/tooltip_component_preview.rb +++ b/spec/components/previews/tooltip_component_preview.rb @@ -3,9 +3,9 @@ class TooltipComponentPreview < BaseComponentPreview # @display body_class padding-10 def default render( - TooltipComponent. - new(tooltip_text: 'Finish verifying your identity.'). - with_content(content_tag(:span, 'Unverified')), + TooltipComponent + .new(tooltip_text: 'Finish verifying your identity.') + .with_content(content_tag(:span, 'Unverified')), ) end # @!endgroup diff --git a/spec/config/initializers/ab_tests_spec.rb b/spec/config/initializers/ab_tests_spec.rb index fc2c57eb656..2865e06cec3 100644 --- a/spec/config/initializers/ab_tests_spec.rb +++ b/spec/config/initializers/ab_tests_spec.rb @@ -119,21 +119,21 @@ let(:enable_ab_test) do -> { - allow(IdentityConfig.store).to receive(:doc_auth_vendor_default). - and_return('vendor_a') - allow(IdentityConfig.store).to receive(:doc_auth_vendor_switching_enabled). - and_return(true) - allow(IdentityConfig.store).to receive(:doc_auth_vendor_socure_percent). - and_return(50) - allow(IdentityConfig.store).to receive(:doc_auth_vendor_lexis_nexis_percent). - and_return(30) + allow(IdentityConfig.store).to receive(:doc_auth_vendor_default) + .and_return('vendor_a') + allow(IdentityConfig.store).to receive(:doc_auth_vendor_switching_enabled) + .and_return(true) + allow(IdentityConfig.store).to receive(:doc_auth_vendor_socure_percent) + .and_return(50) + allow(IdentityConfig.store).to receive(:doc_auth_vendor_lexis_nexis_percent) + .and_return(30) } end let(:disable_ab_test) do -> { - allow(IdentityConfig.store).to receive(:doc_auth_vendor_switching_enabled). - and_return(false) + allow(IdentityConfig.store).to receive(:doc_auth_vendor_switching_enabled) + .and_return(false) } end @@ -145,18 +145,18 @@ let(:disable_ab_test) do -> { - allow(IdentityConfig.store).to receive(:idv_acuant_sdk_upgrade_a_b_testing_enabled). - and_return(false) + allow(IdentityConfig.store).to receive(:idv_acuant_sdk_upgrade_a_b_testing_enabled) + .and_return(false) } end let(:enable_ab_test) do -> { - allow(IdentityConfig.store).to receive(:idv_acuant_sdk_upgrade_a_b_testing_enabled). - and_return(true) + allow(IdentityConfig.store).to receive(:idv_acuant_sdk_upgrade_a_b_testing_enabled) + .and_return(true) - allow(IdentityConfig.store).to receive(:idv_acuant_sdk_upgrade_a_b_testing_percent). - and_return(50) + allow(IdentityConfig.store).to receive(:idv_acuant_sdk_upgrade_a_b_testing_percent) + .and_return(50) } end @@ -322,8 +322,8 @@ context 'when A/B test is disabled' do before do - allow(IdentityConfig.store).to receive(:desktop_ft_unlock_setup_option_percent_tested). - and_return(0) + allow(IdentityConfig.store).to receive(:desktop_ft_unlock_setup_option_percent_tested) + .and_return(0) reload_ab_tests end @@ -338,8 +338,8 @@ context 'when A/B test is enabled' do before do - allow(IdentityConfig.store).to receive(:desktop_ft_unlock_setup_option_percent_tested). - and_return(100) + allow(IdentityConfig.store).to receive(:desktop_ft_unlock_setup_option_percent_tested) + .and_return(100) reload_ab_tests end diff --git a/spec/config/initializers/ahoy_spec.rb b/spec/config/initializers/ahoy_spec.rb index cfa0fa82269..4eb8fa3f892 100644 --- a/spec/config/initializers/ahoy_spec.rb +++ b/spec/config/initializers/ahoy_spec.rb @@ -52,8 +52,8 @@ context 'FeatureManagement.use_dashboard_service_providers? is true' do it 'does not exclude the event' do - allow(FeatureManagement).to receive(:use_dashboard_service_providers?). - and_return(true) + allow(FeatureManagement).to receive(:use_dashboard_service_providers?) + .and_return(true) store = Ahoy::Store.new({}) expect(store.exclude?).to be_nil diff --git a/spec/config/initializers/job_configurations_spec.rb b/spec/config/initializers/job_configurations_spec.rb index b36d463d7cf..261daa8740b 100644 --- a/spec/config/initializers/job_configurations_spec.rb +++ b/spec/config/initializers/job_configurations_spec.rb @@ -26,8 +26,8 @@ now = Time.zone.now next_time = Fugit.parse(report[:cron]).next_time - expect(next_time.utc). - to be_within(2.hours + 1.minute).of(now.utc.end_of_week) + expect(next_time.utc) + .to be_within(2.hours + 1.minute).of(now.utc.end_of_week) expect(next_time.utc).to be > now.utc.end_of_week end end diff --git a/spec/config/initializers/secure_headers_spec.rb b/spec/config/initializers/secure_headers_spec.rb index 08230163e5e..10f3fdd0167 100644 --- a/spec/config/initializers/secure_headers_spec.rb +++ b/spec/config/initializers/secure_headers_spec.rb @@ -10,7 +10,7 @@ request = { 'HTTPS' => 'on' } _status, headers, _body = ssl_middleware.call(request) - expect(headers['strict-transport-security']). - to eq('max-age=31556952; includeSubDomains; preload') + expect(headers['strict-transport-security']) + .to eq('max-age=31556952; includeSubDomains; preload') end end diff --git a/spec/controllers/account_reset/cancel_controller_spec.rb b/spec/controllers/account_reset/cancel_controller_spec.rb index 26e44b7ffb6..e97a28913e3 100644 --- a/spec/controllers/account_reset/cancel_controller_spec.rb +++ b/spec/controllers/account_reset/cancel_controller_spec.rb @@ -65,8 +65,8 @@ post :create - expect(flash[:success]). - to eq t('two_factor_authentication.account_reset.successful_cancel', app_name: APP_NAME) + expect(flash[:success]) + .to eq t('two_factor_authentication.account_reset.successful_cancel', app_name: APP_NAME) expect(response).to redirect_to root_url end diff --git a/spec/controllers/account_reset/pending_controller_spec.rb b/spec/controllers/account_reset/pending_controller_spec.rb index 5bf5bed1b78..286a6c2b79e 100644 --- a/spec/controllers/account_reset/pending_controller_spec.rb +++ b/spec/controllers/account_reset/pending_controller_spec.rb @@ -34,8 +34,8 @@ true, accumulate_on: :hours, ) - expect(controller.view_assigns['account_reset_deletion_period_interval']). - to eq(time_in_hours) + expect(controller.view_assigns['account_reset_deletion_period_interval']) + .to eq(time_in_hours) end end @@ -43,8 +43,8 @@ let(:user) { create(:user, :fraud_review_pending) } context 'fraud wait period not set' do before do - allow(IdentityConfig.store).to receive(:account_reset_fraud_user_wait_period_days). - and_return(nil) + allow(IdentityConfig.store).to receive(:account_reset_fraud_user_wait_period_days) + .and_return(nil) end it 'should have @account_reset_deletion_period to match regular wait period' do @@ -58,8 +58,8 @@ true, accumulate_on: :hours, ) - expect(controller.view_assigns['account_reset_deletion_period_interval']). - to eq(time_in_hours) + expect(controller.view_assigns['account_reset_deletion_period_interval']) + .to eq(time_in_hours) end end @@ -74,8 +74,8 @@ true, accumulate_on: :days, ) - expect(controller.view_assigns['account_reset_deletion_period_interval']). - to eq(time_in_hours) + expect(controller.view_assigns['account_reset_deletion_period_interval']) + .to eq(time_in_hours) end end end diff --git a/spec/controllers/account_reset/request_controller_spec.rb b/spec/controllers/account_reset/request_controller_spec.rb index a55fcb3ba4d..645f4c6bd4f 100644 --- a/spec/controllers/account_reset/request_controller_spec.rb +++ b/spec/controllers/account_reset/request_controller_spec.rb @@ -46,8 +46,8 @@ true, accumulate_on: :hours, ) - expect(controller.view_assigns['account_reset_deletion_period_interval']). - to eq(time_in_hours) + expect(controller.view_assigns['account_reset_deletion_period_interval']) + .to eq(time_in_hours) end end @@ -56,8 +56,8 @@ context 'fraud wait period not set' do before do - allow(IdentityConfig.store).to receive(:account_reset_fraud_user_wait_period_days). - and_return(nil) + allow(IdentityConfig.store).to receive(:account_reset_fraud_user_wait_period_days) + .and_return(nil) end it 'should have @account_reset_deletion_period to match regular wait period' do @@ -71,8 +71,8 @@ true, accumulate_on: :hours, ) - expect(controller.view_assigns['account_reset_deletion_period_interval']). - to eq(time_in_hours) + expect(controller.view_assigns['account_reset_deletion_period_interval']) + .to eq(time_in_hours) end end @@ -87,8 +87,8 @@ true, accumulate_on: :days, ) - expect(controller.view_assigns['account_reset_deletion_period_interval']). - to eq(time_in_hours) + expect(controller.view_assigns['account_reset_deletion_period_interval']) + .to eq(time_in_hours) end end end diff --git a/spec/controllers/accounts/connected_accounts/selected_email_controller_spec.rb b/spec/controllers/accounts/connected_accounts/selected_email_controller_spec.rb index 5bf6e380b58..63bb9d45175 100644 --- a/spec/controllers/accounts/connected_accounts/selected_email_controller_spec.rb +++ b/spec/controllers/accounts/connected_accounts/selected_email_controller_spec.rb @@ -52,8 +52,8 @@ context 'with selected email to share feature disabled' do before do - allow(IdentityConfig.store).to receive(:feature_select_email_to_share_enabled). - and_return(false) + allow(IdentityConfig.store).to receive(:feature_select_email_to_share_enabled) + .and_return(false) end it 'renders 404' do @@ -131,8 +131,8 @@ context 'with selected email to share feature disabled' do before do - allow(IdentityConfig.store).to receive(:feature_select_email_to_share_enabled). - and_return(false) + allow(IdentityConfig.store).to receive(:feature_select_email_to_share_enabled) + .and_return(false) end it 'renders 404' do diff --git a/spec/controllers/accounts/personal_keys_controller_spec.rb b/spec/controllers/accounts/personal_keys_controller_spec.rb index 070468d2da6..55d9b55ee1b 100644 --- a/spec/controllers/accounts/personal_keys_controller_spec.rb +++ b/spec/controllers/accounts/personal_keys_controller_spec.rb @@ -28,8 +28,8 @@ stub_analytics generator = instance_double(PersonalKeyGenerator) - allow(PersonalKeyGenerator).to receive(:new). - with(subject.current_user).and_return(generator) + allow(PersonalKeyGenerator).to receive(:new) + .with(subject.current_user).and_return(generator) expect(generator).to receive(:generate!) diff --git a/spec/controllers/api/internal/two_factor_authentication/auth_app_controller_spec.rb b/spec/controllers/api/internal/two_factor_authentication/auth_app_controller_spec.rb index 946b988a107..f9c1f5e87d5 100644 --- a/spec/controllers/api/internal/two_factor_authentication/auth_app_controller_spec.rb +++ b/spec/controllers/api/internal/two_factor_authentication/auth_app_controller_spec.rb @@ -125,8 +125,8 @@ end it 'sends a recovery information changed event' do - expect(PushNotification::HttpPush).to receive(:deliver). - with(PushNotification::RecoveryInformationChangedEvent.new(user: user)) + expect(PushNotification::HttpPush).to receive(:deliver) + .with(PushNotification::RecoveryInformationChangedEvent.new(user: user)) response end diff --git a/spec/controllers/api/internal/two_factor_authentication/piv_cac_controller_spec.rb b/spec/controllers/api/internal/two_factor_authentication/piv_cac_controller_spec.rb index 229855e3a4b..669e802e949 100644 --- a/spec/controllers/api/internal/two_factor_authentication/piv_cac_controller_spec.rb +++ b/spec/controllers/api/internal/two_factor_authentication/piv_cac_controller_spec.rb @@ -125,8 +125,8 @@ end it 'sends a recovery information changed event' do - expect(PushNotification::HttpPush).to receive(:deliver). - with(PushNotification::RecoveryInformationChangedEvent.new(user: user)) + expect(PushNotification::HttpPush).to receive(:deliver) + .with(PushNotification::RecoveryInformationChangedEvent.new(user: user)) response end diff --git a/spec/controllers/api/internal/two_factor_authentication/webauthn_controller_spec.rb b/spec/controllers/api/internal/two_factor_authentication/webauthn_controller_spec.rb index a8876ded6cd..30bc7cfb9e1 100644 --- a/spec/controllers/api/internal/two_factor_authentication/webauthn_controller_spec.rb +++ b/spec/controllers/api/internal/two_factor_authentication/webauthn_controller_spec.rb @@ -128,8 +128,8 @@ end it 'sends a recovery information changed event' do - expect(PushNotification::HttpPush).to receive(:deliver). - with(PushNotification::RecoveryInformationChangedEvent.new(user: user)) + expect(PushNotification::HttpPush).to receive(:deliver) + .with(PushNotification::RecoveryInformationChangedEvent.new(user: user)) response end diff --git a/spec/controllers/application_controller_spec.rb b/spec/controllers/application_controller_spec.rb index d3a0a0bff8f..f3bbbb5abf1 100644 --- a/spec/controllers/application_controller_spec.rb +++ b/spec/controllers/application_controller_spec.rb @@ -283,9 +283,9 @@ def index allow(controller).to receive(:analytics_user).and_return(user) allow(controller).to receive(:current_sp).and_return(sp) - expect(Analytics).to receive(:new). - with(user: user, request: request, sp: sp.issuer, session: match_array({}), - ahoy: controller.ahoy) + expect(Analytics).to receive(:new) + .with(user: user, request: request, sp: sp.issuer, session: match_array({}), + ahoy: controller.ahoy) controller.analytics end @@ -298,9 +298,9 @@ def index user = instance_double(AnonymousUser) allow(AnonymousUser).to receive(:new).and_return(user) - expect(Analytics).to receive(:new). - with(user: user, request: request, sp: nil, session: match_array({}), - ahoy: controller.ahoy) + expect(Analytics).to receive(:new) + .with(user: user, request: request, sp: nil, session: match_array({}), + ahoy: controller.ahoy) controller.analytics end @@ -549,8 +549,8 @@ def index end before do - allow(controller).to receive(:session). - and_return(sp: { request_url: sp_session_request_url }) + allow(controller).to receive(:session) + .and_return(sp: { request_url: sp_session_request_url }) end subject(:url_with_updated_params) do diff --git a/spec/controllers/concerns/account_reset_concern_spec.rb b/spec/controllers/concerns/account_reset_concern_spec.rb index f19a2c97ad1..d2152ad2314 100644 --- a/spec/controllers/concerns/account_reset_concern_spec.rb +++ b/spec/controllers/concerns/account_reset_concern_spec.rb @@ -26,8 +26,8 @@ def initialize(current_user:) true, accumulate_on: :hours, ) - expect(instance.account_reset_deletion_period_interval(user)). - to eq(time_in_hours) + expect(instance.account_reset_deletion_period_interval(user)) + .to eq(time_in_hours) end end @@ -41,14 +41,14 @@ def initialize(current_user:) true, accumulate_on: :days, ) - expect(instance.account_reset_deletion_period_interval(user)). - to eq(time_in_hours) + expect(instance.account_reset_deletion_period_interval(user)) + .to eq(time_in_hours) end context 'when account_reset_fraud_user_wait_period_days is nil' do before do - allow(IdentityConfig.store).to receive(:account_reset_fraud_user_wait_period_days). - and_return(nil) + allow(IdentityConfig.store).to receive(:account_reset_fraud_user_wait_period_days) + .and_return(nil) end it 'should return standard reset wait time' do @@ -59,8 +59,8 @@ def initialize(current_user:) true, accumulate_on: :hours, ) - expect(instance.account_reset_deletion_period_interval(user)). - to eq(time_in_hours) + expect(instance.account_reset_deletion_period_interval(user)) + .to eq(time_in_hours) end end end diff --git a/spec/controllers/concerns/billable_event_trackable_spec.rb b/spec/controllers/concerns/billable_event_trackable_spec.rb index a0cb5eadd82..40fa2d6d656 100644 --- a/spec/controllers/concerns/billable_event_trackable_spec.rb +++ b/spec/controllers/concerns/billable_event_trackable_spec.rb @@ -94,10 +94,10 @@ aggregate_failures do expect(sp_return_log.profile_id).to eq(active_profile.id) expect(sp_return_log.profile_verified_at).to eq(active_profile.verified_at) - expect(sp_return_log.profile_requested_issuer). - to eq(active_profile.initiating_service_provider_issuer) - expect(sp_return_log.profile_requested_service_provider). - to eq(active_profile.initiating_service_provider) + expect(sp_return_log.profile_requested_issuer) + .to eq(active_profile.initiating_service_provider_issuer) + expect(sp_return_log.profile_requested_service_provider) + .to eq(active_profile.initiating_service_provider) end end end diff --git a/spec/controllers/concerns/idv/ab_test_analytics_concern_spec.rb b/spec/controllers/concerns/idv/ab_test_analytics_concern_spec.rb index b56d7ffa9c9..f03198ab68e 100644 --- a/spec/controllers/concerns/idv/ab_test_analytics_concern_spec.rb +++ b/spec/controllers/concerns/idv/ab_test_analytics_concern_spec.rb @@ -38,15 +38,15 @@ def document_capture_session_uuid end it 'includes opted_in_to_in_person_proofing when enabled' do - allow(IdentityConfig.store).to receive(:in_person_proofing_opt_in_enabled). - and_return(true) - expect(controller.ab_test_analytics_buckets). - to include({ opted_in_to_in_person_proofing: :opt_in_value }) + allow(IdentityConfig.store).to receive(:in_person_proofing_opt_in_enabled) + .and_return(true) + expect(controller.ab_test_analytics_buckets) + .to include({ opted_in_to_in_person_proofing: :opt_in_value }) end it 'does not include opted_in_to_in_person_proofing when disabled' do - expect(controller.ab_test_analytics_buckets). - not_to include({ opted_in_to_in_person_proofing: :opt_in_value }) + expect(controller.ab_test_analytics_buckets) + .not_to include({ opted_in_to_in_person_proofing: :opt_in_value }) end end end diff --git a/spec/controllers/concerns/idv/acuant_concern_spec.rb b/spec/controllers/concerns/idv/acuant_concern_spec.rb index 5a278fb552e..50b4f39138e 100644 --- a/spec/controllers/concerns/idv/acuant_concern_spec.rb +++ b/spec/controllers/concerns/idv/acuant_concern_spec.rb @@ -17,8 +17,8 @@ def index; end subject(:variables) { controller.acuant_sdk_upgrade_a_b_testing_variables } before do - allow(controller).to receive(:document_capture_session_uuid). - and_return(session_uuid) + allow(controller).to receive(:document_capture_session_uuid) + .and_return(session_uuid) # ACUANT_SDK is frozen, so we have to work with a copy of it ab_test = AbTests::ACUANT_SDK.dup @@ -33,9 +33,9 @@ def index; end let(:session_uuid) { SecureRandom.uuid } before do - allow(IdentityConfig.store). - to receive(:idv_acuant_sdk_upgrade_a_b_testing_enabled). - and_return(false) + allow(IdentityConfig.store) + .to receive(:idv_acuant_sdk_upgrade_a_b_testing_enabled) + .and_return(false) end context 'and A/B test specifies the older acuant version' do @@ -53,9 +53,9 @@ def index; end context 'with acuant sdk upgrade A/B testing enabled' do before do - allow(IdentityConfig.store). - to receive(:idv_acuant_sdk_upgrade_a_b_testing_enabled). - and_return(true) + allow(IdentityConfig.store) + .to receive(:idv_acuant_sdk_upgrade_a_b_testing_enabled) + .and_return(true) end context 'and A/B test specifies the newer acuant version' do diff --git a/spec/controllers/concerns/mfa_setup_concern_spec.rb b/spec/controllers/concerns/mfa_setup_concern_spec.rb index 099d311fafc..046184606b4 100644 --- a/spec/controllers/concerns/mfa_setup_concern_spec.rb +++ b/spec/controllers/concerns/mfa_setup_concern_spec.rb @@ -10,9 +10,9 @@ before do stub_sign_in(user) - allow(controller).to receive(:recommend_webauthn_platform_for_sms_user?). - with(:recommend_for_account_creation). - and_return(recommend_webauthn_platform_for_sms_user) + allow(controller).to receive(:recommend_webauthn_platform_for_sms_user?) + .with(:recommend_for_account_creation) + .and_return(recommend_webauthn_platform_for_sms_user) end describe '#next_setup_path' do diff --git a/spec/controllers/concerns/recommend_webauthn_platform_concern_spec.rb b/spec/controllers/concerns/recommend_webauthn_platform_concern_spec.rb index e9bd3b122d2..7b240292679 100644 --- a/spec/controllers/concerns/recommend_webauthn_platform_concern_spec.rb +++ b/spec/controllers/concerns/recommend_webauthn_platform_concern_spec.rb @@ -92,9 +92,9 @@ context 'user not included in ab test' do before do - expect(controller).to receive(:ab_test_bucket). - with(:RECOMMEND_WEBAUTHN_PLATFORM_FOR_SMS_USER). - and_return(nil) + expect(controller).to receive(:ab_test_bucket) + .with(:RECOMMEND_WEBAUTHN_PLATFORM_FOR_SMS_USER) + .and_return(nil) end it { is_expected.to eq(false) } @@ -102,9 +102,9 @@ context 'user included in ab test' do before do - expect(controller).to receive(:ab_test_bucket). - with(:RECOMMEND_WEBAUTHN_PLATFORM_FOR_SMS_USER). - and_return(bucket) + expect(controller).to receive(:ab_test_bucket) + .with(:RECOMMEND_WEBAUTHN_PLATFORM_FOR_SMS_USER) + .and_return(bucket) end it { is_expected.to eq(true) } @@ -153,9 +153,9 @@ context 'user not included in ab test' do before do - expect(controller).to receive(:ab_test_bucket). - with(:RECOMMEND_WEBAUTHN_PLATFORM_FOR_SMS_USER). - and_return(nil) + expect(controller).to receive(:ab_test_bucket) + .with(:RECOMMEND_WEBAUTHN_PLATFORM_FOR_SMS_USER) + .and_return(nil) end it { is_expected.to eq(false) } @@ -163,9 +163,9 @@ context 'user included in ab test' do before do - expect(controller).to receive(:ab_test_bucket). - with(:RECOMMEND_WEBAUTHN_PLATFORM_FOR_SMS_USER). - and_return(bucket) + expect(controller).to receive(:ab_test_bucket) + .with(:RECOMMEND_WEBAUTHN_PLATFORM_FOR_SMS_USER) + .and_return(bucket) end it { is_expected.to eq(true) } diff --git a/spec/controllers/concerns/second_mfa_reminder_concern_spec.rb b/spec/controllers/concerns/second_mfa_reminder_concern_spec.rb index c741927fc70..be5255b8ff1 100644 --- a/spec/controllers/concerns/second_mfa_reminder_concern_spec.rb +++ b/spec/controllers/concerns/second_mfa_reminder_concern_spec.rb @@ -53,8 +53,8 @@ def initialize(current_user:) let(:user) { build(:user, :with_phone, created_at: 11.days.ago) } before do - allow(IdentityConfig.store).to receive(:second_mfa_reminder_account_age_in_days). - and_return(10) + allow(IdentityConfig.store).to receive(:second_mfa_reminder_account_age_in_days) + .and_return(10) end it { expect(user_needs_second_mfa_reminder).to eq(true) } diff --git a/spec/controllers/concerns/threat_metrix_concern_spec.rb b/spec/controllers/concerns/threat_metrix_concern_spec.rb index 1bc6df97b58..9d540624520 100644 --- a/spec/controllers/concerns/threat_metrix_concern_spec.rb +++ b/spec/controllers/concerns/threat_metrix_concern_spec.rb @@ -15,8 +15,8 @@ def index; end let(:ff_enabled) { true } before do - allow(IdentityConfig.store).to receive(:proofing_device_profiling). - and_return(ff_enabled ? :enabled : :disabled) + allow(IdentityConfig.store).to receive(:proofing_device_profiling) + .and_return(ff_enabled ? :enabled : :disabled) end context 'ff is set' do diff --git a/spec/controllers/concerns/two_factor_authenticatable_methods_spec.rb b/spec/controllers/concerns/two_factor_authenticatable_methods_spec.rb index 9fe0c767aac..6516f589081 100644 --- a/spec/controllers/concerns/two_factor_authenticatable_methods_spec.rb +++ b/spec/controllers/concerns/two_factor_authenticatable_methods_spec.rb @@ -158,8 +158,8 @@ end it 'sends the new device alert' do - expect(UserAlerts::AlertUserAboutNewDevice).to receive(:send_alert). - with(user:, disavowal_event: kind_of(Event), disavowal_token: kind_of(String)) + expect(UserAlerts::AlertUserAboutNewDevice).to receive(:send_alert) + .with(user:, disavowal_event: kind_of(Event), disavowal_token: kind_of(String)) result end diff --git a/spec/controllers/fake_s3_controller_spec.rb b/spec/controllers/fake_s3_controller_spec.rb index 09a0aeeaabd..e06c3595c51 100644 --- a/spec/controllers/fake_s3_controller_spec.rb +++ b/spec/controllers/fake_s3_controller_spec.rb @@ -36,8 +36,8 @@ end it 'stores the data in memory' do - expect { action }. - to(change { Test::FakeS3Controller.data[key] }.to(data)) + expect { action } + .to(change { Test::FakeS3Controller.data[key] }.to(data)) end end end diff --git a/spec/controllers/frontend_log_controller_spec.rb b/spec/controllers/frontend_log_controller_spec.rb index a891ce398b2..9caea00935c 100644 --- a/spec/controllers/frontend_log_controller_spec.rb +++ b/spec/controllers/frontend_log_controller_spec.rb @@ -3,8 +3,8 @@ RSpec.describe FrontendLogController do describe '.LEGACY_EVENT_MAP' do it 'has keys sorted alphabetically' do - expect(described_class::LEGACY_EVENT_MAP.keys). - to eq(described_class::LEGACY_EVENT_MAP.keys.sort_by(&:downcase)) + expect(described_class::LEGACY_EVENT_MAP.keys) + .to eq(described_class::LEGACY_EVENT_MAP.keys.sort_by(&:downcase)) end end @@ -104,8 +104,8 @@ end before do - allow(IdentityConfig.store).to receive(:in_person_proofing_opt_in_enabled). - and_return(true) + allow(IdentityConfig.store).to receive(:in_person_proofing_opt_in_enabled) + .and_return(true) end it 'succeeds' do @@ -201,8 +201,8 @@ end it 'notices the error to NewRelic instead of analytics logger' do - allow_any_instance_of(FrontendErrorForm).to receive(:submit). - and_return(FormResponse.new(success: true)) + allow_any_instance_of(FrontendErrorForm).to receive(:submit) + .and_return(FormResponse.new(success: true)) expect(NewRelic::Agent).to receive(:notice_error).with( FrontendErrorLogger::FrontendError.new, custom_params: { diff --git a/spec/controllers/health/database_controller_spec.rb b/spec/controllers/health/database_controller_spec.rb index d1a526281c8..44545dd2c1c 100644 --- a/spec/controllers/health/database_controller_spec.rb +++ b/spec/controllers/health/database_controller_spec.rb @@ -23,8 +23,8 @@ context 'when the database is unhealthy' do before do - expect(DatabaseHealthChecker).to receive(:simple_query). - and_raise(RuntimeError.new('canceling statement due to statement timeout')) + expect(DatabaseHealthChecker).to receive(:simple_query) + .and_raise(RuntimeError.new('canceling statement due to statement timeout')) end it 'is a 500' do diff --git a/spec/controllers/health/health_controller_spec.rb b/spec/controllers/health/health_controller_spec.rb index 8363c12ae6f..9d0602af330 100644 --- a/spec/controllers/health/health_controller_spec.rb +++ b/spec/controllers/health/health_controller_spec.rb @@ -17,30 +17,30 @@ context 'when one resource is unhealthy' do it 'returns an unsuccessful JSON response' do - allow(DatabaseHealthChecker).to receive(:simple_query). - and_raise(RuntimeError.new('canceling statement due to statement timeout')) + allow(DatabaseHealthChecker).to receive(:simple_query) + .and_raise(RuntimeError.new('canceling statement due to statement timeout')) get :index json = JSON.parse(response.body, symbolize_names: true) expect(json[:healthy]).to eq(false) - expect(json[:statuses][:database][:result]). - to include('canceling statement due to statement timeout') + expect(json[:statuses][:database][:result]) + .to include('canceling statement due to statement timeout') expect(response.status).to eq(500) end end context 'all resources are unhealthy' do it 'returns an unsuccessful JSON response' do - allow(DatabaseHealthChecker).to receive(:simple_query). - and_raise(RuntimeError.new('canceling statement due to statement timeout')) + allow(DatabaseHealthChecker).to receive(:simple_query) + .and_raise(RuntimeError.new('canceling statement due to statement timeout')) get :index json = JSON.parse(response.body, symbolize_names: true) expect(json[:healthy]).to eq(false) - expect(json[:statuses][:database][:result]). - to include('canceling statement due to statement timeout') + expect(json[:statuses][:database][:result]) + .to include('canceling statement due to statement timeout') expect(response.status).to eq(500) end end diff --git a/spec/controllers/health/outbound_controller_spec.rb b/spec/controllers/health/outbound_controller_spec.rb index 4cb13347636..5288d75ac0a 100644 --- a/spec/controllers/health/outbound_controller_spec.rb +++ b/spec/controllers/health/outbound_controller_spec.rb @@ -10,8 +10,8 @@ context 'when the outbound connections are healthy' do before do - stub_request(:head, IdentityConfig.store.outbound_connection_check_url). - to_return(status: 200) + stub_request(:head, IdentityConfig.store.outbound_connection_check_url) + .to_return(status: 200) end it 'is a 200' do diff --git a/spec/controllers/idv/account_verified_cta_visited_controller_spec.rb b/spec/controllers/idv/account_verified_cta_visited_controller_spec.rb index 8600a739930..8f7cdb0ec40 100644 --- a/spec/controllers/idv/account_verified_cta_visited_controller_spec.rb +++ b/spec/controllers/idv/account_verified_cta_visited_controller_spec.rb @@ -8,8 +8,8 @@ before do stub_analytics - allow(controller).to receive(:service_provider). - and_return(service_provider) + allow(controller).to receive(:service_provider) + .and_return(service_provider) end describe 'GET #show' do diff --git a/spec/controllers/idv/by_mail/enter_code_controller_spec.rb b/spec/controllers/idv/by_mail/enter_code_controller_spec.rb index 97473107412..5e0a8581413 100644 --- a/spec/controllers/idv/by_mail/enter_code_controller_spec.rb +++ b/spec/controllers/idv/by_mail/enter_code_controller_spec.rb @@ -15,8 +15,8 @@ allow(Pii::Cacher).to receive(:new).and_return(pii_cacher) allow(pii_cacher).to receive(:fetch).and_call_original allow(UserAlerts::AlertUserAboutAccountVerified).to receive(:call) - allow(IdentityConfig.store).to receive(:proofing_device_profiling). - and_return(threatmetrix_enabled ? :enabled : :disabled) + allow(IdentityConfig.store).to receive(:proofing_device_profiling) + .and_return(threatmetrix_enabled ? :enabled : :disabled) allow(IdentityConfig.store).to receive(:enable_usps_verification).and_return(gpo_enabled) end @@ -206,8 +206,8 @@ letter_count: 1, submit_attempts: 1, ) - event_count = user.events.where(event_type: :account_verified, ip: '0.0.0.0'). - where(disavowal_token_fingerprint: nil).count + event_count = user.events.where(event_type: :account_verified, ip: '0.0.0.0') + .where(disavowal_token_fingerprint: nil).count expect(event_count).to eq 1 expect(response).to redirect_to(idv_personal_key_url) end @@ -232,8 +232,8 @@ before do allow(IdentityConfig.store).to receive(:in_person_proofing_enabled).and_return(true) - allow(controller).to receive(:pii). - and_return(user.pending_profile.decrypt_pii(user.password).to_h) + allow(controller).to receive(:pii) + .and_return(user.pending_profile.decrypt_pii(user.password).to_h) end it 'redirects to personal key page' do @@ -280,8 +280,8 @@ letter_count: 1, submit_attempts: 1, ) - event_count = user.events.where(event_type: :account_verified, ip: '0.0.0.0'). - where(disavowal_token_fingerprint: nil).count + event_count = user.events.where(event_type: :account_verified, ip: '0.0.0.0') + .where(disavowal_token_fingerprint: nil).count expect(event_count).to eq 1 expect(response).to redirect_to(idv_personal_key_url) end @@ -386,8 +386,8 @@ let(:max_attempts) { 2 } before do - allow(IdentityConfig.store).to receive(:verify_gpo_key_max_attempts). - and_return(max_attempts) + allow(IdentityConfig.store).to receive(:verify_gpo_key_max_attempts) + .and_return(max_attempts) (max_attempts - 1).times do |_i| post(:create, params: { gpo_verify_form: { otp: bad_otp } }) end @@ -430,12 +430,12 @@ post(:create, params: { gpo_verify_form: { otp: good_otp } }) failed_gpo_submission_events = - @analytics.events['IdV: enter verify by mail code submitted']. - reject { |event_attributes| event_attributes[:errors].empty? } + @analytics.events['IdV: enter verify by mail code submitted'] + .reject { |event_attributes| event_attributes[:errors].empty? } successful_gpo_submission_events = - @analytics.events['IdV: enter verify by mail code submitted']. - select { |event_attributes| event_attributes[:errors].empty? } + @analytics.events['IdV: enter verify by mail code submitted'] + .select { |event_attributes| event_attributes[:errors].empty? } expect(failed_gpo_submission_events.count).to eq(max_attempts - 1) expect(successful_gpo_submission_events.count).to eq(1) diff --git a/spec/controllers/idv/by_mail/letter_enqueued_controller_spec.rb b/spec/controllers/idv/by_mail/letter_enqueued_controller_spec.rb index 041e38c1061..fe6c91c528d 100644 --- a/spec/controllers/idv/by_mail/letter_enqueued_controller_spec.rb +++ b/spec/controllers/idv/by_mail/letter_enqueued_controller_spec.rb @@ -5,8 +5,8 @@ let(:gpo_verification_pending_profile) { true } before do - allow(user).to receive(:gpo_verification_pending_profile?). - and_return(gpo_verification_pending_profile) + allow(user).to receive(:gpo_verification_pending_profile?) + .and_return(gpo_verification_pending_profile) stub_sign_in(user) end diff --git a/spec/controllers/idv/by_mail/request_letter_controller_spec.rb b/spec/controllers/idv/by_mail/request_letter_controller_spec.rb index 81e58922453..6cb398c660d 100644 --- a/spec/controllers/idv/by_mail/request_letter_controller_spec.rb +++ b/spec/controllers/idv/by_mail/request_letter_controller_spec.rb @@ -51,16 +51,16 @@ it 'redirects if the user has sent too much mail' do allow(controller.gpo_verify_by_mail_policy).to receive(:rate_limited?).and_return(true) - allow(subject.idv_session).to receive(:address_mechanism_chosen?). - and_return(true) + allow(subject.idv_session).to receive(:address_mechanism_chosen?) + .and_return(true) get :index expect(response).to redirect_to idv_enter_password_path end it 'redirects if the user is not allowed to send mail' do - allow(controller.gpo_verify_by_mail_policy).to receive(:send_letter_available?). - and_return(false) + allow(controller.gpo_verify_by_mail_policy).to receive(:send_letter_available?) + .and_return(false) get :index diff --git a/spec/controllers/idv/by_mail/resend_letter_controller_spec.rb b/spec/controllers/idv/by_mail/resend_letter_controller_spec.rb index b26ce6b0d9e..4884ef2ab84 100644 --- a/spec/controllers/idv/by_mail/resend_letter_controller_spec.rb +++ b/spec/controllers/idv/by_mail/resend_letter_controller_spec.rb @@ -138,9 +138,9 @@ def expect_to_resend_letter_and_redirect(vtr: false) end gpo_confirmation_maker = instance_double(GpoConfirmationMaker) - allow(GpoConfirmationMaker).to receive(:new). - with(pii: pii, service_provider: service_provider, profile: user.pending_profile). - and_return(gpo_confirmation_maker) + allow(GpoConfirmationMaker).to receive(:new) + .with(pii: pii, service_provider: service_provider, profile: user.pending_profile) + .and_return(gpo_confirmation_maker) expect(gpo_confirmation_maker).to receive(:perform) expect { put :create }.to change { ActionMailer::Base.deliveries.count }.by(1) diff --git a/spec/controllers/idv/document_capture_controller_spec.rb b/spec/controllers/idv/document_capture_controller_spec.rb index eb98f5c1f73..1bc9cc0f623 100644 --- a/spec/controllers/idv/document_capture_controller_spec.rb +++ b/spec/controllers/idv/document_capture_controller_spec.rb @@ -30,8 +30,8 @@ vot = sp_selfie_enabled ? 'Pb' : 'P1' resolved_authn_context = Vot::Parser.new(vector_of_trust: vot).parse - allow(controller).to receive(:resolved_authn_context_result). - and_return(resolved_authn_context) + allow(controller).to receive(:resolved_authn_context_result) + .and_return(resolved_authn_context) subject.idv_session.flow_path = flow_path allow(subject).to receive(:ab_test_analytics_buckets).and_return(ab_test_args) @@ -54,8 +54,8 @@ it 'does not satisfy precondition' do expect(Idv::DocumentCaptureController.step_info.preconditions.is_a?(Proc)) - expect(subject).to receive(:render). - with(:show, locals: an_instance_of(Hash)).and_call_original + expect(subject).to receive(:render) + .with(:show, locals: an_instance_of(Hash)).and_call_original get :show expect(response).to render_template :show end @@ -65,8 +65,8 @@ let(:sp_selfie_enabled) { true } before do - allow(IdentityConfig.store).to receive(:doc_auth_selfie_desktop_test_mode). - and_return(false) + allow(IdentityConfig.store).to receive(:doc_auth_selfie_desktop_test_mode) + .and_return(false) end it 'does satisfy precondition' do @@ -152,8 +152,8 @@ before do resolved_authn_context = Vot::Parser.new(vector_of_trust: vot).parse - allow(controller).to receive(:resolved_authn_context_result). - and_return(resolved_authn_context) + allow(controller).to receive(:resolved_authn_context_result) + .and_return(resolved_authn_context) end it 'does not redirect to Socure controller' do @@ -181,8 +181,8 @@ let(:sp_selfie_enabled) { true } let(:desktop_selfie_enabled) { false } before do - allow(IdentityConfig.store).to receive(:doc_auth_selfie_desktop_test_mode). - and_return(desktop_selfie_enabled) + allow(IdentityConfig.store).to receive(:doc_auth_selfie_desktop_test_mode) + .and_return(desktop_selfie_enabled) end describe 'when desktop selfie disabled' do let(:desktop_selfie_enabled) { false } @@ -383,8 +383,8 @@ context 'selfie checks' do before do - expect(controller).to receive(:selfie_requirement_met?). - and_return(performed_if_needed) + expect(controller).to receive(:selfie_requirement_met?) + .and_return(performed_if_needed) allow(result).to receive(:success?).and_return(true) allow(result).to receive(:errors).and_return(result[:errors]) allow(subject).to receive(:stored_result).and_return(result) diff --git a/spec/controllers/idv/enter_password_controller_spec.rb b/spec/controllers/idv/enter_password_controller_spec.rb index 5bbaab77b78..fcb3b8b8e70 100644 --- a/spec/controllers/idv/enter_password_controller_spec.rb +++ b/spec/controllers/idv/enter_password_controller_spec.rb @@ -325,8 +325,8 @@ def show before do resolved_authn_context_result = Vot::Parser.new(vector_of_trust: 'Pb').parse - allow(controller).to receive(:resolved_authn_context_result). - and_return(resolved_authn_context_result) + allow(controller).to receive(:resolved_authn_context_result) + .and_return(resolved_authn_context_result) end it 'creates Profile with applicant attributes' do @@ -345,8 +345,8 @@ def show before do resolved_authn_context_result = Vot::Parser.new(vector_of_trust: 'Pe').parse - allow(controller).to receive(:resolved_authn_context_result). - and_return(resolved_authn_context_result) + allow(controller).to receive(:resolved_authn_context_result) + .and_return(resolved_authn_context_result) end it 'creates Profile with applicant attributes' do @@ -399,8 +399,8 @@ def show it 'creates an `account_verified` event once per confirmation' do put :create, params: { user: { password: ControllerHelper::VALID_PASSWORD } } - events_count = user.events.where(event_type: :account_verified, ip: '0.0.0.0'). - where(disavowal_token_fingerprint: nil).count + events_count = user.events.where(event_type: :account_verified, ip: '0.0.0.0') + .where(disavowal_token_fingerprint: nil).count expect(events_count).to eq 1 end @@ -746,8 +746,8 @@ def show mock = double expect(UspsInPersonProofing::Proofer).to receive(:new).and_return(mock) expect(mock).to receive(:request_enroll) do |applicant| - expect(applicant.address). - to eq(Idp::Constants::MOCK_IDV_APPLICANT[:address1]) + expect(applicant.address) + .to eq(Idp::Constants::MOCK_IDV_APPLICANT[:address1]) proofer.request_enroll(applicant) end @@ -789,14 +789,14 @@ def show context 'when user enters an address2 value' do it 'does not include address2' do subject.idv_session.applicant = - Idp::Constants::MOCK_IDV_APPLICANT_SAME_ADDRESS_AS_ID_WITH_PHONE. - merge(address2: '3b') + Idp::Constants::MOCK_IDV_APPLICANT_SAME_ADDRESS_AS_ID_WITH_PHONE + .merge(address2: '3b') proofer = UspsInPersonProofing::Proofer.new mock = double expect(UspsInPersonProofing::Proofer).to receive(:new).and_return(mock) expect(mock).to receive(:request_enroll) do |applicant| - expect(applicant.address). - to eq(Idp::Constants::MOCK_IDV_APPLICANT[:address1]) + expect(applicant.address) + .to eq(Idp::Constants::MOCK_IDV_APPLICANT[:address1]) proofer.request_enroll(applicant) end @@ -823,8 +823,8 @@ def show let(:proofing_device_profiling_state) { proofing_device_profiling_state } before do - allow(IdentityConfig.store).to receive(:proofing_device_profiling). - and_return(proofing_device_profiling_state) + allow(IdentityConfig.store).to receive(:proofing_device_profiling) + .and_return(proofing_device_profiling_state) subject.idv_session.threatmetrix_review_status = review_status stub_request_token end @@ -979,8 +979,8 @@ def show ) end it 'passes the correct param to the enrollment helper method' do - expect(UspsInPersonProofing::EnrollmentHelper).to receive(:schedule_in_person_enrollment). - with( + expect(UspsInPersonProofing::EnrollmentHelper).to receive(:schedule_in_person_enrollment) + .with( user: user, pii: Pii::Attributes.new_from_hash(applicant), is_enhanced_ipp: is_enhanced_ipp, diff --git a/spec/controllers/idv/hybrid_handoff_controller_spec.rb b/spec/controllers/idv/hybrid_handoff_controller_spec.rb index bb3a377d53b..8b161f4d779 100644 --- a/spec/controllers/idv/hybrid_handoff_controller_spec.rb +++ b/spec/controllers/idv/hybrid_handoff_controller_spec.rb @@ -13,8 +13,8 @@ let(:sp_selfie_enabled) { false } before do - allow(controller).to receive(:current_sp). - and_return(service_provider) + allow(controller).to receive(:current_sp) + .and_return(service_provider) stub_sign_in(user) stub_up_to(:agreement, idv_session: subject.idv_session) stub_analytics @@ -24,8 +24,8 @@ Vot::Parser.new(vector_of_trust: 'Pb').parse : Vot::Parser.new(vector_of_trust: 'P1').parse - allow(subject).to receive(:resolved_authn_context_result). - and_return(resolved_authn_context_result) + allow(subject).to receive(:resolved_authn_context_result) + .and_return(resolved_authn_context_result) allow(IdentityConfig.store).to receive(:in_person_proofing_enabled) { in_person_proofing } allow(IdentityConfig.store).to receive(:in_person_proofing_opt_in_enabled) { @@ -204,8 +204,8 @@ context 'opt in selection is nil' do before do - allow(IdentityConfig.store).to receive(:doc_auth_selfie_desktop_test_mode). - and_return(false) + allow(IdentityConfig.store).to receive(:doc_auth_selfie_desktop_test_mode) + .and_return(false) subject.idv_session.skip_doc_auth_from_how_to_verify = nil end @@ -227,8 +227,8 @@ context 'opted in to ipp flow' do before do - allow(IdentityConfig.store).to receive(:doc_auth_selfie_desktop_test_mode). - and_return(false) + allow(IdentityConfig.store).to receive(:doc_auth_selfie_desktop_test_mode) + .and_return(false) subject.idv_session.skip_doc_auth_from_how_to_verify = true subject.idv_session.skip_hybrid_handoff = true end diff --git a/spec/controllers/idv/hybrid_mobile/capture_complete_controller_spec.rb b/spec/controllers/idv/hybrid_mobile/capture_complete_controller_spec.rb index 92cd64ad58f..debe664a09c 100644 --- a/spec/controllers/idv/hybrid_mobile/capture_complete_controller_spec.rb +++ b/spec/controllers/idv/hybrid_mobile/capture_complete_controller_spec.rb @@ -24,8 +24,8 @@ session[:doc_capture_user_id] = user&.id session[:document_capture_session_uuid] = document_capture_session_uuid stub_analytics - allow(subject).to receive(:confirm_document_capture_session_complete). - and_return(true) + allow(subject).to receive(:confirm_document_capture_session_complete) + .and_return(true) end describe 'before_actions' do diff --git a/spec/controllers/idv/hybrid_mobile/document_capture_controller_spec.rb b/spec/controllers/idv/hybrid_mobile/document_capture_controller_spec.rb index d3123a4335e..d1a52c3b3df 100644 --- a/spec/controllers/idv/hybrid_mobile/document_capture_controller_spec.rb +++ b/spec/controllers/idv/hybrid_mobile/document_capture_controller_spec.rb @@ -227,8 +227,8 @@ context 'selfie checks' do before do - expect(controller).to receive(:selfie_requirement_met?). - and_return(performed_if_needed) + expect(controller).to receive(:selfie_requirement_met?) + .and_return(performed_if_needed) end context 'not performed' do diff --git a/spec/controllers/idv/hybrid_mobile/entry_controller_spec.rb b/spec/controllers/idv/hybrid_mobile/entry_controller_spec.rb index 15d1bb50191..0a45bb5af03 100644 --- a/spec/controllers/idv/hybrid_mobile/entry_controller_spec.rb +++ b/spec/controllers/idv/hybrid_mobile/entry_controller_spec.rb @@ -73,12 +73,12 @@ acr_values: acr_values, ).result allow(controller).to receive(:session).and_return(session) - allow(controller).to receive(:resolved_authn_context_result). - and_return(resolved_authn_context) - allow(IdentityConfig.store).to receive(:doc_auth_vendor_switching_enabled). - and_return(vendor_switching_enabled) - allow(IdentityConfig.store).to receive(:doc_auth_vendor_lexis_nexis_percent). - and_return(lexis_nexis_percent) + allow(controller).to receive(:resolved_authn_context_result) + .and_return(resolved_authn_context) + allow(IdentityConfig.store).to receive(:doc_auth_vendor_switching_enabled) + .and_return(vendor_switching_enabled) + allow(IdentityConfig.store).to receive(:doc_auth_vendor_lexis_nexis_percent) + .and_return(lexis_nexis_percent) get :show, params: { 'document-capture-session': session_uuid } end @@ -120,8 +120,8 @@ let(:lexis_nexis_percent) { 0 } before do - allow(IdentityConfig.store).to receive(:doc_auth_vendor_lexis_nexis_percent). - and_return(lexis_nexis_percent) + allow(IdentityConfig.store).to receive(:doc_auth_vendor_lexis_nexis_percent) + .and_return(lexis_nexis_percent) end it 'causes an 404 error' do diff --git a/spec/controllers/idv/hybrid_mobile/socure/document_capture_controller_spec.rb b/spec/controllers/idv/hybrid_mobile/socure/document_capture_controller_spec.rb index 380e2a7853a..de12759de6f 100644 --- a/spec/controllers/idv/hybrid_mobile/socure/document_capture_controller_spec.rb +++ b/spec/controllers/idv/hybrid_mobile/socure/document_capture_controller_spec.rb @@ -21,23 +21,23 @@ let(:socure_docv_verification_data_test_mode) { false } before do - allow(IdentityConfig.store).to receive(:socure_docv_enabled). - and_return(socure_docv_enabled) - allow(IdentityConfig.store).to receive(:socure_docv_document_request_endpoint). - and_return(fake_socure_endpoint) + allow(IdentityConfig.store).to receive(:socure_docv_enabled) + .and_return(socure_docv_enabled) + allow(IdentityConfig.store).to receive(:socure_docv_document_request_endpoint) + .and_return(fake_socure_endpoint) allow(IdentityConfig.store).to receive(:doc_auth_vendor).and_return(idv_vendor) allow(IdentityConfig.store).to receive(:doc_auth_vendor_default).and_return(idv_vendor) - allow(IdentityConfig.store).to receive(:doc_auth_vendor_switching_enabled). - and_return(vendor_switching_enabled) + allow(IdentityConfig.store).to receive(:doc_auth_vendor_switching_enabled) + .and_return(vendor_switching_enabled) allow(subject).to receive(:stored_result).and_return(stored_result) session[:doc_capture_user_id] = user&.id session[:document_capture_session_uuid] = document_capture_session_uuid - allow(IdentityConfig.store). - to receive(:socure_docv_verification_data_test_mode). - and_return(socure_docv_verification_data_test_mode) + allow(IdentityConfig.store) + .to receive(:socure_docv_verification_data_test_mode) + .and_return(socure_docv_verification_data_test_mode) unless IdentityConfig.store.socure_docv_verification_data_test_mode expect(IdentityConfig.store).not_to receive(:socure_docv_verification_data_test_mode_tokens) @@ -102,8 +102,8 @@ vtr: nil, acr_values: acr_values, ).result - allow(controller).to receive(:resolved_authn_context_result). - and_return(resolved_authn_context) + allow(controller).to receive(:resolved_authn_context_result) + .and_return(resolved_authn_context) end it 'redirects to the LN/mock controller' do @@ -136,8 +136,8 @@ end it 'creates a DocumentRequest' do - expect(request_class).to have_received(:new). - with( + expect(request_class).to have_received(:new) + .with( redirect_url: idv_hybrid_mobile_socure_document_capture_update_url, language: expected_language, ) @@ -158,8 +158,8 @@ let(:expected_language) { :en } it 'does the correct POST to Socure' do - expect(WebMock).to have_requested(:post, fake_socure_endpoint). - with( + expect(WebMock).to have_requested(:post, fake_socure_endpoint) + .with( body: JSON.generate( { config: { @@ -180,8 +180,8 @@ let(:expected_language) { :zh } it 'does the correct POST to Socure' do - expect(WebMock).to have_requested(:post, fake_socure_endpoint). - with( + expect(WebMock).to have_requested(:post, fake_socure_endpoint) + .with( body: JSON.generate( { config: { @@ -208,8 +208,8 @@ it 'puts the docvTransactionToken into the document capture session' do document_capture_session.reload - expect(document_capture_session.socure_docv_transaction_token). - to eq(docv_transaction_token) + expect(document_capture_session.socure_docv_transaction_token) + .to eq(docv_transaction_token) end end end @@ -259,8 +259,8 @@ } end before do - allow(IdentityConfig.store).to receive(:socure_docv_document_request_endpoint). - and_return(fake_socure_endpoint) + allow(IdentityConfig.store).to receive(:socure_docv_document_request_endpoint) + .and_return(fake_socure_endpoint) end it 'connection timeout still responds to user' do stub_request(:post, fake_socure_endpoint).to_raise(Faraday::ConnectionFailed) @@ -415,17 +415,17 @@ before do ActiveJob::Base.queue_adapter = :test - allow(IdentityConfig.store). - to receive(:socure_docv_verification_data_test_mode_tokens). - and_return([test_token]) + allow(IdentityConfig.store) + .to receive(:socure_docv_verification_data_test_mode_tokens) + .and_return([test_token]) stub_request( :post, "#{IdentityConfig.store.socure_idplus_base_url}/api/3.0/EmailAuthScore", - ). - with(body: { modules: ['documentverification'], docvTransactionToken: test_token }. - to_json). - to_return( + ) + .with(body: { modules: ['documentverification'], docvTransactionToken: test_token } + .to_json) + .to_return( headers: { 'Content-Type' => 'application/json', }, @@ -435,8 +435,8 @@ context 'when a token is provided from the allow list' do it 'performs SocureDocvResultsJob' do - expect { get(:update, params: { docv_token: test_token }) }. - not_to have_enqueued_job(SocureDocvResultsJob) # is synchronous + expect { get(:update, params: { docv_token: test_token }) } + .not_to have_enqueued_job(SocureDocvResultsJob) # is synchronous expect(document_capture_session.reload.load_result).not_to be_nil end @@ -444,8 +444,8 @@ context 'when a token is provided not on the allow list' do it 'performs SocureDocvResultsJob' do - expect { get(:update, params: { docv_token: 'rando-token' }) }. - not_to have_enqueued_job(SocureDocvResultsJob) + expect { get(:update, params: { docv_token: 'rando-token' }) } + .not_to have_enqueued_job(SocureDocvResultsJob) expect(document_capture_session.reload.load_result).to be_nil end diff --git a/spec/controllers/idv/image_uploads_controller_spec.rb b/spec/controllers/idv/image_uploads_controller_spec.rb index 26975325175..2dae6836aa9 100644 --- a/spec/controllers/idv/image_uploads_controller_spec.rb +++ b/spec/controllers/idv/image_uploads_controller_spec.rb @@ -36,8 +36,8 @@ before do Funnel::DocAuth::RegisterStep.new(user.id, '').call('welcome', :view, true) - allow(IdentityConfig.store).to receive(:idv_acuant_sdk_upgrade_a_b_testing_enabled). - and_return(false) + allow(IdentityConfig.store).to receive(:idv_acuant_sdk_upgrade_a_b_testing_enabled) + .and_return(false) end context 'when fields are missing' do @@ -290,13 +290,13 @@ before do resolved_authn_context_result = Vot::Parser.new(vector_of_trust: 'Pb').parse - allow(controller).to receive(:resolved_authn_context_result). - and_return(resolved_authn_context_result) + allow(controller).to receive(:resolved_authn_context_result) + .and_return(resolved_authn_context_result) end it 'returns a successful response and modifies the session' do - expect_any_instance_of(DocAuth::Mock::DocAuthMockClient). - to receive(:post_images).with( + expect_any_instance_of(DocAuth::Mock::DocAuthMockClient) + .to receive(:post_images).with( front_image: an_instance_of(String), back_image: an_instance_of(String), selfie_image: an_instance_of(String), @@ -317,8 +317,8 @@ end it 'returns a successful response and modifies the session' do - expect_any_instance_of(DocAuth::Mock::DocAuthMockClient). - to receive(:post_images).with( + expect_any_instance_of(DocAuth::Mock::DocAuthMockClient) + .to receive(:post_images).with( front_image: an_instance_of(String), back_image: an_instance_of(String), selfie_image: nil, @@ -1068,8 +1068,8 @@ end it 'sends a selfie' do - expect_any_instance_of(DocAuth::Mock::DocAuthMockClient). - to receive(:post_images).with( + expect_any_instance_of(DocAuth::Mock::DocAuthMockClient) + .to receive(:post_images).with( front_image: an_instance_of(String), back_image: an_instance_of(String), selfie_image: an_instance_of(String), diff --git a/spec/controllers/idv/in_person/address_controller_spec.rb b/spec/controllers/idv/in_person/address_controller_spec.rb index 638175330c0..afd32c3a37a 100644 --- a/spec/controllers/idv/in_person/address_controller_spec.rb +++ b/spec/controllers/idv/in_person/address_controller_spec.rb @@ -8,8 +8,8 @@ let(:pii_from_user) { Idp::Constants::MOCK_IPP_APPLICANT_SAME_ADDRESS_AS_ID_FALSE } before do - allow(IdentityConfig.store).to receive(:usps_ipp_transliteration_enabled). - and_return(true) + allow(IdentityConfig.store).to receive(:usps_ipp_transliteration_enabled) + .and_return(true) stub_sign_in(user) stub_up_to(:hybrid_handoff, idv_session: subject.idv_session) subject.user_session['idv/in_person'] = { @@ -176,8 +176,8 @@ it 'infers and sets the "same_address_as_id" in the flow session to false' do put :update, params: params - expect(subject.user_session['idv/in_person'][:pii_from_user][:same_address_as_id]). - to eq('false') + expect(subject.user_session['idv/in_person'][:pii_from_user][:same_address_as_id]) + .to eq('false') end end @@ -189,8 +189,8 @@ it 'leaves the "same_address_as_id" in the flow session as false' do put :update, params: params - expect(subject.user_session['idv/in_person'][:pii_from_user][:same_address_as_id]). - to eq('false') + expect(subject.user_session['idv/in_person'][:pii_from_user][:same_address_as_id]) + .to eq('false') end end end diff --git a/spec/controllers/idv/in_person/ready_to_verify_controller_spec.rb b/spec/controllers/idv/in_person/ready_to_verify_controller_spec.rb index f475e135858..cc14296fd92 100644 --- a/spec/controllers/idv/in_person/ready_to_verify_controller_spec.rb +++ b/spec/controllers/idv/in_person/ready_to_verify_controller_spec.rb @@ -7,10 +7,10 @@ before do stub_analytics - allow(IdentityConfig.store).to receive(:in_person_proofing_enabled). - and_return(in_person_proofing_enabled) - allow(IdentityConfig.store).to receive(:in_person_proofing_enforce_tmx). - and_return(in_person_proofing_enforce_tmx) + allow(IdentityConfig.store).to receive(:in_person_proofing_enabled) + .and_return(in_person_proofing_enabled) + allow(IdentityConfig.store).to receive(:in_person_proofing_enforce_tmx) + .and_return(in_person_proofing_enforce_tmx) end describe 'before_actions' do @@ -102,8 +102,8 @@ before do resolved_authn_context_result = Vot::Parser.new(vector_of_trust: 'Pb').parse - allow(controller).to receive(:resolved_authn_context_result). - and_return(resolved_authn_context_result) + allow(controller).to receive(:resolved_authn_context_result) + .and_return(resolved_authn_context_result) end it 'evaluates to In Person Proofing' do @@ -117,8 +117,8 @@ before do resolved_authn_context_result = Vot::Parser.new(vector_of_trust: 'Pe').parse - allow(controller).to receive(:resolved_authn_context_result). - and_return(resolved_authn_context_result) + allow(controller).to receive(:resolved_authn_context_result) + .and_return(resolved_authn_context_result) end it 'evaluates to Enhanced IPP' do diff --git a/spec/controllers/idv/in_person/ssn_controller_spec.rb b/spec/controllers/idv/in_person/ssn_controller_spec.rb index 4e363c1972c..d8ab3d9cd68 100644 --- a/spec/controllers/idv/in_person/ssn_controller_spec.rb +++ b/spec/controllers/idv/in_person/ssn_controller_spec.rb @@ -155,8 +155,8 @@ it 'updates idv_session.ssn' do subject.idv_session.ssn = '900-95-7890' - expect { put :update, params: params }.to change { subject.idv_session.ssn }. - from('900-95-7890').to(ssn) + expect { put :update, params: params }.to change { subject.idv_session.ssn } + .from('900-95-7890').to(ssn) expect(@analytics).to have_logged_event(analytics_name, analytics_args) end end diff --git a/spec/controllers/idv/in_person/state_id_controller_spec.rb b/spec/controllers/idv/in_person/state_id_controller_spec.rb index b24ab440209..6b448276214 100644 --- a/spec/controllers/idv/in_person/state_id_controller_spec.rb +++ b/spec/controllers/idv/in_person/state_id_controller_spec.rb @@ -8,8 +8,8 @@ let(:enrollment) { InPersonEnrollment.new } before do - allow(IdentityConfig.store).to receive(:usps_ipp_transliteration_enabled). - and_return(true) + allow(IdentityConfig.store).to receive(:usps_ipp_transliteration_enabled) + .and_return(true) stub_sign_in(user) stub_up_to(:hybrid_handoff, idv_session: subject.idv_session) allow(user).to receive(:establishing_in_person_enrollment).and_return(enrollment) diff --git a/spec/controllers/idv/in_person/usps_locations_controller_spec.rb b/spec/controllers/idv/in_person/usps_locations_controller_spec.rb index 489df56f68c..a4803ba15a1 100644 --- a/spec/controllers/idv/in_person/usps_locations_controller_spec.rb +++ b/spec/controllers/idv/in_person/usps_locations_controller_spec.rb @@ -32,8 +32,8 @@ before do stub_analytics stub_sign_in(user) if user - allow(IdentityConfig.store).to receive(:in_person_proofing_enabled). - and_return(in_person_proofing_enabled) + allow(IdentityConfig.store).to receive(:in_person_proofing_enabled) + .and_return(in_person_proofing_enabled) allow(controller).to receive(:current_sp).and_return(sp) end @@ -150,8 +150,8 @@ context 'no addresses found by usps' do before do - allow(proofer).to receive(:request_facilities).with(address, false). - and_return([]) + allow(proofer).to receive(:request_facilities).with(address, false) + .and_return([]) end it 'logs analytics with error when successful response is empty' do @@ -239,8 +239,8 @@ end before do - allow(proofer).to receive(:request_facilities).with(fake_address, false). - and_raise(exception) + allow(proofer).to receive(:request_facilities).with(fake_address, false) + .and_raise(exception) end it 'returns no locations' do diff --git a/spec/controllers/idv/in_person/verify_info_controller_spec.rb b/spec/controllers/idv/in_person/verify_info_controller_spec.rb index a05953e8b96..d4ddcb4696d 100644 --- a/spec/controllers/idv/in_person/verify_info_controller_spec.rb +++ b/spec/controllers/idv/in_person/verify_info_controller_spec.rb @@ -251,8 +251,8 @@ end it 'indicates to the IDV agent that an IPP enrollment is not in progress' do - expect_any_instance_of(Idv::Agent).to receive(:proof_resolution). - with( + expect_any_instance_of(Idv::Agent).to receive(:proof_resolution) + .with( kind_of(DocumentCaptureSession), trace_id: subject.send(:amzn_trace_id), threatmetrix_session_id: nil, @@ -294,8 +294,8 @@ end it 'passes the X-Amzn-Trace-Id to the proofer' do - expect_any_instance_of(Idv::Agent).to receive(:proof_resolution). - with( + expect_any_instance_of(Idv::Agent).to receive(:proof_resolution) + .with( kind_of(DocumentCaptureSession), trace_id: subject.send(:amzn_trace_id), threatmetrix_session_id: nil, @@ -327,8 +327,8 @@ before do allow(IdentityConfig.store).to receive(:proof_ssn_max_attempts).and_return(3) - allow(IdentityConfig.store).to receive(:proof_ssn_max_attempt_window_in_minutes). - and_return(10) + allow(IdentityConfig.store).to receive(:proof_ssn_max_attempt_window_in_minutes) + .and_return(10) end it 'rate limits them all' do diff --git a/spec/controllers/idv/in_person_controller_spec.rb b/spec/controllers/idv/in_person_controller_spec.rb index 9a6a3f73271..462a79c83eb 100644 --- a/spec/controllers/idv/in_person_controller_spec.rb +++ b/spec/controllers/idv/in_person_controller_spec.rb @@ -6,8 +6,8 @@ let(:user) { nil } before do - allow(IdentityConfig.store).to receive(:in_person_proofing_enabled). - and_return(in_person_proofing_enabled) + allow(IdentityConfig.store).to receive(:in_person_proofing_enabled) + .and_return(in_person_proofing_enabled) allow(controller).to receive(:current_sp).and_return(sp) stub_sign_in(user) if user end @@ -75,8 +75,8 @@ context 'with in person proofing enabled for service provider' do before do - ServiceProvider.find_by(issuer: sp.issuer). - update(in_person_proofing_enabled: true) + ServiceProvider.find_by(issuer: sp.issuer) + .update(in_person_proofing_enabled: true) end it 'redirects to the first step' do diff --git a/spec/controllers/idv/link_sent_controller_spec.rb b/spec/controllers/idv/link_sent_controller_spec.rb index fe7f3ede25d..e8feadcee66 100644 --- a/spec/controllers/idv/link_sent_controller_spec.rb +++ b/spec/controllers/idv/link_sent_controller_spec.rb @@ -191,8 +191,8 @@ context 'selfie checks' do before do - expect(controller).to receive(:selfie_requirement_met?). - and_return(performed_if_needed) + expect(controller).to receive(:selfie_requirement_met?) + .and_return(performed_if_needed) end context 'not performed' do diff --git a/spec/controllers/idv/otp_verification_controller_spec.rb b/spec/controllers/idv/otp_verification_controller_spec.rb index 0ec9a8cef26..64cd5dc6318 100644 --- a/spec/controllers/idv/otp_verification_controller_spec.rb +++ b/spec/controllers/idv/otp_verification_controller_spec.rb @@ -107,8 +107,8 @@ context 'the user is going through in person proofing' do before(:each) do create(:in_person_enrollment, :establishing, user: user) - allow(IdentityConfig.store).to receive(:in_person_proofing_enabled). - and_return(true) + allow(IdentityConfig.store).to receive(:in_person_proofing_enabled) + .and_return(true) end context 'the user uses sms otp' do @@ -120,8 +120,8 @@ end it 'saves the sms notification number to the enrollment' do - expect(IdentityConfig.store).to receive(:in_person_send_proofing_notifications_enabled). - and_return(true) + expect(IdentityConfig.store).to receive(:in_person_send_proofing_notifications_enabled) + .and_return(true) put :update, params: otp_code_param @@ -142,8 +142,8 @@ end it 'does not save the sms notification number to the enrollment' do - expect(IdentityConfig.store).to receive(:in_person_send_proofing_notifications_enabled). - and_return(true) + expect(IdentityConfig.store).to receive(:in_person_send_proofing_notifications_enabled) + .and_return(true) put :update, params: otp_code_param diff --git a/spec/controllers/idv/phone_controller_spec.rb b/spec/controllers/idv/phone_controller_spec.rb index 664a4dee1c9..f2a13f69406 100644 --- a/spec/controllers/idv/phone_controller_spec.rb +++ b/spec/controllers/idv/phone_controller_spec.rb @@ -379,8 +379,8 @@ context 'with full vendor outage' do before do - allow_any_instance_of(OutageStatus).to receive(:all_phone_vendor_outage?). - and_return(true) + allow_any_instance_of(OutageStatus).to receive(:all_phone_vendor_outage?) + .and_return(true) end it 'redirects to vendor outage page' do @@ -407,8 +407,8 @@ context 'with full vendor outage' do before do - allow_any_instance_of(OutageStatus).to receive(:all_phone_vendor_outage?). - and_return(true) + allow_any_instance_of(OutageStatus).to receive(:all_phone_vendor_outage?) + .and_return(true) end it 'redirects to vendor outage page' do diff --git a/spec/controllers/idv/please_call_controller_spec.rb b/spec/controllers/idv/please_call_controller_spec.rb index e02027664a4..42f11525296 100644 --- a/spec/controllers/idv/please_call_controller_spec.rb +++ b/spec/controllers/idv/please_call_controller_spec.rb @@ -10,10 +10,10 @@ before do stub_sign_in(user) - allow(IdentityConfig.store).to receive(:in_person_proofing_enabled). - and_return(in_person_proofing_enabled) - allow(IdentityConfig.store).to receive(:in_person_proofing_enforce_tmx). - and_return(in_person_proofing_enforce_tmx) + allow(IdentityConfig.store).to receive(:in_person_proofing_enabled) + .and_return(in_person_proofing_enabled) + allow(IdentityConfig.store).to receive(:in_person_proofing_enforce_tmx) + .and_return(in_person_proofing_enforce_tmx) end render_views @@ -62,10 +62,10 @@ let!(:enrollment) { create(:in_person_enrollment, :passed, user: user, profile: profile) } before do - allow(IdentityConfig.store).to receive(:in_person_proofing_enabled). - and_return(in_person_proofing_enabled) - allow(IdentityConfig.store).to receive(:in_person_proofing_enforce_tmx). - and_return(in_person_proofing_enforce_tmx) + allow(IdentityConfig.store).to receive(:in_person_proofing_enabled) + .and_return(in_person_proofing_enabled) + allow(IdentityConfig.store).to receive(:in_person_proofing_enforce_tmx) + .and_return(in_person_proofing_enforce_tmx) end it 'renders the show template' do @@ -116,10 +116,10 @@ let!(:enrollment) { create(:in_person_enrollment, :passed, user: user, profile: profile) } before do - allow(IdentityConfig.store).to receive(:in_person_proofing_enabled). - and_return(in_person_proofing_enabled) - allow(IdentityConfig.store).to receive(:in_person_proofing_enforce_tmx). - and_return(in_person_proofing_enforce_tmx) + allow(IdentityConfig.store).to receive(:in_person_proofing_enabled) + .and_return(in_person_proofing_enabled) + allow(IdentityConfig.store).to receive(:in_person_proofing_enforce_tmx) + .and_return(in_person_proofing_enforce_tmx) end it 'returns false from in_person_prevent_fraud_redirection' do diff --git a/spec/controllers/idv/socure/document_capture_controller_spec.rb b/spec/controllers/idv/socure/document_capture_controller_spec.rb index 1e1f1eef25b..b28c722e9fc 100644 --- a/spec/controllers/idv/socure/document_capture_controller_spec.rb +++ b/spec/controllers/idv/socure/document_capture_controller_spec.rb @@ -30,14 +30,14 @@ let(:socure_docv_verification_data_test_mode) { false } before do - allow(IdentityConfig.store).to receive(:socure_docv_enabled). - and_return(socure_docv_enabled) - allow(IdentityConfig.store).to receive(:socure_docv_document_request_endpoint). - and_return(fake_socure_endpoint) + allow(IdentityConfig.store).to receive(:socure_docv_enabled) + .and_return(socure_docv_enabled) + allow(IdentityConfig.store).to receive(:socure_docv_document_request_endpoint) + .and_return(fake_socure_endpoint) allow(IdentityConfig.store).to receive(:doc_auth_vendor).and_return(idv_vendor) allow(IdentityConfig.store).to receive(:doc_auth_vendor_default).and_return(idv_vendor) - allow(IdentityConfig.store).to receive(:doc_auth_vendor_switching_enabled). - and_return(vendor_switching_enabled) + allow(IdentityConfig.store).to receive(:doc_auth_vendor_switching_enabled) + .and_return(vendor_switching_enabled) allow_any_instance_of(ApplicationController).to receive(:current_user).and_return(user) allow(subject).to receive(:stored_result).and_return(stored_result) @@ -46,9 +46,9 @@ allow(subject).to receive(:user_session).and_return(user_session) subject.idv_session.document_capture_session_uuid = document_capture_session.uuid - allow(IdentityConfig.store). - to receive(:socure_docv_verification_data_test_mode). - and_return(socure_docv_verification_data_test_mode) + allow(IdentityConfig.store) + .to receive(:socure_docv_verification_data_test_mode) + .and_return(socure_docv_verification_data_test_mode) unless IdentityConfig.store.socure_docv_verification_data_test_mode expect(IdentityConfig.store).not_to receive(:socure_docv_verification_data_test_mode_tokens) @@ -114,8 +114,8 @@ vtr: nil, acr_values: acr_values, ).result - allow(controller).to receive(:resolved_authn_context_result). - and_return(resolved_authn_context) + allow(controller).to receive(:resolved_authn_context_result) + .and_return(resolved_authn_context) end it 'redirects to the LN/mock controller' do @@ -148,8 +148,8 @@ end it 'creates a DocumentRequest' do - expect(request_class).to have_received(:new). - with( + expect(request_class).to have_received(:new) + .with( redirect_url: idv_socure_document_capture_update_url, language: expected_language, ) @@ -170,8 +170,8 @@ let(:expected_language) { :en } it 'does the correct POST to Socure' do - expect(WebMock).to have_requested(:post, fake_socure_endpoint). - with( + expect(WebMock).to have_requested(:post, fake_socure_endpoint) + .with( body: JSON.generate( { config: { @@ -192,8 +192,8 @@ let(:expected_language) { :zh } it 'does the correct POST to Socure' do - expect(WebMock).to have_requested(:post, fake_socure_endpoint). - with( + expect(WebMock).to have_requested(:post, fake_socure_endpoint) + .with( body: JSON.generate( { config: { @@ -220,8 +220,8 @@ it 'puts the docvTransactionToken into the document capture session' do document_capture_session.reload - expect(document_capture_session.socure_docv_transaction_token). - to eq(docv_transaction_token) + expect(document_capture_session.socure_docv_transaction_token) + .to eq(docv_transaction_token) end end end @@ -271,8 +271,8 @@ } end before do - allow(IdentityConfig.store).to receive(:socure_docv_document_request_endpoint). - and_return(fake_socure_endpoint) + allow(IdentityConfig.store).to receive(:socure_docv_document_request_endpoint) + .and_return(fake_socure_endpoint) end it 'connection timeout still responds to user' do stub_request(:post, fake_socure_endpoint).to_raise(Faraday::ConnectionFailed) @@ -397,17 +397,17 @@ before do ActiveJob::Base.queue_adapter = :test - allow(IdentityConfig.store). - to receive(:socure_docv_verification_data_test_mode_tokens). - and_return([test_token]) + allow(IdentityConfig.store) + .to receive(:socure_docv_verification_data_test_mode_tokens) + .and_return([test_token]) stub_request( :post, "#{IdentityConfig.store.socure_idplus_base_url}/api/3.0/EmailAuthScore", - ). - with(body: { modules: ['documentverification'], docvTransactionToken: test_token }. - to_json). - to_return( + ) + .with(body: { modules: ['documentverification'], docvTransactionToken: test_token } + .to_json) + .to_return( headers: { 'Content-Type' => 'application/json', }, @@ -417,8 +417,8 @@ context 'when a token is provided from the allow list' do it 'performs SocureDocvResultsJob' do - expect { get(:update, params: { docv_token: test_token }) }. - not_to have_enqueued_job(SocureDocvResultsJob) # is synchronous + expect { get(:update, params: { docv_token: test_token }) } + .not_to have_enqueued_job(SocureDocvResultsJob) # is synchronous expect(document_capture_session.reload.load_result).not_to be_nil end @@ -426,8 +426,8 @@ context 'when a token is provided not on the allow list' do it 'performs SocureDocvResultsJob' do - expect { get(:update, params: { docv_token: 'rando-token' }) }. - not_to have_enqueued_job(SocureDocvResultsJob) + expect { get(:update, params: { docv_token: 'rando-token' }) } + .not_to have_enqueued_job(SocureDocvResultsJob) expect(document_capture_session.reload.load_result).to be_nil end diff --git a/spec/controllers/idv/ssn_controller_spec.rb b/spec/controllers/idv/ssn_controller_spec.rb index c8a435b546f..4afbe54f828 100644 --- a/spec/controllers/idv/ssn_controller_spec.rb +++ b/spec/controllers/idv/ssn_controller_spec.rb @@ -128,8 +128,8 @@ end it 'overrides Content Security Policies for ThreatMetrix' do - allow(IdentityConfig.store).to receive(:proofing_device_profiling). - and_return(:enabled) + allow(IdentityConfig.store).to receive(:proofing_device_profiling) + .and_return(:enabled) get :show csp = response.request.content_security_policy @@ -164,8 +164,8 @@ end it 'updates idv_session.ssn' do - expect { put :update, params: params }.to change { subject.idv_session.ssn }. - from(nil).to(ssn) + expect { put :update, params: params }.to change { subject.idv_session.ssn } + .from(nil).to(ssn) expect(@analytics).to have_logged_event(analytics_name, analytics_args) end @@ -184,8 +184,8 @@ it 'updates idv_session.ssn' do subject.idv_session.ssn = '900-95-7890' - expect { put :update, params: params }.to change { subject.idv_session.ssn }. - from('900-95-7890').to(ssn) + expect { put :update, params: params }.to change { subject.idv_session.ssn } + .from('900-95-7890').to(ssn) expect(@analytics).to have_logged_event(analytics_name, analytics_args) end end diff --git a/spec/controllers/idv/verify_info_controller_spec.rb b/spec/controllers/idv/verify_info_controller_spec.rb index 7dacf98adb1..64aefeb0bdb 100644 --- a/spec/controllers/idv/verify_info_controller_spec.rb +++ b/spec/controllers/idv/verify_info_controller_spec.rb @@ -176,8 +176,9 @@ end before do - controller. - idv_session.verify_info_step_document_capture_session_uuid = document_capture_session.uuid + controller + .idv_session + .verify_info_step_document_capture_session_uuid = document_capture_session.uuid allow(IdentityConfig.store).to receive(:proofing_device_profiling).and_return(:enabled) end diff --git a/spec/controllers/idv/welcome_controller_spec.rb b/spec/controllers/idv/welcome_controller_spec.rb index 384fb1d76cc..94d523c8e49 100644 --- a/spec/controllers/idv/welcome_controller_spec.rb +++ b/spec/controllers/idv/welcome_controller_spec.rb @@ -130,8 +130,8 @@ end it 'creates a document capture session' do - expect { put :update }. - to change { subject.idv_session.document_capture_session_uuid }.from(nil) + expect { put :update } + .to change { subject.idv_session.document_capture_session_uuid }.from(nil) end context 'with previous establishing in-person enrollments' do diff --git a/spec/controllers/openid_connect/authorization_controller_spec.rb b/spec/controllers/openid_connect/authorization_controller_spec.rb index 0590bca9983..8343d630af9 100644 --- a/spec/controllers/openid_connect/authorization_controller_spec.rb +++ b/spec/controllers/openid_connect/authorization_controller_spec.rb @@ -66,8 +66,8 @@ let(:vtr) { nil } it 'redirects back to the client app with a code if server-side redirect is enabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('server_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('server_side') IdentityLinker.new(user, service_provider).link_identity(ial: 1) user.identities.last.update!(verified_attributes: %w[given_name family_name birthdate]) action @@ -81,8 +81,8 @@ end it 'renders a client-side redirect back to the client app with a code if it is enabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('client_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('client_side') IdentityLinker.new(user, service_provider).link_identity(ial: 1) user.identities.last.update!(verified_attributes: %w[given_name family_name birthdate]) action @@ -97,8 +97,8 @@ end it 'renders a JS client-side redirect back to the client app with a code if it is enabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('client_side_js') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('client_side_js') IdentityLinker.new(user, service_provider).link_identity(ial: 1) user.identities.last.update!(verified_attributes: %w[given_name family_name birthdate]) action @@ -223,8 +223,8 @@ end it 'redirects to the redirect_uri immediately when pii is unlocked if client-side redirect is disabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('server_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('server_side') IdentityLinker.new(user, service_provider).link_identity(ial: 3) user.identities.last.update!( verified_attributes: %w[given_name family_name birthdate verified_at], @@ -236,8 +236,8 @@ end it 'renders a client-side redirect back to the client app immediately if it is enabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('client_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('client_side') IdentityLinker.new(user, service_provider).link_identity(ial: 3) user.identities.last.update!( verified_attributes: %w[given_name family_name birthdate verified_at], @@ -250,8 +250,8 @@ end it 'renders a JS client-side redirect back to the client app immediately if it is enabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('client_side_js') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('client_side_js') IdentityLinker.new(user, service_provider).link_identity(ial: 3) user.identities.last.update!( verified_attributes: %w[given_name family_name birthdate verified_at], @@ -264,10 +264,10 @@ end it 'redirects back to the client app immediately if UUID is overridden to server-side redirect' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('client_side') - allow(IdentityConfig.store).to receive(:openid_connect_redirect_uuid_override_map). - and_return({ user.uuid => 'server_side' }) + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('client_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect_uuid_override_map) + .and_return({ user.uuid => 'server_side' }) IdentityLinker.new(user, service_provider).link_identity(ial: 3) user.identities.last.update!( verified_attributes: %w[given_name family_name birthdate verified_at], @@ -279,10 +279,10 @@ end it 'renders a client-side redirect back to the client app immediately if UUID is overridden to client-side redirect' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('server_side') - allow(IdentityConfig.store).to receive(:openid_connect_redirect_uuid_override_map). - and_return({ user.uuid => 'client_side' }) + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('server_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect_uuid_override_map) + .and_return({ user.uuid => 'client_side' }) IdentityLinker.new(user, service_provider).link_identity(ial: 3) user.identities.last.update!( verified_attributes: %w[given_name family_name birthdate verified_at], @@ -295,10 +295,10 @@ end it 'renders a JS client-side redirect back to the client app immediately if UUID is overridden to JS client-side redirect' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('server_side') - allow(IdentityConfig.store).to receive(:openid_connect_redirect_uuid_override_map). - and_return({ user.uuid => 'client_side_js' }) + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('server_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect_uuid_override_map) + .and_return({ user.uuid => 'client_side_js' }) IdentityLinker.new(user, service_provider).link_identity(ial: 3) user.identities.last.update!( verified_attributes: %w[given_name family_name birthdate verified_at], @@ -311,12 +311,12 @@ end it 'respects UUID redirect config when issuer config is also set' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('server_side') - allow(IdentityConfig.store).to receive(:openid_connect_redirect_issuer_override_map). - and_return({ service_provider.issuer => 'client_side' }) - allow(IdentityConfig.store).to receive(:openid_connect_redirect_uuid_override_map). - and_return({ user.uuid => 'client_side_js' }) + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('server_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect_issuer_override_map) + .and_return({ service_provider.issuer => 'client_side' }) + allow(IdentityConfig.store).to receive(:openid_connect_redirect_uuid_override_map) + .and_return({ user.uuid => 'client_side_js' }) IdentityLinker.new(user, service_provider).link_identity(ial: 3) user.identities.last.update!( @@ -330,10 +330,10 @@ end it 'respects issuer redirect config if UUID config is not set' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('server_side') - allow(IdentityConfig.store).to receive(:openid_connect_redirect_issuer_override_map). - and_return({ service_provider.issuer => 'client_side_js' }) + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('server_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect_issuer_override_map) + .and_return({ service_provider.issuer => 'client_side_js' }) IdentityLinker.new(user, service_provider).link_identity(ial: 3) user.identities.last.update!( @@ -407,8 +407,8 @@ let(:vtr) { ['Pb'].to_json } before do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('server_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('server_side') IdentityLinker.new(user, service_provider).link_identity(ial: 3) user.identities.last.update!( verified_attributes: %w[given_name family_name birthdate verified_at], @@ -448,8 +448,8 @@ let(:vtr) { ['Pb'].to_json } before do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('server_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('server_side') allow(IdentityConfig.store).to receive(:use_vot_in_sp_requests).and_return(true) IdentityLinker.new(user, service_provider).link_identity(ial: 3) user.identities.last.update!( @@ -489,8 +489,8 @@ context 'verified non-facial match profile with pending facial match profile' do before do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('server_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('server_side') IdentityLinker.new(user, service_provider).link_identity(ial: 3) user.identities.last.update!( verified_attributes: %w[birthdate family_name given_name verified_at], @@ -636,8 +636,8 @@ end it 'redirects to the redirect_uri immediately when pii is unlocked if server-side redirect is enabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('server_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('server_side') IdentityLinker.new(user, service_provider).link_identity(ial: 3) user.identities.last.update!( verified_attributes: %w[given_name family_name birthdate verified_at], @@ -649,8 +649,8 @@ end it 'renders client-side redirect to the client app immediately if PII is unlocked and it is enabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('client_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('client_side') IdentityLinker.new(user, service_provider).link_identity(ial: 3) user.identities.last.update!( @@ -664,8 +664,8 @@ end it 'renders JS client-side redirect to the client app immediately if PII is unlocked and it is enabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('client_side_js') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('client_side_js') IdentityLinker.new(user, service_provider).link_identity(ial: 3) user.identities.last.update!( @@ -738,8 +738,8 @@ context 'account is not already verified' do it 'redirects to the redirect_uri immediately without proofing if server-side redirect is enabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('server_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('server_side') IdentityLinker.new(user, service_provider).link_identity(ial: 1) user.identities.last.update!( verified_attributes: %w[given_name family_name birthdate verified_at], @@ -751,8 +751,8 @@ end it 'renders client-side redirect to the client app immediately if client-side redirect is enabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('client_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('client_side') IdentityLinker.new(user, service_provider).link_identity(ial: 1) user.identities.last.update!( @@ -765,8 +765,8 @@ end it 'renders JS client-side redirect to the client app immediately if JS client-side redirect is enabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('client_side_js') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('client_side_js') IdentityLinker.new(user, service_provider).link_identity(ial: 1) user.identities.last.update!( @@ -828,8 +828,8 @@ let(:user) { create(:profile, :verified, :password_reset).user } it 'redirects to the redirect_uri immediately without proofing if server-side redirect is enabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('server_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('server_side') IdentityLinker.new(user, service_provider).link_identity(ial: 1) user.identities.last.update!( @@ -842,8 +842,8 @@ end it 'renders client-side redirect to the client app immediately if client-side redirect is enabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('client_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('client_side') IdentityLinker.new(user, service_provider).link_identity(ial: 1) user.identities.last.update!( @@ -856,8 +856,8 @@ end it 'renders JS client-side redirect to the client app immediately if JS client-side redirect is enabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('client_side_js') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('client_side_js') IdentityLinker.new(user, service_provider).link_identity(ial: 1) user.identities.last.update!( @@ -937,8 +937,8 @@ end it 'redirects back to the client app with a code if client-side redirect is disabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('server_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('server_side') action expect(response).to redirect_to(/^#{params[:redirect_uri]}/) @@ -950,8 +950,8 @@ end it 'renders a client-side redirect back to the client app with a code if it is enabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('client_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('client_side') action @@ -964,8 +964,8 @@ end it 'renders a JS client-side redirect back to the client app with a code if it is enabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('client_side_js') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('client_side_js') action @@ -983,8 +983,8 @@ let(:vtr) { ['C1'].to_json } it 'redirects back to the client app with a code if server-side redirect is enabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('server_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('server_side') IdentityLinker.new(user, service_provider).link_identity(ial: 1) user.identities.last.update!(verified_attributes: %w[given_name family_name birthdate]) action @@ -998,8 +998,8 @@ end it 'renders a client-side redirect back to the client app with a code if it is enabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('client_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('client_side') IdentityLinker.new(user, service_provider).link_identity(ial: 1) user.identities.last.update!(verified_attributes: %w[given_name family_name birthdate]) action @@ -1014,8 +1014,8 @@ end it 'renders a JS client-side redirect back to the client app with a code if it is enabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('client_side_js') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('client_side_js') IdentityLinker.new(user, service_provider).link_identity(ial: 1) user.identities.last.update!(verified_attributes: %w[given_name family_name birthdate]) action @@ -1145,8 +1145,8 @@ end it 'redirects to the redirect_uri immediately when pii is unlocked if client-side redirect is disabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('server_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('server_side') IdentityLinker.new(user, service_provider).link_identity(ial: 3) user.identities.last.update!( verified_attributes: %w[given_name family_name birthdate verified_at], @@ -1158,8 +1158,8 @@ end it 'renders a client-side redirect back to the client app immediately if it is enabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('client_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('client_side') IdentityLinker.new(user, service_provider).link_identity(ial: 3) user.identities.last.update!( verified_attributes: %w[given_name family_name birthdate verified_at], @@ -1172,8 +1172,8 @@ end it 'renders a JS client-side redirect back to the client app immediately if it is enabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('client_side_js') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('client_side_js') IdentityLinker.new(user, service_provider).link_identity(ial: 3) user.identities.last.update!( verified_attributes: %w[given_name family_name birthdate verified_at], @@ -1186,10 +1186,10 @@ end it 'redirects back to the client app immediately if UUID is overridden to server-side redirect' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('client_side') - allow(IdentityConfig.store).to receive(:openid_connect_redirect_uuid_override_map). - and_return({ user.uuid => 'server_side' }) + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('client_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect_uuid_override_map) + .and_return({ user.uuid => 'server_side' }) IdentityLinker.new(user, service_provider).link_identity(ial: 3) user.identities.last.update!( verified_attributes: %w[given_name family_name birthdate verified_at], @@ -1201,10 +1201,10 @@ end it 'renders a client-side redirect back to the client app immediately if UUID is overridden to client-side redirect' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('server_side') - allow(IdentityConfig.store).to receive(:openid_connect_redirect_uuid_override_map). - and_return({ user.uuid => 'client_side' }) + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('server_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect_uuid_override_map) + .and_return({ user.uuid => 'client_side' }) IdentityLinker.new(user, service_provider).link_identity(ial: 3) user.identities.last.update!( verified_attributes: %w[given_name family_name birthdate verified_at], @@ -1217,10 +1217,10 @@ end it 'renders a JS client-side redirect back to the client app immediately if UUID is overridden to JS client-side redirect' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('server_side') - allow(IdentityConfig.store).to receive(:openid_connect_redirect_uuid_override_map). - and_return({ user.uuid => 'client_side_js' }) + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('server_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect_uuid_override_map) + .and_return({ user.uuid => 'client_side_js' }) IdentityLinker.new(user, service_provider).link_identity(ial: 3) user.identities.last.update!( verified_attributes: %w[given_name family_name birthdate verified_at], @@ -1233,12 +1233,12 @@ end it 'respects UUID redirect config when issuer config is also set' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('server_side') - allow(IdentityConfig.store).to receive(:openid_connect_redirect_issuer_override_map). - and_return({ service_provider.issuer => 'client_side' }) - allow(IdentityConfig.store).to receive(:openid_connect_redirect_uuid_override_map). - and_return({ user.uuid => 'client_side_js' }) + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('server_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect_issuer_override_map) + .and_return({ service_provider.issuer => 'client_side' }) + allow(IdentityConfig.store).to receive(:openid_connect_redirect_uuid_override_map) + .and_return({ user.uuid => 'client_side_js' }) IdentityLinker.new(user, service_provider).link_identity(ial: 3) user.identities.last.update!( @@ -1252,10 +1252,10 @@ end it 'respects issuer redirect config if UUID config is not set' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('server_side') - allow(IdentityConfig.store).to receive(:openid_connect_redirect_issuer_override_map). - and_return({ service_provider.issuer => 'client_side_js' }) + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('server_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect_issuer_override_map) + .and_return({ service_provider.issuer => 'client_side_js' }) IdentityLinker.new(user, service_provider).link_identity(ial: 3) user.identities.last.update!( @@ -1329,8 +1329,8 @@ let(:vtr) { ['Pb'].to_json } before do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('server_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('server_side') IdentityLinker.new(user, service_provider).link_identity(ial: 3) user.identities.last.update!( verified_attributes: %w[given_name family_name birthdate verified_at], @@ -1370,8 +1370,8 @@ let(:vtr) { ['Pb'].to_json } before do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('server_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('server_side') allow(IdentityConfig.store).to receive(:use_vot_in_sp_requests).and_return(true) IdentityLinker.new(user, service_provider).link_identity(ial: 3) user.identities.last.update!( @@ -1411,8 +1411,8 @@ context 'verified non-facial match profile with pending facial match profile' do before do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('server_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('server_side') IdentityLinker.new(user, service_provider).link_identity(ial: 3) user.identities.last.update!( verified_attributes: %w[birthdate family_name given_name verified_at], @@ -1560,8 +1560,8 @@ end it 'redirects to the redirect_uri immediately when pii is unlocked if server-side redirect is enabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('server_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('server_side') IdentityLinker.new(user, service_provider).link_identity(ial: 3) user.identities.last.update!( verified_attributes: %w[given_name family_name birthdate verified_at], @@ -1573,8 +1573,8 @@ end it 'renders client-side redirect to the client app immediately if PII is unlocked and it is enabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('client_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('client_side') IdentityLinker.new(user, service_provider).link_identity(ial: 3) user.identities.last.update!( @@ -1588,8 +1588,8 @@ end it 'renders JS client-side redirect to the client app immediately if PII is unlocked and it is enabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('client_side_js') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('client_side_js') IdentityLinker.new(user, service_provider).link_identity(ial: 3) user.identities.last.update!( @@ -1662,8 +1662,8 @@ context 'account is not already verified' do it 'redirects to the redirect_uri immediately without proofing if server-side redirect is enabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('server_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('server_side') IdentityLinker.new(user, service_provider).link_identity(ial: 1) user.identities.last.update!( verified_attributes: %w[given_name family_name birthdate verified_at], @@ -1675,8 +1675,8 @@ end it 'renders client-side redirect to the client app immediately if client-side redirect is enabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('client_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('client_side') IdentityLinker.new(user, service_provider).link_identity(ial: 1) user.identities.last.update!( @@ -1689,8 +1689,8 @@ end it 'renders JS client-side redirect to the client app immediately if JS client-side redirect is enabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('client_side_js') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('client_side_js') IdentityLinker.new(user, service_provider).link_identity(ial: 1) user.identities.last.update!( @@ -1752,8 +1752,8 @@ let(:user) { create(:profile, :verified, :password_reset).user } it 'redirects to the redirect_uri immediately without proofing if server-side redirect is enabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('server_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('server_side') IdentityLinker.new(user, service_provider).link_identity(ial: 1) user.identities.last.update!( @@ -1766,8 +1766,8 @@ end it 'renders client-side redirect to the client app immediately if client-side redirect is enabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('client_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('client_side') IdentityLinker.new(user, service_provider).link_identity(ial: 1) user.identities.last.update!( @@ -1780,8 +1780,8 @@ end it 'renders JS client-side redirect to the client app immediately if JS client-side redirect is enabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('client_side_js') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('client_side_js') IdentityLinker.new(user, service_provider).link_identity(ial: 1) user.identities.last.update!( @@ -1861,8 +1861,8 @@ end it 'redirects back to the client app with a code if client-side redirect is disabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('server_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('server_side') action expect(response).to redirect_to(/^#{params[:redirect_uri]}/) @@ -1874,8 +1874,8 @@ end it 'renders a client-side redirect back to the client app with a code if it is enabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('client_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('client_side') action @@ -1888,8 +1888,8 @@ end it 'renders a JS client-side redirect back to the client app with a code if it is enabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('client_side_js') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('client_side_js') action @@ -1910,8 +1910,8 @@ before { params[:prompt] = '' } it 'redirects the user with an invalid request if client-side redirect is disabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('server_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('server_side') action expect(response).to redirect_to(/^#{params[:redirect_uri]}/) @@ -1924,8 +1924,8 @@ end it 'renders client-side redirect with an invalid request if client-side redirect is enabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('client_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('client_side') action expect(controller).to render_template('openid_connect/shared/redirect') @@ -1939,8 +1939,8 @@ end it 'renders JS client-side redirect with an invalid request if JS client-side redirect is enabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('client_side_js') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('client_side_js') action expect(controller).to render_template('openid_connect/shared/redirect_js') @@ -1954,10 +1954,10 @@ end it 'redirects the user with an invalid request if UUID is in server-side redirect list' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('client_side') - allow(IdentityConfig.store).to receive(:openid_connect_redirect_uuid_override_map). - and_return({ user.uuid => 'server_side' }) + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('client_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect_uuid_override_map) + .and_return({ user.uuid => 'server_side' }) action expect(response).to redirect_to(/^#{params[:redirect_uri]}/) @@ -1970,10 +1970,10 @@ end it 'renders client-side redirect with an invalid request if UUID is overriden for client-side redirect' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('server_side') - allow(IdentityConfig.store).to receive(:openid_connect_redirect_uuid_override_map). - and_return({ user.uuid => 'client_side' }) + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('server_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect_uuid_override_map) + .and_return({ user.uuid => 'client_side' }) action expect(controller).to render_template('openid_connect/shared/redirect') @@ -1987,10 +1987,10 @@ end it 'renders JS client-side redirect with an invalid request if UUID is overriden for JS client-side redirect' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('server_side') - allow(IdentityConfig.store).to receive(:openid_connect_redirect_uuid_override_map). - and_return({ user.uuid => 'client_side_js' }) + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('server_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect_uuid_override_map) + .and_return({ user.uuid => 'client_side_js' }) action expect(controller).to render_template('openid_connect/shared/redirect_js') @@ -2095,8 +2095,8 @@ before { params[:prompt] = '' } it 'redirects the user with an invalid request if client-side redirect is disabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('server_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('server_side') action @@ -2110,8 +2110,8 @@ end it 'renders client-side redirect with an invalid request if client-side redirect is enabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('client_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('client_side') action expect(controller).to render_template('openid_connect/shared/redirect') @@ -2125,8 +2125,8 @@ end it 'renders JS client-side redirect with an invalid request if JS client-side redirect is enabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('client_side_js') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('client_side_js') action expect(controller).to render_template('openid_connect/shared/redirect_js') @@ -2140,10 +2140,10 @@ end it 'redirects the user with an invalid request if UUID is in server-side redirect list' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('client_side') - allow(IdentityConfig.store).to receive(:openid_connect_redirect_uuid_override_map). - and_return({ user.uuid => 'server_side' }) + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('client_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect_uuid_override_map) + .and_return({ user.uuid => 'server_side' }) action expect(response).to redirect_to(/^#{params[:redirect_uri]}/) @@ -2156,10 +2156,10 @@ end it 'renders client-side redirect with an invalid request if UUID is overriden for client-side redirect' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('server_side') - allow(IdentityConfig.store).to receive(:openid_connect_redirect_uuid_override_map). - and_return({ user.uuid => 'client_side' }) + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('server_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect_uuid_override_map) + .and_return({ user.uuid => 'client_side' }) action @@ -2174,10 +2174,10 @@ end it 'renders JS client-side redirect with an invalid request if UUID is overriden for JS client-side redirect' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('server_side') - allow(IdentityConfig.store).to receive(:openid_connect_redirect_uuid_override_map). - and_return({ user.uuid => 'client_side_js' }) + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('server_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect_uuid_override_map) + .and_return({ user.uuid => 'client_side_js' }) action expect(controller).to render_template('openid_connect/shared/redirect_js') @@ -2300,16 +2300,16 @@ let(:acr_values) { nil } it 'handles the error and does not blow up when server-side redirect is enabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('server_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('server_side') action expect(response).to redirect_to(/^#{params[:redirect_uri]}/) end it 'handles the error and does not blow up when client-side redirect is enabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('client_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('client_side') action expect(controller).to render_template('openid_connect/shared/redirect') @@ -2317,8 +2317,8 @@ end it 'handles the error and does not blow up when client-side redirect is enabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('client_side_js') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('client_side_js') action expect(controller).to render_template('openid_connect/shared/redirect_js') @@ -2341,8 +2341,8 @@ end it 'redirects the user if server-side redirect is enabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('server_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('server_side') action expect(response).to redirect_to(/^#{params[:redirect_uri]}/) @@ -2355,8 +2355,8 @@ end it 'renders a client-side redirect if client-side redirect is enabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('client_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('client_side') action expect(controller).to render_template('openid_connect/shared/redirect') @@ -2370,8 +2370,8 @@ end it 'renders a JS client-side redirect if JS client-side redirect is enabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('client_side_js') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('client_side_js') action expect(controller).to render_template('openid_connect/shared/redirect_js') @@ -2431,16 +2431,16 @@ let(:vtr) { nil } it 'handles the error and does not blow up when server-side redirect is enabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('server_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('server_side') action expect(response).to redirect_to(/^#{params[:redirect_uri]}/) end it 'handles the error and does not blow up when client-side redirect is enabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('client_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('client_side') action expect(controller).to render_template('openid_connect/shared/redirect') @@ -2448,8 +2448,8 @@ end it 'handles the error and does not blow up when client-side redirect is enabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('client_side_js') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('client_side_js') action expect(controller).to render_template('openid_connect/shared/redirect_js') @@ -2470,8 +2470,8 @@ let(:vtr) { ['CaPb'].to_json } it 'redirects the user if server-side redirect is enabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('server_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('server_side') action expect(response).to redirect_to(/^#{params[:redirect_uri]}/) @@ -2484,8 +2484,8 @@ end it 'renders a client-side redirect if client-side redirect is enabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('client_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('client_side') action expect(controller).to render_template('openid_connect/shared/redirect') @@ -2499,8 +2499,8 @@ end it 'renders a JS client-side redirect if JS client-side redirect is enabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('client_side_js') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('client_side_js') action expect(controller).to render_template('openid_connect/shared/redirect_js') diff --git a/spec/controllers/openid_connect/logout_controller_spec.rb b/spec/controllers/openid_connect/logout_controller_spec.rb index fc2499422b1..12918531258 100644 --- a/spec/controllers/openid_connect/logout_controller_spec.rb +++ b/spec/controllers/openid_connect/logout_controller_spec.rb @@ -66,16 +66,16 @@ end it 'redirects back to the client if server-side redirect is enabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('server_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('server_side') action expect(response).to redirect_to(/^#{post_logout_redirect_uri}/) end it 'renders client-side redirect if client-side redirect is enabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('client_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('client_side') action expect(controller).to render_template('openid_connect/shared/redirect') @@ -83,8 +83,8 @@ end it 'renders JS client-side redirect if client-side JS redirect is enabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('client_side_js') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('client_side_js') action expect(controller).to render_template('openid_connect/shared/redirect_js') @@ -92,20 +92,20 @@ end it 'redirects back to the client if UUID set to server-side redirect' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('client_side') - allow(IdentityConfig.store).to receive(:openid_connect_redirect_uuid_override_map). - and_return({ user.uuid => 'server_side' }) + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('client_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect_uuid_override_map) + .and_return({ user.uuid => 'server_side' }) action expect(response).to redirect_to(/^#{post_logout_redirect_uri}/) end it 'renders client-side redirect if UUID set to to client-side redirect' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('server_side') - allow(IdentityConfig.store).to receive(:openid_connect_redirect_uuid_override_map). - and_return({ user.uuid => 'client_side' }) + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('server_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect_uuid_override_map) + .and_return({ user.uuid => 'client_side' }) action expect(controller).to render_template('openid_connect/shared/redirect') @@ -113,10 +113,10 @@ end it 'renders JS client-side redirect if UUID set to JS client-side redirect' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('server_side') - allow(IdentityConfig.store).to receive(:openid_connect_redirect_uuid_override_map). - and_return({ user.uuid => 'client_side_js' }) + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('server_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect_uuid_override_map) + .and_return({ user.uuid => 'client_side_js' }) action expect(controller).to render_template('openid_connect/shared/redirect_js') @@ -124,12 +124,12 @@ end it 'respects UUID redirect config when issuer config is also set' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('server_side') - allow(IdentityConfig.store).to receive(:openid_connect_redirect_issuer_override_map). - and_return({ service_provider.issuer => 'client_side' }) - allow(IdentityConfig.store).to receive(:openid_connect_redirect_uuid_override_map). - and_return({ user.uuid => 'client_side_js' }) + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('server_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect_issuer_override_map) + .and_return({ service_provider.issuer => 'client_side' }) + allow(IdentityConfig.store).to receive(:openid_connect_redirect_uuid_override_map) + .and_return({ user.uuid => 'client_side_js' }) action expect(controller).to render_template('openid_connect/shared/redirect_js') @@ -137,10 +137,10 @@ end it 'respects issuer redirect config if UUID config is not set' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('server_side') - allow(IdentityConfig.store).to receive(:openid_connect_redirect_issuer_override_map). - and_return({ service_provider.issuer => 'client_side_js' }) + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('server_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect_issuer_override_map) + .and_return({ service_provider.issuer => 'client_side_js' }) action expect(controller).to render_template('openid_connect/shared/redirect_js') @@ -244,16 +244,16 @@ context 'user is not signed in' do it 'renders server-side redirect if server-side redirect is enabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('server_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('server_side') action expect(response).to redirect_to(/^#{post_logout_redirect_uri}/) end it 'redirects back to the client if client-side redirect is enabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('client_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('client_side') action expect(controller).to render_template('openid_connect/shared/redirect') @@ -261,8 +261,8 @@ end it 'redirects back to the client if JS client-side redirect is enabledj' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('client_side_js') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('client_side_js') action expect(controller).to render_template('openid_connect/shared/redirect_js') @@ -364,16 +364,16 @@ context 'user is not signed in' do it 'redirects back to the client if server-side redirect is enabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('server_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('server_side') action expect(response).to redirect_to(/^#{post_logout_redirect_uri}/) end it 'renders client-side redirect if client-side redirect is enabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('client_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('client_side') action expect(controller).to render_template('openid_connect/shared/redirect') @@ -381,8 +381,8 @@ end it 'renders JS client-side redirect if JS client-side redirect is enabled' do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('client_side_js') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('client_side_js') action expect(controller).to render_template('openid_connect/shared/redirect_js') @@ -529,8 +529,8 @@ context 'user is not signed in' do it 'redirects back to the client if server-side redirect is enabled' do expect(controller).to receive(:sign_out) - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('server_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('server_side') action expect(response).to redirect_to(/^#{post_logout_redirect_uri}/) @@ -538,8 +538,8 @@ it 'renders client-side redirect if client-side redirect is enabled' do expect(controller).to receive(:sign_out) - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('client_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('client_side') action expect(controller).to render_template('openid_connect/shared/redirect') @@ -548,8 +548,8 @@ it 'renders JS client-side redirect if JS client-side redirect is enabled' do expect(controller).to receive(:sign_out) - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('client_side_js') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('client_side_js') action expect(controller).to render_template('openid_connect/shared/redirect_js') @@ -565,8 +565,8 @@ context 'when accepting id_token_hint and client_id' do before do - allow(IdentityConfig.store).to receive(:reject_id_token_hint_in_logout). - and_return(false) + allow(IdentityConfig.store).to receive(:reject_id_token_hint_in_logout) + .and_return(false) end describe '#logout[GET]' do @@ -590,8 +590,8 @@ it 'destroys the session and redirects to client if server-side redirect is enabled' do expect(controller).to receive(:sign_out) - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('server_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('server_side') action expect(response).to redirect_to(/^#{post_logout_redirect_uri}/) @@ -599,8 +599,8 @@ it 'destroys session and renders client-side redirect if enabled' do expect(controller).to receive(:sign_out) - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('client_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('client_side') action expect(controller).to render_template('openid_connect/shared/redirect') @@ -609,8 +609,8 @@ it 'destroys session and renders JS client-side redirect if enabled' do expect(controller).to receive(:sign_out) - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('client_side_js') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('client_side_js') action expect(controller).to render_template('openid_connect/shared/redirect_js') @@ -619,10 +619,10 @@ it 'destroys the session and redirects to client if UUID set to server-side redirect' do expect(controller).to receive(:sign_out) - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('client_side') - allow(IdentityConfig.store).to receive(:openid_connect_redirect_uuid_override_map). - and_return({ user.uuid => 'server_side' }) + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('client_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect_uuid_override_map) + .and_return({ user.uuid => 'server_side' }) action expect(response).to redirect_to(/^#{post_logout_redirect_uri}/) @@ -630,10 +630,10 @@ it 'destroys session and renders client-side redirect if UUID is set to client-side' do expect(controller).to receive(:sign_out) - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('server_side') - allow(IdentityConfig.store).to receive(:openid_connect_redirect_uuid_override_map). - and_return({ user.uuid => 'client_side' }) + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('server_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect_uuid_override_map) + .and_return({ user.uuid => 'client_side' }) action expect(controller).to render_template('openid_connect/shared/redirect') @@ -642,10 +642,10 @@ it 'destroy session and render JS client-side redirect if UUID set to JS client-side' do expect(controller).to receive(:sign_out) - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('server_side') - allow(IdentityConfig.store).to receive(:openid_connect_redirect_uuid_override_map). - and_return({ user.uuid => 'client_side_js' }) + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('server_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect_uuid_override_map) + .and_return({ user.uuid => 'client_side_js' }) action expect(controller).to render_template('openid_connect/shared/redirect_js') @@ -678,8 +678,8 @@ before { stub_sign_in(user) } it 'destroys the session and redirects if client-side redirect is disabled' do expect(controller).to receive(:sign_out) - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('server_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('server_side') action expect(response).to redirect_to(/^#{post_logout_redirect_uri}/) @@ -687,8 +687,8 @@ it 'destroys the session and renders client-side redirect if enabled' do expect(controller).to receive(:sign_out) - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('client_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('client_side') action expect(controller).to render_template('openid_connect/shared/redirect') @@ -697,8 +697,8 @@ it 'destroys the session and renders JS client-side redirect if enabled' do expect(controller).to receive(:sign_out) - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('client_side_js') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('client_side_js') action expect(controller).to render_template('openid_connect/shared/redirect_js') @@ -720,8 +720,8 @@ context 'when rejecting id_token_hint' do before do - allow(IdentityConfig.store).to receive(:reject_id_token_hint_in_logout). - and_return(true) + allow(IdentityConfig.store).to receive(:reject_id_token_hint_in_logout) + .and_return(true) end describe '#logout[GET]' do @@ -743,8 +743,8 @@ before { stub_sign_in(user) } it 'destroys session and redirects to client if server-side redirect is enabled' do expect(controller).to receive(:sign_out) - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('server_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('server_side') action expect(response).to redirect_to(/^#{post_logout_redirect_uri}/) @@ -752,8 +752,8 @@ it 'destroys the session and renders client-side redirect if enabled' do expect(controller).to receive(:sign_out) - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('client_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('client_side') action expect(controller).to render_template('openid_connect/shared/redirect') @@ -762,8 +762,8 @@ it 'destroys the session and renders JS client-side redirect if enabled' do expect(controller).to receive(:sign_out) - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('client_side_js') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('client_side_js') action expect(controller).to render_template('openid_connect/shared/redirect_js') diff --git a/spec/controllers/openid_connect/user_info_controller_spec.rb b/spec/controllers/openid_connect/user_info_controller_spec.rb index ca18ae0f26d..296e044c907 100644 --- a/spec/controllers/openid_connect/user_info_controller_spec.rb +++ b/spec/controllers/openid_connect/user_info_controller_spec.rb @@ -37,8 +37,8 @@ it '401s' do action expect(response).to be_unauthorized - expect(json_response[:error]). - to eq(t('openid_connect.user_info.errors.malformed_authorization')) + expect(json_response[:error]) + .to eq(t('openid_connect.user_info.errors.malformed_authorization')) end it 'tracks analytics' do diff --git a/spec/controllers/risc/security_events_controller_spec.rb b/spec/controllers/risc/security_events_controller_spec.rb index 246e06c5fdd..f7709d39413 100644 --- a/spec/controllers/risc/security_events_controller_spec.rb +++ b/spec/controllers/risc/security_events_controller_spec.rb @@ -38,8 +38,8 @@ let(:jwt) { JWT.encode(jwt_payload, rp_private_key, 'RS256', typ: 'secevent+jwt') } it 'creates a security event record' do - expect { action }. - to(change { SecurityEvent.count }.by(1)) + expect { action } + .to(change { SecurityEvent.count }.by(1)) expect(response.body).to be_empty expect(response.code.to_i).to eq(202) # Accepted @@ -65,8 +65,8 @@ before { jwt_payload[:aud] = 'http://bad.example' } it 'renders an error response and does not create a security event record' do - expect { action }. - to_not(change { SecurityEvent.count }) + expect { action } + .to_not(change { SecurityEvent.count }) expect(response).to be_bad_request diff --git a/spec/controllers/saml_idp_controller_spec.rb b/spec/controllers/saml_idp_controller_spec.rb index 8b587bf2753..36cf0214a84 100644 --- a/spec/controllers/saml_idp_controller_spec.rb +++ b/spec/controllers/saml_idp_controller_spec.rb @@ -465,35 +465,35 @@ it 'contains a signature method nodeset with SHA256 algorithm' do expect(xmldoc.signature_method_nodeset.length).to eq(1) - expect(xmldoc.signature_method_nodeset[0].attr('Algorithm')). - to eq('http://www.w3.org/2001/04/xmldsig-more#rsa-sha256') + expect(xmldoc.signature_method_nodeset[0].attr('Algorithm')) + .to eq('http://www.w3.org/2001/04/xmldsig-more#rsa-sha256') end it 'contains a digest method nodeset with SHA256 algorithm' do expect(xmldoc.digest_method_nodeset.length).to eq(1) - expect(xmldoc.digest_method_nodeset[0].attr('Algorithm')). - to eq('http://www.w3.org/2001/04/xmlenc#sha256') + expect(xmldoc.digest_method_nodeset[0].attr('Algorithm')) + .to eq('http://www.w3.org/2001/04/xmlenc#sha256') end it 'contains the organization name under AttributeAuthorityDescriptor' do - expect(xmldoc.attribute_authority_organization_name). - to eq org_name + expect(xmldoc.attribute_authority_organization_name) + .to eq org_name end it 'contains the org display name under AttributeAuthorityDescriptor' do - expect(xmldoc.attribute_authority_organization_display_name). - to eq org_name + expect(xmldoc.attribute_authority_organization_display_name) + .to eq org_name end it 'contains the organization name' do - expect(xmldoc.organization_name). - to eq org_name + expect(xmldoc.organization_name) + .to eq org_name end it 'contains the organization display name' do - expect(xmldoc.organization_display_name). - to eq org_name + expect(xmldoc.organization_display_name) + .to eq org_name end it 'disables caching' do @@ -1065,8 +1065,8 @@ def name_id_version(format_urn) authn_context_class_ref = saml_response_authn_context(decoded_saml_response) expect(response.status).to eq(200) - expect(authn_context_class_ref). - to eq(Saml::Idp::Constants::DEFAULT_AAL_AUTHN_CONTEXT_CLASSREF) + expect(authn_context_class_ref) + .to eq(Saml::Idp::Constants::DEFAULT_AAL_AUTHN_CONTEXT_CLASSREF) end end @@ -1079,8 +1079,8 @@ def name_id_version(format_urn) authn_context_class_ref = saml_response_authn_context(decoded_saml_response) expect(response.status).to eq(200) - expect(authn_context_class_ref). - to eq(Saml::Idp::Constants::DEFAULT_AAL_AUTHN_CONTEXT_CLASSREF) + expect(authn_context_class_ref) + .to eq(Saml::Idp::Constants::DEFAULT_AAL_AUTHN_CONTEXT_CLASSREF) end it 'returns default AAL authn_context when IAL1 is requested' do @@ -1091,8 +1091,8 @@ def name_id_version(format_urn) authn_context_class_ref = saml_response_authn_context(decoded_saml_response) expect(response.status).to eq(200) - expect(authn_context_class_ref). - to eq(Saml::Idp::Constants::DEFAULT_AAL_AUTHN_CONTEXT_CLASSREF) + expect(authn_context_class_ref) + .to eq(Saml::Idp::Constants::DEFAULT_AAL_AUTHN_CONTEXT_CLASSREF) end it 'returns AAL2 authn_context when AAL2 is requested' do @@ -1891,8 +1891,8 @@ def name_id_version(format_urn) generate_saml_response(user, auth_settings) expect(response.status).to eq(200) - expect(name_id.attributes['Format'].value). - to eq(Saml::Idp::Constants::NAME_ID_FORMAT_PERSISTENT) + expect(name_id.attributes['Format'].value) + .to eq(Saml::Idp::Constants::NAME_ID_FORMAT_PERSISTENT) expect(name_id.children.first.to_s).to eq(user.last_identity.uuid) expect(@analytics).to have_logged_event( 'SAML Auth', @@ -1912,8 +1912,8 @@ def name_id_version(format_urn) generate_saml_response(user, auth_settings) expect(response.status).to eq(200) - expect(name_id.attributes['Format'].value). - to eq(Saml::Idp::Constants::NAME_ID_FORMAT_EMAIL) + expect(name_id.attributes['Format'].value) + .to eq(Saml::Idp::Constants::NAME_ID_FORMAT_EMAIL) expect(name_id.children.first.to_s).to eq(user.email) expect(@analytics).to have_logged_event( 'SAML Auth', @@ -1961,8 +1961,8 @@ def name_id_version(format_urn) expect(response.status).to eq(200) - expect(name_id.attributes['Format'].value). - to eq(Saml::Idp::Constants::NAME_ID_FORMAT_PERSISTENT) + expect(name_id.attributes['Format'].value) + .to eq(Saml::Idp::Constants::NAME_ID_FORMAT_PERSISTENT) expect(name_id.children.first.to_s).to eq(user.id.to_s) end @@ -2038,8 +2038,8 @@ def name_id_version(format_urn) expect(response.status).to eq(200) - expect(name_id.attributes['Format'].value). - to eq(Saml::Idp::Constants::NAME_ID_FORMAT_PERSISTENT) + expect(name_id.attributes['Format'].value) + .to eq(Saml::Idp::Constants::NAME_ID_FORMAT_PERSISTENT) expect(name_id.children.first.to_s).to eq(user.id.to_s) end @@ -2336,8 +2336,8 @@ def name_id_version(format_urn) end it 'has a format attribute specifying the email format' do - expect(name_id.attributes['Format'].value). - to eq('urn:oasis:names:tc:SAML:2.0:nameid-format:persistent') + expect(name_id.attributes['Format'].value) + .to eq('urn:oasis:names:tc:SAML:2.0:nameid-format:persistent') end it 'has the UUID of the user making the AuthN Request' do @@ -2510,8 +2510,8 @@ def name_id_version(format_urn) allow(controller).to receive(:remember_device_expired_for_sp?).and_return(false) allow(controller).to receive(:identity_needs_verification?).and_return(true) allow(controller).to receive(:saml_request).and_return(FakeSamlRequest.new) - allow(controller).to receive(:saml_request_id). - and_return(SecureRandom.uuid) + allow(controller).to receive(:saml_request_id) + .and_return(SecureRandom.uuid) stub_requested_attributes get :auth, params: { path_year: path_year } @@ -2557,8 +2557,8 @@ def stub_requested_attributes service_provider.ial = 2 service_provider.save request_parser = instance_double(SamlRequestParser) - expect(SamlRequestParser).to receive(:new). - and_return(request_parser) + expect(SamlRequestParser).to receive(:new) + .and_return(request_parser) allow(request_parser).to receive(:requested_attributes).and_return([:email]) end diff --git a/spec/controllers/service_provider_controller_spec.rb b/spec/controllers/service_provider_controller_spec.rb index 742102d13f0..6cf220701d9 100644 --- a/spec/controllers/service_provider_controller_spec.rb +++ b/spec/controllers/service_provider_controller_spec.rb @@ -31,8 +31,8 @@ context 'feature on, correct token in headers' do context 'with no body' do before do - allow_any_instance_of(ServiceProviderUpdater).to receive(:dashboard_service_providers). - and_return(dashboard_service_providers) + allow_any_instance_of(ServiceProviderUpdater).to receive(:dashboard_service_providers) + .and_return(dashboard_service_providers) post :update end diff --git a/spec/controllers/sign_out_controller_spec.rb b/spec/controllers/sign_out_controller_spec.rb index f5e348c4ce1..80885fa4e7b 100644 --- a/spec/controllers/sign_out_controller_spec.rb +++ b/spec/controllers/sign_out_controller_spec.rb @@ -26,8 +26,8 @@ get :destroy - expect(@analytics). - to have_logged_event('Logout Initiated', hash_including(method: 'cancel link')) + expect(@analytics) + .to have_logged_event('Logout Initiated', hash_including(method: 'cancel link')) end end end diff --git a/spec/controllers/sign_up/cancellations_controller_spec.rb b/spec/controllers/sign_up/cancellations_controller_spec.rb index 25c02fcfd5e..a1396ce764c 100644 --- a/spec/controllers/sign_up/cancellations_controller_spec.rb +++ b/spec/controllers/sign_up/cancellations_controller_spec.rb @@ -100,8 +100,8 @@ delete :destroy - expect(response). - to redirect_to new_user_session_path(request_id: 'foo') + expect(response) + .to redirect_to new_user_session_path(request_id: 'foo') end it 'tracks the event in analytics when referer is nil' do diff --git a/spec/controllers/sign_up/completions_controller_spec.rb b/spec/controllers/sign_up/completions_controller_spec.rb index 9691c61821c..051072162ba 100644 --- a/spec/controllers/sign_up/completions_controller_spec.rb +++ b/spec/controllers/sign_up/completions_controller_spec.rb @@ -347,8 +347,8 @@ last_consented_at: now, clear_deleted_at: true, ) - allow(Idv::InPerson::CompletionSurveySender).to receive(:send_completion_survey). - with(user, sp.issuer) + allow(Idv::InPerson::CompletionSurveySender).to receive(:send_completion_survey) + .with(user, sp.issuer) freeze_time do travel_to(now) patch :update @@ -370,8 +370,8 @@ last_consented_at: now, clear_deleted_at: true, ) - expect(Idv::InPerson::CompletionSurveySender).to receive(:send_completion_survey). - with(user, sp.issuer) + expect(Idv::InPerson::CompletionSurveySender).to receive(:send_completion_survey) + .with(user, sp.issuer) freeze_time do travel_to(now) patch :update diff --git a/spec/controllers/sign_up/email_confirmations_controller_spec.rb b/spec/controllers/sign_up/email_confirmations_controller_spec.rb index c34979b5665..2951e108504 100644 --- a/spec/controllers/sign_up/email_confirmations_controller_spec.rb +++ b/spec/controllers/sign_up/email_confirmations_controller_spec.rb @@ -189,13 +189,13 @@ user: build(:user, email: nil), ) - allow(subject).to receive(:process_successful_confirmation). - and_raise(ActiveRecord::RecordNotUnique) + allow(subject).to receive(:process_successful_confirmation) + .and_raise(ActiveRecord::RecordNotUnique) get :create, params: { confirmation_token: 'foo' } - expect(flash[:error]). - to eq t( + expect(flash[:error]) + .to eq t( 'devise.confirmations.already_confirmed', action: t('devise.confirmations.sign_in'), ) diff --git a/spec/controllers/sign_up/registrations_controller_spec.rb b/spec/controllers/sign_up/registrations_controller_spec.rb index c4611e90ffa..63c476aa2b8 100644 --- a/spec/controllers/sign_up/registrations_controller_spec.rb +++ b/spec/controllers/sign_up/registrations_controller_spec.rb @@ -22,8 +22,8 @@ it 'gracefully handles invalid formats' do @request.env['HTTP_ACCEPT'] = "nessus=bad_bad_value'" - expect { get :new }. - to raise_error(Mime::Type::InvalidMimeType) + expect { get :new } + .to raise_error(Mime::Type::InvalidMimeType) end it 'tracks visit event' do @@ -61,11 +61,11 @@ let(:tmx_session_id) { '1234' } before do - allow(FeatureManagement).to receive(:account_creation_device_profiling_collecting_enabled?). - and_return(true) + allow(FeatureManagement).to receive(:account_creation_device_profiling_collecting_enabled?) + .and_return(true) allow(IdentityConfig.store).to receive(:lexisnexis_threatmetrix_org_id).and_return('org1') - allow(IdentityConfig.store).to receive(:lexisnexis_threatmetrix_mock_enabled). - and_return(false) + allow(IdentityConfig.store).to receive(:lexisnexis_threatmetrix_mock_enabled) + .and_return(false) subject.session[:threatmetrix_session_id] = tmx_session_id end @@ -207,11 +207,11 @@ let(:tmx_session_id) { '1234' } before do - allow(FeatureManagement).to receive(:account_creation_device_profiling_collecting_enabled?). - and_return(true) + allow(FeatureManagement).to receive(:account_creation_device_profiling_collecting_enabled?) + .and_return(true) allow(IdentityConfig.store).to receive(:lexisnexis_threatmetrix_org_id).and_return('org1') - allow(IdentityConfig.store).to receive(:lexisnexis_threatmetrix_mock_enabled). - and_return(false) + allow(IdentityConfig.store).to receive(:lexisnexis_threatmetrix_mock_enabled) + .and_return(false) subject.session[:threatmetrix_session_id] = tmx_session_id end diff --git a/spec/controllers/sign_up/select_email_controller_spec.rb b/spec/controllers/sign_up/select_email_controller_spec.rb index 8c6f65575fb..e151c14ebd7 100644 --- a/spec/controllers/sign_up/select_email_controller_spec.rb +++ b/spec/controllers/sign_up/select_email_controller_spec.rb @@ -52,8 +52,8 @@ context 'with selected email to share feature disabled' do before do - allow(IdentityConfig.store).to receive(:feature_select_email_to_share_enabled). - and_return(false) + allow(IdentityConfig.store).to receive(:feature_select_email_to_share_enabled) + .and_return(false) end it 'renders 404' do @@ -139,8 +139,8 @@ context 'with selected email to share feature disabled' do before do - allow(IdentityConfig.store).to receive(:feature_select_email_to_share_enabled). - and_return(false) + allow(IdentityConfig.store).to receive(:feature_select_email_to_share_enabled) + .and_return(false) end it 'renders 404' do diff --git a/spec/controllers/socure_webhook_controller_spec.rb b/spec/controllers/socure_webhook_controller_spec.rb index a4f5ae0afce..409a18ccaf5 100644 --- a/spec/controllers/socure_webhook_controller_spec.rb +++ b/spec/controllers/socure_webhook_controller_spec.rb @@ -32,12 +32,12 @@ end before do - allow(IdentityConfig.store).to receive(:socure_docv_webhook_secret_key). - and_return(socure_secret_key) - allow(IdentityConfig.store).to receive(:socure_docv_webhook_secret_key_queue). - and_return(socure_secret_key_queue) - allow(IdentityConfig.store).to receive(:socure_docv_enabled). - and_return(socure_docv_enabled) + allow(IdentityConfig.store).to receive(:socure_docv_webhook_secret_key) + .and_return(socure_secret_key) + allow(IdentityConfig.store).to receive(:socure_docv_webhook_secret_key_queue) + .and_return(socure_secret_key_queue) + allow(IdentityConfig.store).to receive(:socure_docv_enabled) + .and_return(socure_docv_enabled) allow(SocureDocvResultsJob).to receive(:perform_later) stub_analytics @@ -152,8 +152,8 @@ post :create, params: webhook_body - expect(SocureDocvResultsJob).to have_received(:perform_later). - with(document_capture_session_uuid: dcs.uuid) + expect(SocureDocvResultsJob).to have_received(:perform_later) + .with(document_capture_session_uuid: dcs.uuid) end it 'does not reset socure_docv_capture_app_url value' do @@ -209,8 +209,8 @@ it 'resets socure_docv_capture_app_url to nil' do dcs = create(:document_capture_session, :socure) webhook_body[:event][:docvTransactionToken] = dcs.socure_docv_transaction_token - expect(dcs.socure_docv_capture_app_url). - not_to be_nil + expect(dcs.socure_docv_capture_app_url) + .not_to be_nil post :create, params: webhook_body dcs.reload expect(dcs.socure_docv_capture_app_url).to be_nil @@ -249,8 +249,8 @@ it 'resets socure_docv_capture_app_url to nil' do dcs = create(:document_capture_session, :socure) webhook_body[:event][:docvTransactionToken] = dcs.socure_docv_transaction_token - expect(dcs.socure_docv_capture_app_url). - not_to be_nil + expect(dcs.socure_docv_capture_app_url) + .not_to be_nil post :create, params: webhook_body dcs.reload expect(dcs.socure_docv_capture_app_url).to be_nil diff --git a/spec/controllers/test/device_profiling_controller_spec.rb b/spec/controllers/test/device_profiling_controller_spec.rb index 36055cca13b..4227ae88832 100644 --- a/spec/controllers/test/device_profiling_controller_spec.rb +++ b/spec/controllers/test/device_profiling_controller_spec.rb @@ -14,8 +14,8 @@ expect do get :index, params: { session_id: session_id } end.to( - change { Proofing::Mock::DeviceProfilingBackend.new.profiling_result(session_id) }. - from(nil).to('no_result'), + change { Proofing::Mock::DeviceProfilingBackend.new.profiling_result(session_id) } + .from(nil).to('no_result'), ) end end @@ -27,8 +27,8 @@ expect do post :create, params: { session_id: session_id, result: result } end.to( - change { Proofing::Mock::DeviceProfilingBackend.new.profiling_result(session_id) }. - from(nil).to(result), + change { Proofing::Mock::DeviceProfilingBackend.new.profiling_result(session_id) } + .from(nil).to(result), ) end end diff --git a/spec/controllers/two_factor_authentication/backup_code_verification_controller_spec.rb b/spec/controllers/two_factor_authentication/backup_code_verification_controller_spec.rb index 14e6da8293f..98234c169aa 100644 --- a/spec/controllers/two_factor_authentication/backup_code_verification_controller_spec.rb +++ b/spec/controllers/two_factor_authentication/backup_code_verification_controller_spec.rb @@ -28,9 +28,9 @@ sign_in_before_2fa(user) stub_analytics - expect(controller).to receive(:handle_valid_verification_for_authentication_context). - with(auth_method: TwoFactorAuthenticatable::AuthMethod::BACKUP_CODE). - and_call_original + expect(controller).to receive(:handle_valid_verification_for_authentication_context) + .with(auth_method: TwoFactorAuthenticatable::AuthMethod::BACKUP_CODE) + .and_call_original post :create, params: payload @@ -165,8 +165,8 @@ stub_analytics - expect(PushNotification::HttpPush).to receive(:deliver). - with(PushNotification::MfaLimitAccountLockedEvent.new(user: subject.current_user)) + expect(PushNotification::HttpPush).to receive(:deliver) + .with(PushNotification::MfaLimitAccountLockedEvent.new(user: subject.current_user)) post :create, params: payload diff --git a/spec/controllers/two_factor_authentication/otp_verification_controller_spec.rb b/spec/controllers/two_factor_authentication/otp_verification_controller_spec.rb index 9fabd936c50..63a9104ab9e 100644 --- a/spec/controllers/two_factor_authentication/otp_verification_controller_spec.rb +++ b/spec/controllers/two_factor_authentication/otp_verification_controller_spec.rb @@ -143,8 +143,8 @@ confirmation_for_add_phone: false, context: 'authentication', multi_factor_auth_method: 'sms', - multi_factor_auth_method_created_at: user.default_phone_configuration.created_at. - strftime('%s%L'), + multi_factor_auth_method_created_at: user.default_phone_configuration.created_at + .strftime('%s%L'), new_device: true, phone_configuration_id: user.default_phone_configuration.id, area_code: parsed_phone.area_code, @@ -214,8 +214,8 @@ stub_analytics - expect(PushNotification::HttpPush).to receive(:deliver). - with(PushNotification::MfaLimitAccountLockedEvent.new(user: controller.current_user)) + expect(PushNotification::HttpPush).to receive(:deliver) + .with(PushNotification::MfaLimitAccountLockedEvent.new(user: controller.current_user)) post :create, params: { code: '12345', otp_delivery_preference: 'sms' } @@ -226,8 +226,8 @@ confirmation_for_add_phone: false, context: 'authentication', multi_factor_auth_method: 'sms', - multi_factor_auth_method_created_at: user.default_phone_configuration.created_at. - strftime('%s%L'), + multi_factor_auth_method_created_at: user.default_phone_configuration.created_at + .strftime('%s%L'), new_device: true, phone_configuration_id: user.default_phone_configuration.id, area_code: parsed_phone.area_code, @@ -270,9 +270,9 @@ it 'tracks the valid authentication event' do stub_analytics - expect(controller).to receive(:handle_valid_verification_for_authentication_context). - with(auth_method: TwoFactorAuthenticatable::AuthMethod::SMS). - and_call_original + expect(controller).to receive(:handle_valid_verification_for_authentication_context) + .with(auth_method: TwoFactorAuthenticatable::AuthMethod::SMS) + .and_call_original freeze_time do post :create, params: { @@ -297,8 +297,8 @@ confirmation_for_add_phone: false, context: 'authentication', multi_factor_auth_method: 'sms', - multi_factor_auth_method_created_at: user.default_phone_configuration.created_at. - strftime('%s%L'), + multi_factor_auth_method_created_at: user.default_phone_configuration.created_at + .strftime('%s%L'), new_device: true, phone_configuration_id: user.default_phone_configuration.id, area_code: parsed_phone.area_code, @@ -345,8 +345,8 @@ confirmation_for_add_phone: false, context: 'reauthentication', multi_factor_auth_method: 'sms', - multi_factor_auth_method_created_at: user.default_phone_configuration.created_at. - strftime('%s%L'), + multi_factor_auth_method_created_at: user.default_phone_configuration.created_at + .strftime('%s%L'), new_device: true, phone_configuration_id: user.default_phone_configuration.id, area_code: parsed_phone.area_code, @@ -498,9 +498,9 @@ @mailer = instance_double(ActionMailer::MessageDelivery, deliver_now_or_later: true) controller.current_user.email_addresses.each do |email_address| - allow(UserMailer).to receive(:phone_added). - with(controller.current_user, email_address, disavowal_token: instance_of(String)). - and_return(@mailer) + allow(UserMailer).to receive(:phone_added) + .with(controller.current_user, email_address, disavowal_token: instance_of(String)) + .and_return(@mailer) end @previous_phone = MfaContext.new(controller.current_user).phone_configurations.first&.phone end @@ -513,8 +513,8 @@ phone_configuration = MfaContext.new(subject.current_user).phone_configurations.last phone_id = phone_configuration.id parsed_phone = Phonelib.parse(phone_configuration.phone) - phone_configuration_created_at = controller.current_user. - default_phone_configuration.created_at + phone_configuration_created_at = controller.current_user + .default_phone_configuration.created_at controller.user_session[:phone_id] = phone_id @@ -602,8 +602,8 @@ context: 'confirmation', multi_factor_auth_method: 'sms', phone_configuration_id: controller.current_user.default_phone_configuration.id, - multi_factor_auth_method_created_at: controller.current_user. - default_phone_configuration.created_at.strftime('%s%L'), + multi_factor_auth_method_created_at: controller.current_user + .default_phone_configuration.created_at.strftime('%s%L'), area_code: parsed_phone.area_code, country_code: parsed_phone.country, phone_fingerprint: Pii::Fingerprinter.fingerprint(parsed_phone.e164), @@ -644,8 +644,8 @@ context: 'confirmation', multi_factor_auth_method: 'sms', phone_configuration_id: controller.current_user.default_phone_configuration.id, - multi_factor_auth_method_created_at: controller.current_user. - default_phone_configuration.created_at.strftime('%s%L'), + multi_factor_auth_method_created_at: controller.current_user + .default_phone_configuration.created_at.strftime('%s%L'), area_code: parsed_phone.area_code, country_code: parsed_phone.country, phone_fingerprint: Pii::Fingerprinter.fingerprint(parsed_phone.e164), @@ -718,13 +718,13 @@ controller.user_session[:phone_recaptcha_assessment_id] = assessment_id - expect(RecaptchaAnnotator).to receive(:annotate). - with(**recaptcha_annotation). - and_return(recaptcha_annotation) + expect(RecaptchaAnnotator).to receive(:annotate) + .with(**recaptcha_annotation) + .and_return(recaptcha_annotation) - expect { response }. - to change { controller.user_session[:phone_recaptcha_assessment_id] }. - from(assessment_id).to(nil) + expect { response } + .to change { controller.user_session[:phone_recaptcha_assessment_id] } + .from(assessment_id).to(nil) expect(@analytics).to have_logged_event( 'Multi-Factor Authentication: Added phone', diff --git a/spec/controllers/two_factor_authentication/personal_key_verification_controller_spec.rb b/spec/controllers/two_factor_authentication/personal_key_verification_controller_spec.rb index 09af3ac9392..0683b23159e 100644 --- a/spec/controllers/two_factor_authentication/personal_key_verification_controller_spec.rb +++ b/spec/controllers/two_factor_authentication/personal_key_verification_controller_spec.rb @@ -47,14 +47,14 @@ let(:payload) { { personal_key_form: personal_key } } it 'tracks the valid authentication event' do personal_key - multi_factor_auth_method_created_at = user.reload. - encrypted_recovery_code_digest_generated_at.strftime('%s%L') + multi_factor_auth_method_created_at = user.reload + .encrypted_recovery_code_digest_generated_at.strftime('%s%L') sign_in_before_2fa(user) stub_analytics - expect(controller).to receive(:handle_valid_verification_for_authentication_context). - with(auth_method: TwoFactorAuthenticatable::AuthMethod::PERSONAL_KEY). - and_call_original + expect(controller).to receive(:handle_valid_verification_for_authentication_context) + .with(auth_method: TwoFactorAuthenticatable::AuthMethod::PERSONAL_KEY) + .and_call_original freeze_time do post :create, params: payload @@ -92,8 +92,8 @@ before do personal_key sign_in_before_2fa(user) - allow(FeatureManagement). - to receive(:enable_additional_mfa_redirect_for_personal_key_mfa?).and_return(true) + allow(FeatureManagement) + .to receive(:enable_additional_mfa_redirect_for_personal_key_mfa?).and_return(true) end it 'should redirect to mfa selection page' do post :create, params: payload @@ -105,8 +105,8 @@ before do personal_key sign_in_before_2fa(user) - allow(FeatureManagement). - to receive(:enable_additional_mfa_redirect_for_personal_key_mfa?).and_return(false) + allow(FeatureManagement) + .to receive(:enable_additional_mfa_redirect_for_personal_key_mfa?).and_return(false) end it 'should redirect to account page' do post :create, params: payload @@ -201,12 +201,12 @@ user.second_factor_attempts_count = IdentityConfig.store.login_otp_confirmation_max_attempts - 1 user.save - personal_key_generated_at = controller.current_user. - encrypted_recovery_code_digest_generated_at + personal_key_generated_at = controller.current_user + .encrypted_recovery_code_digest_generated_at stub_analytics - expect(PushNotification::HttpPush).to receive(:deliver). - with(PushNotification::MfaLimitAccountLockedEvent.new(user: subject.current_user)) + expect(PushNotification::HttpPush).to receive(:deliver) + .with(PushNotification::MfaLimitAccountLockedEvent.new(user: subject.current_user)) post :create, params: payload diff --git a/spec/controllers/two_factor_authentication/piv_cac_verification_controller_spec.rb b/spec/controllers/two_factor_authentication/piv_cac_verification_controller_spec.rb index 70dab21a99a..07523165631 100644 --- a/spec/controllers/two_factor_authentication/piv_cac_verification_controller_spec.rb +++ b/spec/controllers/two_factor_authentication/piv_cac_verification_controller_spec.rb @@ -112,9 +112,9 @@ stub_analytics cfg = controller.current_user.piv_cac_configurations.first - expect(controller).to receive(:handle_valid_verification_for_authentication_context). - with(auth_method: TwoFactorAuthenticatable::AuthMethod::PIV_CAC). - and_call_original + expect(controller).to receive(:handle_valid_verification_for_authentication_context) + .with(auth_method: TwoFactorAuthenticatable::AuthMethod::PIV_CAC) + .and_call_original get :show, params: { token: 'good-token' } @@ -260,8 +260,8 @@ stub_analytics - expect(PushNotification::HttpPush).to receive(:deliver). - with(PushNotification::MfaLimitAccountLockedEvent.new(user: subject.current_user)) + expect(PushNotification::HttpPush).to receive(:deliver) + .with(PushNotification::MfaLimitAccountLockedEvent.new(user: subject.current_user)) get :show, params: { token: 'bad-token' } diff --git a/spec/controllers/two_factor_authentication/sms_opt_in_controller_spec.rb b/spec/controllers/two_factor_authentication/sms_opt_in_controller_spec.rb index 3f95b22769b..92858dade4e 100644 --- a/spec/controllers/two_factor_authentication/sms_opt_in_controller_spec.rb +++ b/spec/controllers/two_factor_authentication/sms_opt_in_controller_spec.rb @@ -14,8 +14,8 @@ before do stub_sign_in_before_2fa(user) stub_analytics - allow(controller).to receive(:decorated_sp_session). - and_return(instance_double('NullServiceProviderSession', sp_name: sp_name)) + allow(controller).to receive(:decorated_sp_session) + .and_return(instance_double('NullServiceProviderSession', sp_name: sp_name)) end it 'tracks a visit event' do @@ -55,8 +55,8 @@ it 'assigns an in-memory phone configuration' do expect { action }.to_not change { user.reload.phone_configurations.count } - expect(PhoneFormatter.format(assigns[:phone_configuration].phone)). - to eq(PhoneFormatter.format(phone)) + expect(PhoneFormatter.format(assigns[:phone_configuration].phone)) + .to eq(PhoneFormatter.format(phone)) end end diff --git a/spec/controllers/two_factor_authentication/totp_verification_controller_spec.rb b/spec/controllers/two_factor_authentication/totp_verification_controller_spec.rb index 56884e53e67..989a185b01e 100644 --- a/spec/controllers/two_factor_authentication/totp_verification_controller_spec.rb +++ b/spec/controllers/two_factor_authentication/totp_verification_controller_spec.rb @@ -44,9 +44,9 @@ it 'tracks the valid authentication event' do cfg = controller.current_user.auth_app_configurations.first - expect(controller).to receive(:handle_valid_verification_for_authentication_context). - with(auth_method: TwoFactorAuthenticatable::AuthMethod::TOTP). - and_call_original + expect(controller).to receive(:handle_valid_verification_for_authentication_context) + .with(auth_method: TwoFactorAuthenticatable::AuthMethod::TOTP) + .and_call_original post :create, params: { code: generate_totp_code(@secret) } @@ -166,8 +166,8 @@ @secret = user.generate_totp_secret Db::AuthAppConfiguration.create(user, @secret, nil, 'foo') - expect(PushNotification::HttpPush).to receive(:deliver). - with(PushNotification::MfaLimitAccountLockedEvent.new(user: subject.current_user)) + expect(PushNotification::HttpPush).to receive(:deliver) + .with(PushNotification::MfaLimitAccountLockedEvent.new(user: subject.current_user)) post :create, params: { code: '12345' } @@ -215,13 +215,13 @@ describe 'when user submits an invalid form' do it 'fails with empty code' do - expect { post :create, params: { code: '' } }. - to raise_error(ActionController::ParameterMissing) + expect { post :create, params: { code: '' } } + .to raise_error(ActionController::ParameterMissing) end it 'fails with no code parameter' do - expect { post :create, params: { fake_code: 'abc123' } }. - to raise_error(ActionController::ParameterMissing) + expect { post :create, params: { fake_code: 'abc123' } } + .to raise_error(ActionController::ParameterMissing) end end diff --git a/spec/controllers/two_factor_authentication/webauthn_verification_controller_spec.rb b/spec/controllers/two_factor_authentication/webauthn_verification_controller_spec.rb index 6503d7a66e8..b31701e10a9 100644 --- a/spec/controllers/two_factor_authentication/webauthn_verification_controller_spec.rb +++ b/spec/controllers/two_factor_authentication/webauthn_verification_controller_spec.rb @@ -133,9 +133,9 @@ end it 'tracks a valid submission' do - expect(controller).to receive(:handle_valid_verification_for_authentication_context). - with(auth_method: TwoFactorAuthenticatable::AuthMethod::WEBAUTHN). - and_call_original + expect(controller).to receive(:handle_valid_verification_for_authentication_context) + .with(auth_method: TwoFactorAuthenticatable::AuthMethod::WEBAUTHN) + .and_call_original freeze_time do patch :confirm, params: params @@ -216,8 +216,8 @@ success: true, enabled_mfa_methods_count: 1, webauthn_configuration_id: webauthn_configuration.id, - multi_factor_auth_method_created_at: webauthn_configuration.created_at. - strftime('%s%L'), + multi_factor_auth_method_created_at: webauthn_configuration.created_at + .strftime('%s%L'), new_device: true, attempts: 1, ) diff --git a/spec/controllers/users/backup_code_setup_controller_spec.rb b/spec/controllers/users/backup_code_setup_controller_spec.rb index e5c8f26596d..71b7286c975 100644 --- a/spec/controllers/users/backup_code_setup_controller_spec.rb +++ b/spec/controllers/users/backup_code_setup_controller_spec.rb @@ -29,8 +29,8 @@ allow(controller).to receive(:in_multi_mfa_selection_flow?).and_return(true) Funnel::Registration::AddMfa.call(user.id, 'phone', @analytics, threatmetrix_attrs) - expect(PushNotification::HttpPush).to receive(:deliver). - with(PushNotification::RecoveryInformationChangedEvent.new(user: user)) + expect(PushNotification::HttpPush).to receive(:deliver) + .with(PushNotification::RecoveryInformationChangedEvent.new(user: user)) response diff --git a/spec/controllers/users/edit_phone_controller_spec.rb b/spec/controllers/users/edit_phone_controller_spec.rb index b2e6695c91e..9b7c77b0a1e 100644 --- a/spec/controllers/users/edit_phone_controller_spec.rb +++ b/spec/controllers/users/edit_phone_controller_spec.rb @@ -63,8 +63,8 @@ stub_sign_in(user.reload) stub_analytics - expect(PushNotification::HttpPush).to receive(:deliver). - with(PushNotification::RecoveryInformationChangedEvent.new(user: user)) + expect(PushNotification::HttpPush).to receive(:deliver) + .with(PushNotification::RecoveryInformationChangedEvent.new(user: user)) delete :destroy, params: { id: phone_configuration.id } expect(@analytics).to have_logged_event( diff --git a/spec/controllers/users/email_confirmations_controller_spec.rb b/spec/controllers/users/email_confirmations_controller_spec.rb index 826b9374f01..96a5e0d4711 100644 --- a/spec/controllers/users/email_confirmations_controller_spec.rb +++ b/spec/controllers/users/email_confirmations_controller_spec.rb @@ -9,14 +9,14 @@ user = create(:user) new_email = Faker::Internet.email - expect(PushNotification::HttpPush).to receive(:deliver).once. - with(PushNotification::EmailChangedEvent.new( + expect(PushNotification::HttpPush).to receive(:deliver).once + .with(PushNotification::EmailChangedEvent.new( user: user, email: new_email, )).ordered - expect(PushNotification::HttpPush).to receive(:deliver).once. - with(PushNotification::RecoveryInformationChangedEvent.new( + expect(PushNotification::HttpPush).to receive(:deliver).once + .with(PushNotification::RecoveryInformationChangedEvent.new( user: user, )).ordered @@ -37,8 +37,8 @@ context 'when select email feature is disabled' do before do - allow(IdentityConfig.store).to receive(:feature_select_email_to_share_enabled). - and_return(false) + allow(IdentityConfig.store).to receive(:feature_select_email_to_share_enabled) + .and_return(false) end it 'should render proper flash member' do flash_message = t('devise.confirmations.confirmed') diff --git a/spec/controllers/users/email_language_controller_spec.rb b/spec/controllers/users/email_language_controller_spec.rb index 358b0f720c7..2ca91d1f109 100644 --- a/spec/controllers/users/email_language_controller_spec.rb +++ b/spec/controllers/users/email_language_controller_spec.rb @@ -43,8 +43,10 @@ let(:email_language) { 'es' } it 'updates the user email_language' do - expect { action }. - to(change { user.reload.email_language }.from(original_email_language).to(email_language)) + expect { action } + .to(change do + user.reload.email_language + end.from(original_email_language).to(email_language)) end it 'redirects to the account page with a success flash' do diff --git a/spec/controllers/users/emails_controller_spec.rb b/spec/controllers/users/emails_controller_spec.rb index ae29f8e71ea..3fc9869c113 100644 --- a/spec/controllers/users/emails_controller_spec.rb +++ b/spec/controllers/users/emails_controller_spec.rb @@ -28,8 +28,8 @@ let(:params) { { in_select_email_flow: true } } it 'assigns session value for email selection flow' do - expect { response }.to change { controller.session[:in_select_email_flow] }. - from(nil).to(true) + expect { response }.to change { controller.session[:in_select_email_flow] } + .from(nil).to(true) end it 'logs visit with selected email value' do @@ -92,8 +92,8 @@ describe '#verify' do context 'with malformed payload' do it 'does not blow up' do - expect { get :verify, params: { request_id: { foo: 'bar' } } }. - to_not raise_error + expect { get :verify, params: { request_id: { foo: 'bar' } } } + .to_not raise_error end end end diff --git a/spec/controllers/users/forget_all_browsers_controller_spec.rb b/spec/controllers/users/forget_all_browsers_controller_spec.rb index abb7a08fdfa..1248f920922 100644 --- a/spec/controllers/users/forget_all_browsers_controller_spec.rb +++ b/spec/controllers/users/forget_all_browsers_controller_spec.rb @@ -52,9 +52,9 @@ travel_to(now) subject end - end.to change { user.remember_device_revoked_at.to_i }. - from(original_device_revoked_at.to_i). - to(now.to_i) + end.to change { user.remember_device_revoked_at.to_i } + .from(original_device_revoked_at.to_i) + .to(now.to_i) end it 'logs an analytics event for forgetting' do diff --git a/spec/controllers/users/personal_keys_controller_spec.rb b/spec/controllers/users/personal_keys_controller_spec.rb index 3e6b0654008..afea7b1260e 100644 --- a/spec/controllers/users/personal_keys_controller_spec.rb +++ b/spec/controllers/users/personal_keys_controller_spec.rb @@ -45,8 +45,8 @@ stub_sign_in generator = instance_double(PersonalKeyGenerator) - allow(PersonalKeyGenerator).to receive(:new). - with(subject.current_user).and_return(generator) + allow(PersonalKeyGenerator).to receive(:new) + .with(subject.current_user).and_return(generator) expect(generator).to_not receive(:generate!) diff --git a/spec/controllers/users/phone_setup_controller_spec.rb b/spec/controllers/users/phone_setup_controller_spec.rb index a60983492ca..ef05e05f71d 100644 --- a/spec/controllers/users/phone_setup_controller_spec.rb +++ b/spec/controllers/users/phone_setup_controller_spec.rb @@ -95,8 +95,8 @@ context 'with recaptcha enabled' do before do allow(FeatureManagement).to receive(:phone_recaptcha_enabled?).and_return(true) - allow(IdentityConfig.store).to receive(:phone_recaptcha_country_score_overrides). - and_return({}) + allow(IdentityConfig.store).to receive(:phone_recaptcha_country_score_overrides) + .and_return({}) allow(IdentityConfig.store).to receive(:phone_recaptcha_score_threshold).and_return(0.6) end diff --git a/spec/controllers/users/piv_cac_login_controller_spec.rb b/spec/controllers/users/piv_cac_login_controller_spec.rb index cbb044ee6df..019effa587c 100644 --- a/spec/controllers/users/piv_cac_login_controller_spec.rb +++ b/spec/controllers/users/piv_cac_login_controller_spec.rb @@ -129,8 +129,8 @@ it 'sets the session correctly' do response - expect(controller.user_session[TwoFactorAuthenticatable::NEED_AUTHENTICATION]). - to eq false + expect(controller.user_session[TwoFactorAuthenticatable::NEED_AUTHENTICATION]) + .to eq false expect(controller.auth_methods_session.auth_events).to match( [ { diff --git a/spec/controllers/users/reset_passwords_controller_spec.rb b/spec/controllers/users/reset_passwords_controller_spec.rb index 9f08e5edf0b..ceca9e9deee 100644 --- a/spec/controllers/users/reset_passwords_controller_spec.rb +++ b/spec/controllers/users/reset_passwords_controller_spec.rb @@ -133,8 +133,8 @@ expect(email_address).to receive(:email).twice forbidden = instance_double(ForbiddenPasswords) - allow(ForbiddenPasswords).to receive(:new). - with(email_address.email).and_return(forbidden) + allow(ForbiddenPasswords).to receive(:new) + .with(email_address.email).and_return(forbidden) expect(forbidden).to receive(:call) get :edit @@ -463,8 +463,8 @@ } end.to(change { ActionMailer::Base.deliveries.count }.by(1)) - expect(ActionMailer::Base.deliveries.last.subject). - to eq t('anonymous_mailer.password_reset_missing_user.subject') + expect(ActionMailer::Base.deliveries.last.subject) + .to eq t('anonymous_mailer.password_reset_missing_user.subject') expect(@analytics).to have_logged_event( 'Password Reset: Email Submitted', success: true, @@ -520,8 +520,8 @@ end it 'sends missing user email and tracks event' do - expect { put :create, params: params }. - to change { ActionMailer::Base.deliveries.count }.by(1) + expect { put :create, params: params } + .to change { ActionMailer::Base.deliveries.count }.by(1) expect(@analytics).to have_logged_event( 'Password Reset: Email Submitted', @@ -533,8 +533,8 @@ active_profile: false, ) - expect(ActionMailer::Base.deliveries.last.subject). - to eq t('anonymous_mailer.password_reset_missing_user.subject') + expect(ActionMailer::Base.deliveries.last.subject) + .to eq t('anonymous_mailer.password_reset_missing_user.subject') expect(response).to redirect_to forgot_password_path end end @@ -565,8 +565,8 @@ stub_analytics params = { password_reset_email_form: { email: 'foo' } } - expect { put :create, params: params }. - to change { ActionMailer::Base.deliveries.count }.by(0) + expect { put :create, params: params } + .to change { ActionMailer::Base.deliveries.count }.by(0) expect(@analytics).to have_logged_event( 'Password Reset: Email Submitted', @@ -609,9 +609,9 @@ def stub_user_mailer(user) mailer = instance_double(ActionMailer::MessageDelivery, deliver_now_or_later: true) user.email_addresses.each do |email_address| - allow(UserMailer).to receive(:password_changed). - with(user, email_address, disavowal_token: instance_of(String)). - and_return(mailer) + allow(UserMailer).to receive(:password_changed) + .with(user, email_address, disavowal_token: instance_of(String)) + .and_return(mailer) end end end diff --git a/spec/controllers/users/rules_of_use_controller_spec.rb b/spec/controllers/users/rules_of_use_controller_spec.rb index d9224127316..7dc096083b3 100644 --- a/spec/controllers/users/rules_of_use_controller_spec.rb +++ b/spec/controllers/users/rules_of_use_controller_spec.rb @@ -5,8 +5,8 @@ let(:accepted_terms_at) { nil } let(:user) { create(:user, :fully_registered, accepted_terms_at: accepted_terms_at) } before do - allow(IdentityConfig.store).to receive(:rules_of_use_updated_at). - and_return(rules_of_use_updated_at) + allow(IdentityConfig.store).to receive(:rules_of_use_updated_at) + .and_return(rules_of_use_updated_at) end describe 'before_actions' do it 'includes appropriate before_actions' do @@ -146,8 +146,8 @@ request_url: "http://test.com?#{URI.encode_www_form(params)}", } action - expect(response.request.content_security_policy.form_action). - to match_array(["'self'", 'https://example.com']) + expect(response.request.content_security_policy.form_action) + .to match_array(["'self'", 'https://example.com']) end it 'does not include service provider URIs in form-action CSP header when disabled' do @@ -169,8 +169,8 @@ request_url: "http://test.com?#{URI.encode_www_form(params)}", } action - expect(response.request.content_security_policy.form_action). - to match_array(["'self'"]) + expect(response.request.content_security_policy.form_action) + .to match_array(["'self'"]) end end diff --git a/spec/controllers/users/second_mfa_reminder_controller_spec.rb b/spec/controllers/users/second_mfa_reminder_controller_spec.rb index 6d5ed096253..c6da34e9154 100644 --- a/spec/controllers/users/second_mfa_reminder_controller_spec.rb +++ b/spec/controllers/users/second_mfa_reminder_controller_spec.rb @@ -53,8 +53,8 @@ it 'updates user to acknowledge dismissal of prompt' do freeze_time do - expect { response }.to change { user.reload.second_mfa_reminder_dismissed_at }. - from(nil).to(Time.zone.now) + expect { response }.to change { user.reload.second_mfa_reminder_dismissed_at } + .from(nil).to(Time.zone.now) end end @@ -83,8 +83,8 @@ it 'updates user to acknowledge dismissal of prompt' do freeze_time do - expect { response }.to change { user.reload.second_mfa_reminder_dismissed_at }. - from(nil).to(Time.zone.now) + expect { response }.to change { user.reload.second_mfa_reminder_dismissed_at } + .from(nil).to(Time.zone.now) end end diff --git a/spec/controllers/users/service_provider_revoke_controller_spec.rb b/spec/controllers/users/service_provider_revoke_controller_spec.rb index 393a0e0bd1a..df726759371 100644 --- a/spec/controllers/users/service_provider_revoke_controller_spec.rb +++ b/spec/controllers/users/service_provider_revoke_controller_spec.rb @@ -69,8 +69,8 @@ travel_to(now) subject end - end.to change { @identity.reload.deleted_at&.to_i }. - from(nil).to(now.to_i) + end.to change { @identity.reload.deleted_at&.to_i } + .from(nil).to(now.to_i) expect(response).to redirect_to(account_connected_accounts_path) end diff --git a/spec/controllers/users/sessions_controller_spec.rb b/spec/controllers/users/sessions_controller_spec.rb index 9c614032c48..a033b885eef 100644 --- a/spec/controllers/users/sessions_controller_spec.rb +++ b/spec/controllers/users/sessions_controller_spec.rb @@ -331,14 +331,14 @@ allow(FeatureManagement).to receive(:sign_in_recaptcha_enabled?).and_return(true) allow(IdentityConfig.store).to receive(:recaptcha_mock_validator).and_return(true) allow(IdentityConfig.store).to receive(:sign_in_recaptcha_score_threshold).and_return(0.2) - allow(controller).to receive(:ab_test_bucket).with(:RECAPTCHA_SIGN_IN, kind_of(Hash)). - and_return(:sign_in_recaptcha) + allow(controller).to receive(:ab_test_bucket).with(:RECAPTCHA_SIGN_IN, kind_of(Hash)) + .and_return(:sign_in_recaptcha) end context 'when configured to log failures only' do before do - allow(IdentityConfig.store).to receive(:sign_in_recaptcha_log_failures_only). - and_return(true) + allow(IdentityConfig.store).to receive(:sign_in_recaptcha_log_failures_only) + .and_return(true) end it 'redirects unsuccessful authentication for failed reCAPTCHA to failed page' do @@ -352,8 +352,8 @@ context 'when not configured to log failures only' do before do - allow(IdentityConfig.store).to receive(:sign_in_recaptcha_log_failures_only). - and_return(false) + allow(IdentityConfig.store).to receive(:sign_in_recaptcha_log_failures_only) + .and_return(false) end it 'tracks unsuccessful authentication for failed reCAPTCHA' do @@ -453,8 +453,8 @@ context 'user randomly chosen to be tested' do before do allow(SecureRandom).to receive(:random_number).and_return(5) - allow(IdentityConfig.store).to receive(:compromised_password_randomizer_threshold). - and_return(2) + allow(IdentityConfig.store).to receive(:compromised_password_randomizer_threshold) + .and_return(2) end it 'updates user attribute password_compromised_checked_at' do @@ -473,8 +473,8 @@ context 'user not chosen to be tested' do before do allow(SecureRandom).to receive(:random_number).and_return(1) - allow(IdentityConfig.store).to receive(:compromised_password_randomizer_threshold). - and_return(5) + allow(IdentityConfig.store).to receive(:compromised_password_randomizer_threshold) + .and_return(5) end it 'does not store anything in user_session' do @@ -498,8 +498,8 @@ context 'user randomly chosen to be tested' do before do allow(SecureRandom).to receive(:random_number).and_return(5) - allow(IdentityConfig.store).to receive(:compromised_password_randomizer_threshold). - and_return(2) + allow(IdentityConfig.store).to receive(:compromised_password_randomizer_threshold) + .and_return(2) end it 'updates user attribute password_compromised_checked_at' do @@ -518,8 +518,8 @@ context 'user not chosen to be tested' do before do allow(SecureRandom).to receive(:random_number).and_return(1) - allow(IdentityConfig.store).to receive(:compromised_password_randomizer_threshold). - and_return(5) + allow(IdentityConfig.store).to receive(:compromised_password_randomizer_threshold) + .and_return(5) end it 'does not store anything in user_session' do @@ -648,8 +648,8 @@ it 'does not allow signing in with empty email' do post :create, params: { user: { email: '', password: 'foo' } } - expect(flash[:alert]). - to eq t( + expect(flash[:alert]) + .to eq t( 'devise.failure.not_found_in_database_html', link_html: link_to( t('devise.failure.not_found_in_database_link_text'), @@ -662,8 +662,8 @@ user = create(:user) post :create, params: { user: { email: 'invalid@example.com', password: user.password } } - expect(flash[:alert]). - to eq t( + expect(flash[:alert]) + .to eq t( 'devise.failure.invalid_html', link_html: link_to( t('devise.failure.invalid_link_text'), @@ -675,8 +675,8 @@ it 'does not allow signing in with empty password' do post :create, params: { user: { email: 'test@example.com', password: '' } } - expect(flash[:alert]). - to eq t( + expect(flash[:alert]) + .to eq t( 'devise.failure.not_found_in_database_html', link_html: link_to( t('devise.failure.not_found_in_database_link_text'), @@ -689,8 +689,8 @@ user = create(:user) post :create, params: { user: { email: user.email, password: 'invalidpass' } } - expect(flash[:alert]). - to eq t( + expect(flash[:alert]) + .to eq t( 'devise.failure.invalid_html', link_html: link_to( t('devise.failure.invalid_link_text'), @@ -760,8 +760,8 @@ let(:user) { create(:user, :fully_registered, accepted_terms_at: accepted_terms_at) } before do - allow(IdentityConfig.store).to receive(:rules_of_use_updated_at). - and_return(rules_of_use_updated_at) + allow(IdentityConfig.store).to receive(:rules_of_use_updated_at) + .and_return(rules_of_use_updated_at) end it 'redirects to 2fa since there is no pending account reset rewquests' do @@ -776,8 +776,8 @@ let(:user) { create(:user, :fully_registered, accepted_terms_at: accepted_terms_at) } before do - allow(IdentityConfig.store).to receive(:rules_of_use_updated_at). - and_return(rules_of_use_updated_at) + allow(IdentityConfig.store).to receive(:rules_of_use_updated_at) + .and_return(rules_of_use_updated_at) end it 'redirects to rules of use url' do @@ -793,10 +793,10 @@ let(:user) { create(:user, :fully_registered, accepted_terms_at: accepted_terms_at) } before do - allow(IdentityConfig.store).to receive(:rules_of_use_horizon_years). - and_return(rules_of_use_horizon_years) - allow(IdentityConfig.store).to receive(:rules_of_use_updated_at). - and_return(rules_of_use_updated_at) + allow(IdentityConfig.store).to receive(:rules_of_use_horizon_years) + .and_return(rules_of_use_horizon_years) + allow(IdentityConfig.store).to receive(:rules_of_use_updated_at) + .and_return(rules_of_use_updated_at) end it 'redirects to the rules of user url' do diff --git a/spec/controllers/users/two_factor_authentication_controller_spec.rb b/spec/controllers/users/two_factor_authentication_controller_spec.rb index 2b4eeb055ce..2af71ae525d 100644 --- a/spec/controllers/users/two_factor_authentication_controller_spec.rb +++ b/spec/controllers/users/two_factor_authentication_controller_spec.rb @@ -230,8 +230,8 @@ def index expect(Telephony::Test::Message.messages.length).to eq(1) expect(Telephony::Test::Call.calls.length).to eq(0) - expect(response). - to redirect_to login_two_factor_path(**otp_preference_sms) + expect(response) + .to redirect_to login_two_factor_path(**otp_preference_sms) end context 'when no options are enabled and available for use' do @@ -362,10 +362,10 @@ def index it 'calls OtpRateLimiter#exceeded_otp_send_limit? and #increment' do otp_rate_limiter = instance_double(OtpRateLimiter) - allow(OtpRateLimiter).to receive(:new). - with(phone: MfaContext.new(@user).phone_configurations.first.phone, - user: @user, phone_confirmed: true). - and_return(otp_rate_limiter) + allow(OtpRateLimiter).to receive(:new) + .with(phone: MfaContext.new(@user).phone_configurations.first.phone, + user: @user, phone_confirmed: true) + .and_return(otp_rate_limiter) expect(otp_rate_limiter).to receive(:exceeded_otp_send_limit?).twice expect(otp_rate_limiter).to receive(:increment) @@ -376,8 +376,8 @@ def index it 'marks the user as locked out after too many attempts' do expect(@user.second_factor_locked_at).to be_nil - allow(OtpRateLimiter).to receive(:exceeded_otp_send_limit?). - and_return(true) + allow(OtpRateLimiter).to receive(:exceeded_otp_send_limit?) + .and_return(true) freeze_time do (IdentityConfig.store.otp_delivery_blocklist_maxretry + 1).times do @@ -415,9 +415,9 @@ def index assessment_id:, reason: RecaptchaAnnotator::AnnotationReasons::INITIATED_TWO_FACTOR, } - expect(RecaptchaAnnotator).to receive(:annotate).once. - with(**recaptcha_annotation). - and_return(recaptcha_annotation) + expect(RecaptchaAnnotator).to receive(:annotate).once + .with(**recaptcha_annotation) + .and_return(recaptcha_annotation) response @@ -621,8 +621,8 @@ def index sign_in_before_2fa(@user) subject.user_session[:context] = 'confirmation' allow(IdentityConfig.store).to receive(:short_term_phone_otp_max_attempts).and_return(2) - allow(IdentityConfig.store).to receive(:short_term_phone_otp_max_attempt_window_in_seconds). - and_return(5) + allow(IdentityConfig.store).to receive(:short_term_phone_otp_max_attempt_window_in_seconds) + .and_return(5) freeze_time do IdentityConfig.store.short_term_phone_otp_max_attempts.times do @@ -660,8 +660,8 @@ def index expect(@user.second_factor_locked_at).to be_nil - allow(OtpRateLimiter).to receive(:exceeded_otp_send_limit?). - and_return(true) + allow(OtpRateLimiter).to receive(:exceeded_otp_send_limit?) + .and_return(true) freeze_time do (IdentityConfig.store.otp_delivery_blocklist_maxretry + 1).times do diff --git a/spec/controllers/users/two_factor_authentication_setup_controller_spec.rb b/spec/controllers/users/two_factor_authentication_setup_controller_spec.rb index 574627a8860..0c9c90e3eee 100644 --- a/spec/controllers/users/two_factor_authentication_setup_controller_spec.rb +++ b/spec/controllers/users/two_factor_authentication_setup_controller_spec.rb @@ -150,9 +150,9 @@ end it 'assigns platform_authenticator_available session value' do - expect { response }.to change { controller.user_session[:platform_authenticator_available] }. - from(nil). - to(false) + expect { response }.to change { controller.user_session[:platform_authenticator_available] } + .from(nil) + .to(false) end context 'when multi selection with phone first' do @@ -206,9 +206,9 @@ it 'assigns platform_authenticator_available session value' do expect do response - end.to change { controller.user_session[:platform_authenticator_available] }. - from(nil). - to(true) + end.to change { controller.user_session[:platform_authenticator_available] } + .from(nil) + .to(true) end end end diff --git a/spec/controllers/users/verify_password_controller_spec.rb b/spec/controllers/users/verify_password_controller_spec.rb index c03e1bee6d0..4453f125749 100644 --- a/spec/controllers/users/verify_password_controller_spec.rb +++ b/spec/controllers/users/verify_password_controller_spec.rb @@ -42,8 +42,8 @@ context 'with personal key flag set' do before do - allow(subject.reactivate_account_session).to receive(:validated_personal_key?). - and_return(key) + allow(subject.reactivate_account_session).to receive(:validated_personal_key?) + .and_return(key) end describe '#new' do diff --git a/spec/controllers/users/webauthn_controller_spec.rb b/spec/controllers/users/webauthn_controller_spec.rb index 642f4728f23..1fba45e8565 100644 --- a/spec/controllers/users/webauthn_controller_spec.rb +++ b/spec/controllers/users/webauthn_controller_spec.rb @@ -178,8 +178,8 @@ end it 'sends a recovery information changed event' do - expect(PushNotification::HttpPush).to receive(:deliver). - with(PushNotification::RecoveryInformationChangedEvent.new(user: user)) + expect(PushNotification::HttpPush).to receive(:deliver) + .with(PushNotification::RecoveryInformationChangedEvent.new(user: user)) response end diff --git a/spec/controllers/users/webauthn_platform_recommended_controller_spec.rb b/spec/controllers/users/webauthn_platform_recommended_controller_spec.rb index 13d2c027caf..34937d03ba1 100644 --- a/spec/controllers/users/webauthn_platform_recommended_controller_spec.rb +++ b/spec/controllers/users/webauthn_platform_recommended_controller_spec.rb @@ -58,15 +58,15 @@ it 'updates user record to mark as having dismissed recommendation' do freeze_time do - expect { response }.to change { user.webauthn_platform_recommended_dismissed_at }. - from(nil). - to(Time.zone.now) + expect { response }.to change { user.webauthn_platform_recommended_dismissed_at } + .from(nil) + .to(Time.zone.now) end end it 'does not assign recommended session value' do - expect { response }.not_to change { controller.user_session[:webauthn_platform_recommended] }. - from(nil) + expect { response }.not_to change { controller.user_session[:webauthn_platform_recommended] } + .from(nil) end it 'redirects user to after sign in path' do @@ -118,8 +118,8 @@ end it 'assigns recommended session value to recommendation flow' do - expect { response }.to change { controller.user_session[:webauthn_platform_recommended] }. - from(nil).to(:authentication) + expect { response }.to change { controller.user_session[:webauthn_platform_recommended] } + .from(nil).to(:authentication) end context 'user is creating account' do @@ -128,8 +128,8 @@ end it 'assigns recommended session value to recommendation flow' do - expect { response }.to change { controller.user_session[:webauthn_platform_recommended] }. - from(nil).to(:account_creation) + expect { response }.to change { controller.user_session[:webauthn_platform_recommended] } + .from(nil).to(:account_creation) end end end diff --git a/spec/controllers/vendor_outage_controller_spec.rb b/spec/controllers/vendor_outage_controller_spec.rb index 3ceb6600733..90ae84eefdf 100644 --- a/spec/controllers/vendor_outage_controller_spec.rb +++ b/spec/controllers/vendor_outage_controller_spec.rb @@ -23,8 +23,8 @@ context 'gpo letter available' do before do stub_sign_in - allow(controller.gpo_verify_by_mail_policy).to receive(:send_letter_available?). - and_return(true) + allow(controller.gpo_verify_by_mail_policy).to receive(:send_letter_available?) + .and_return(true) end it 'sets show_gpo_option as true' do diff --git a/spec/decorators/event_decorator_spec.rb b/spec/decorators/event_decorator_spec.rb index f3816c1ae62..a4e82f52107 100644 --- a/spec/decorators/event_decorator_spec.rb +++ b/spec/decorators/event_decorator_spec.rb @@ -26,8 +26,8 @@ let(:ip_address) { '0.0.0.0' } it 'is an approximate location' do - expect(decorator.last_sign_in_location_and_ip). - to eq('From 0.0.0.0 (IP address potentially located in United States)') + expect(decorator.last_sign_in_location_and_ip) + .to eq('From 0.0.0.0 (IP address potentially located in United States)') end end diff --git a/spec/decorators/service_provider_session_spec.rb b/spec/decorators/service_provider_session_spec.rb index ff48afdc6b7..11f20fef845 100644 --- a/spec/decorators/service_provider_session_spec.rb +++ b/spec/decorators/service_provider_session_spec.rb @@ -17,8 +17,8 @@ let(:sp_create_link) { '/sign_up/enter_email' } before do - allow(view_context).to receive(:sign_up_email_path). - and_return('/sign_up/enter_email') + allow(view_context).to receive(:sign_up_email_path) + .and_return('/sign_up/enter_email') end it 'has the same public API as NullServiceProviderSession' do @@ -38,8 +38,8 @@ describe '#sp_alert' do context 'sp has custom alert' do it 'uses the custom template' do - expect(subject.sp_alert('sign_in')). - to eq "custom sign in help text for #{sp.friendly_name}" + expect(subject.sp_alert('sign_in')) + .to eq "custom sign in help text for #{sp.friendly_name}" end end @@ -47,8 +47,8 @@ let(:sp) { build_stubbed(:service_provider_without_help_text) } it 'returns nil' do - expect(subject.sp_alert('sign_in')). - to be_nil + expect(subject.sp_alert('sign_in')) + .to be_nil end end @@ -56,8 +56,8 @@ let(:sp) { build(:service_provider, help_text: nil) } it 'returns nil' do - expect(subject.sp_alert('sign_in')). - to be_nil + expect(subject.sp_alert('sign_in')) + .to be_nil end end @@ -65,8 +65,8 @@ let(:sp) { build_stubbed(:service_provider, :with_blank_help_text) } it 'returns nil' do - expect(subject.sp_alert('sign_in')). - to be_nil + expect(subject.sp_alert('sign_in')) + .to be_nil end end end @@ -182,13 +182,13 @@ end before do - allow(view_context).to receive(:new_user_session_url). - and_return('https://www.example.com/') + allow(view_context).to receive(:new_user_session_url) + .and_return('https://www.example.com/') end it 'returns view_context.new_user_session_url' do - expect(decorator.cancel_link_url). - to eq 'https://www.example.com/' + expect(decorator.cancel_link_url) + .to eq 'https://www.example.com/' end end @@ -202,8 +202,8 @@ allow(IdentityConfig.store).to receive( :allowed_verified_within_providers, ) { [client_id] } - allow(session_decorator).to receive(:authorize_form). - and_return(OpenidConnectAuthorizeForm.new(verified_within:, client_id:)) + allow(session_decorator).to receive(:authorize_form) + .and_return(OpenidConnectAuthorizeForm.new(verified_within:, client_id:)) end subject(:requested_more_recent_verification?) do diff --git a/spec/factories/agencies.rb b/spec/factories/agencies.rb index 942462de530..aedd9cf2a42 100644 --- a/spec/factories/agencies.rb +++ b/spec/factories/agencies.rb @@ -16,11 +16,11 @@ ) end abbreviation do - name. - split(' '). - map { |w| w[0].upcase }. - select { |c| /\w/.match?(c) }. - join + id.to_s + name + .split(' ') + .map { |w| w[0].upcase } + .select { |c| /\w/.match?(c) } + .join + id.to_s end end end diff --git a/spec/features/account/backup_codes_spec.rb b/spec/features/account/backup_codes_spec.rb index 478645b6c66..4009440f9d2 100644 --- a/spec/features/account/backup_codes_spec.rb +++ b/spec/features/account/backup_codes_spec.rb @@ -68,9 +68,9 @@ expect(page).to have_current_path(backup_code_setup_path) expect(page).to have_content(t('forms.backup_code.title')) - generated_at = user.backup_code_configurations. - order(created_at: :asc).first.created_at. - in_time_zone('UTC') + generated_at = user.backup_code_configurations + .order(created_at: :asc).first.created_at + .in_time_zone('UTC') formatted_generated_at = l(generated_at, format: t('time.formats.event_timestamp')) expected_message = "#{t('account.index.backup_codes_exist')} #{formatted_generated_at}" diff --git a/spec/features/account_creation/threat_metrix_spec.rb b/spec/features/account_creation/threat_metrix_spec.rb index 0a17582b3d1..50a00208e1e 100644 --- a/spec/features/account_creation/threat_metrix_spec.rb +++ b/spec/features/account_creation/threat_metrix_spec.rb @@ -16,8 +16,8 @@ user = confirm_last_user set_password(user) fake_analytics = FakeAnalytics.new - expect_any_instance_of(AccountCreationThreatMetrixJob).to receive(:analytics).with(user). - and_return(fake_analytics) + expect_any_instance_of(AccountCreationThreatMetrixJob).to receive(:analytics).with(user) + .and_return(fake_analytics) select_2fa_option('backup_code') click_continue diff --git a/spec/features/account_reset/cancel_request_spec.rb b/spec/features/account_reset/cancel_request_spec.rb index 06fdcdae6db..7775df40263 100644 --- a/spec/features/account_reset/cancel_request_spec.rb +++ b/spec/features/account_reset/cancel_request_spec.rb @@ -7,13 +7,13 @@ signin(user.email, user.password) click_link t('two_factor_authentication.login_options_link_text') click_link t('two_factor_authentication.account_reset.link') - expect(page). - to have_content strip_tags( + expect(page) + .to have_content strip_tags( t('account_reset.recovery_options.try_method_again'), ) click_link t('account_reset.request.yes_continue') - expect(page). - to have_content strip_tags( + expect(page) + .to have_content strip_tags( t('account_reset.request.delete_account'), ) reset_email @@ -32,8 +32,8 @@ signin(user.email, user.password) - expect(page). - to have_current_path( + expect(page) + .to have_current_path( login_two_factor_path(otp_delivery_preference: 'sms'), ) end diff --git a/spec/features/account_reset/delete_account_spec.rb b/spec/features/account_reset/delete_account_spec.rb index 8d426766b23..d421151967f 100644 --- a/spec/features/account_reset/delete_account_spec.rb +++ b/spec/features/account_reset/delete_account_spec.rb @@ -22,26 +22,26 @@ signin(user_email, user.password) click_link t('two_factor_authentication.login_options_link_text') click_link t('two_factor_authentication.account_reset.link') - expect(page). - to have_content strip_tags( + expect(page) + .to have_content strip_tags( t('account_reset.recovery_options.try_method_again'), ) click_link t('account_reset.request.yes_continue') - expect(page). - to have_content strip_tags( + expect(page) + .to have_content strip_tags( t('account_reset.request.delete_account'), ) click_button t('account_reset.request.yes_continue') - expect(page). - to have_content strip_tags( + expect(page) + .to have_content strip_tags( t('account_reset.confirm_request.instructions_start'), ) - expect(page). - to have_content user_email - expect(page). - to have_content strip_tags( + expect(page) + .to have_content user_email + expect(page) + .to have_content strip_tags( t('account_reset.confirm_request.instructions_end'), ) expect(page).to have_content t('account_reset.confirm_request.security_note') @@ -90,28 +90,28 @@ click_link t('two_factor_authentication.login_options_link_text') click_link t('two_factor_authentication.account_reset.link') - expect(page). - to have_content strip_tags( + expect(page) + .to have_content strip_tags( t('account_reset.recovery_options.try_method_again'), ) click_link t('account_reset.request.yes_continue') - expect(page). - to have_content strip_tags( + expect(page) + .to have_content strip_tags( t('account_reset.request.delete_account'), ) click_button t('account_reset.request.yes_continue') - expect(page). - to have_content strip_tags( + expect(page) + .to have_content strip_tags( t('account_reset.confirm_request.instructions_start'), ) - expect(page). - to have_content user_email - expect(page). - to have_content strip_tags( + expect(page) + .to have_content user_email + expect(page) + .to have_content strip_tags( t('account_reset.confirm_request.instructions_end'), ) expect(page).to have_content t('account_reset.confirm_request.security_note') @@ -154,25 +154,25 @@ signin(user_email, user.password) click_link t('two_factor_authentication.login_options_link_text') click_link t('two_factor_authentication.account_reset.link') - expect(page). - to have_content strip_tags( + expect(page) + .to have_content strip_tags( t('account_reset.recovery_options.try_method_again'), ) click_link t('account_reset.request.yes_continue') - expect(page). - to have_content strip_tags( + expect(page) + .to have_content strip_tags( t('account_reset.request.delete_account'), ) click_button t('account_reset.request.yes_continue') - expect(page). - to have_content strip_tags( + expect(page) + .to have_content strip_tags( t('account_reset.confirm_request.instructions_start'), ) - expect(page). - to have_content user_email - expect(page). - to have_content strip_tags( + expect(page) + .to have_content user_email + expect(page) + .to have_content strip_tags( t('account_reset.confirm_request.instructions_end'), ) expect(page).to_not have_content t('account_reset.confirm_request.security_note') diff --git a/spec/features/account_reset/pending_request_spec.rb b/spec/features/account_reset/pending_request_spec.rb index 9f7a72b9bca..8b2ee1640fe 100644 --- a/spec/features/account_reset/pending_request_spec.rb +++ b/spec/features/account_reset/pending_request_spec.rb @@ -8,13 +8,13 @@ sign_in_user(user) click_link t('two_factor_authentication.login_options_link_text') click_link t('two_factor_authentication.account_reset.link') - expect(page). - to have_content strip_tags( + expect(page) + .to have_content strip_tags( t('account_reset.recovery_options.try_method_again'), ) click_link t('account_reset.request.yes_continue') - expect(page). - to have_content strip_tags( + expect(page) + .to have_content strip_tags( t('account_reset.request.delete_account'), ) click_button t('account_reset.request.yes_continue') diff --git a/spec/features/event_disavowal_spec.rb b/spec/features/event_disavowal_spec.rb index 0259a8ad3f7..fb4bdcf4329 100644 --- a/spec/features/event_disavowal_spec.rb +++ b/spec/features/event_disavowal_spec.rb @@ -194,8 +194,8 @@ end def submit_prefilled_otp_code(user, delivery_preference) - expect(current_path). - to eq login_two_factor_path(otp_delivery_preference: delivery_preference) + expect(current_path) + .to eq login_two_factor_path(otp_delivery_preference: delivery_preference) fill_in('code', with: user.reload.direct_otp) click_button t('forms.buttons.submit.default') end diff --git a/spec/features/ialmax/saml_sign_in_spec.rb b/spec/features/ialmax/saml_sign_in_spec.rb index cf6aa2a6545..abcfa30f48e 100644 --- a/spec/features/ialmax/saml_sign_in_spec.rb +++ b/spec/features/ialmax/saml_sign_in_spec.rb @@ -143,9 +143,9 @@ context 'with an ial1 SP' do before do - ServiceProvider. - find_by(issuer: 'saml_sp_ial2'). - update!(ial: 1) + ServiceProvider + .find_by(issuer: 'saml_sp_ial2') + .update!(ial: 1) end scenario 'returns an ial1 responses even with an ial2 user' do diff --git a/spec/features/idv/analytics_spec.rb b/spec/features/idv/analytics_spec.rb index ce49724a1b1..c74a2975ad8 100644 --- a/spec/features/idv/analytics_spec.rb +++ b/spec/features/idv/analytics_spec.rb @@ -777,15 +777,15 @@ end before do - allow(IdentityConfig.store).to receive(:proofing_device_profiling). - and_return(proofing_device_profiling) + allow(IdentityConfig.store).to receive(:proofing_device_profiling) + .and_return(proofing_device_profiling) allow_any_instance_of(ApplicationController).to receive(:analytics) do |controller| fake_analytics.user = controller.analytics_user fake_analytics.session = controller.session fake_analytics end - allow(IdentityConfig.store).to receive(:idv_acuant_sdk_upgrade_a_b_testing_enabled). - and_return(false) + allow(IdentityConfig.store).to receive(:idv_acuant_sdk_upgrade_a_b_testing_enabled) + .and_return(false) end context 'Happy path' do @@ -1189,12 +1189,12 @@ allow(IdentityConfig.store).to receive(:in_person_proofing_enabled).and_return(true) allow(IdentityConfig.store).to receive(:in_person_proofing_opt_in_enabled).and_return(false) allow(Idv::InPersonConfig).to receive(:enabled_for_issuer?).and_return(true) - allow_any_instance_of(Idv::InPerson::ReadyToVerifyPresenter). - to receive(:service_provider_homepage_url).and_return(return_sp_url) - allow_any_instance_of(Idv::InPerson::ReadyToVerifyPresenter). - to receive(:sp_name).and_return(sp_friendly_name) - allow(IdentityConfig.store).to receive(:in_person_proofing_enforce_tmx). - and_return(true) + allow_any_instance_of(Idv::InPerson::ReadyToVerifyPresenter) + .to receive(:service_provider_homepage_url).and_return(return_sp_url) + allow_any_instance_of(Idv::InPerson::ReadyToVerifyPresenter) + .to receive(:sp_name).and_return(sp_friendly_name) + allow(IdentityConfig.store).to receive(:in_person_proofing_enforce_tmx) + .and_return(true) start_idv_from_sp(:saml) sign_in_and_2fa_user(user) diff --git a/spec/features/idv/cancel_spec.rb b/spec/features/idv/cancel_spec.rb index 158eadf7835..08a51076df3 100644 --- a/spec/features/idv/cancel_spec.rb +++ b/spec/features/idv/cancel_spec.rb @@ -167,8 +167,8 @@ it 'shows the user a cancellation message with the option to cancel and reset idv', :js do sp_name = 'Test SP' - allow_any_instance_of(ServiceProviderSession).to receive(:sp_name). - and_return(sp_name) + allow_any_instance_of(ServiceProviderSession).to receive(:sp_name) + .and_return(sp_name) click_link t('links.cancel') diff --git a/spec/features/idv/doc_auth/agreement_spec.rb b/spec/features/idv/doc_auth/agreement_spec.rb index 36222de0fab..bec36d57840 100644 --- a/spec/features/idv/doc_auth/agreement_spec.rb +++ b/spec/features/idv/doc_auth/agreement_spec.rb @@ -6,8 +6,8 @@ let(:fake_analytics) { FakeAnalytics.new } before do - allow_any_instance_of(ApplicationController). - to receive(:analytics).and_return(fake_analytics) + allow_any_instance_of(ApplicationController) + .to receive(:analytics).and_return(fake_analytics) sign_in_and_2fa_user complete_doc_auth_steps_before_agreement_step diff --git a/spec/features/idv/doc_auth/document_capture_spec.rb b/spec/features/idv/doc_auth/document_capture_spec.rb index 3d6c44d8632..4d7cabfa5ce 100644 --- a/spec/features/idv/doc_auth/document_capture_spec.rb +++ b/spec/features/idv/doc_auth/document_capture_spec.rb @@ -324,8 +324,8 @@ context 'on mobile platform', allow_browser_log: true do before do # mock mobile device as cameraCapable, this allows us to process - allow_any_instance_of(ActionController::Parameters). - to receive(:[]).and_wrap_original do |impl, param_name| + allow_any_instance_of(ActionController::Parameters) + .to receive(:[]).and_wrap_original do |impl, param_name| param_name.to_sym == :skip_hybrid_handoff ? '' : impl.call(param_name) end end @@ -338,10 +338,10 @@ complete_doc_auth_steps_before_document_capture_step expect(page).to have_current_path(idv_document_capture_url) - expect(max_capture_attempts_before_native_camera.to_i). - to eq(ActiveSupport::Duration::SECONDS_PER_HOUR) - expect(max_submission_attempts_before_native_camera.to_i). - to eq(ActiveSupport::Duration::SECONDS_PER_HOUR) + expect(max_capture_attempts_before_native_camera.to_i) + .to eq(ActiveSupport::Duration::SECONDS_PER_HOUR) + expect(max_submission_attempts_before_native_camera.to_i) + .to eq(ActiveSupport::Duration::SECONDS_PER_HOUR) expect_step_indicator_current_step(t('step_indicator.flows.idv.verify_id')) expect(page).to have_text(t('doc_auth.headings.document_capture')) attach_images @@ -569,8 +569,8 @@ let(:desktop_selfie_mode) { false } before do - allow(IdentityConfig.store).to receive(:doc_auth_selfie_desktop_test_mode). - and_return(desktop_selfie_mode) + allow(IdentityConfig.store).to receive(:doc_auth_selfie_desktop_test_mode) + .and_return(desktop_selfie_mode) end describe 'when desktop selfie not allowed' do @@ -631,10 +631,10 @@ let(:sp_ipp_enabled) { true } before do - allow(IdentityConfig.store).to receive(:in_person_doc_auth_button_enabled). - and_return(in_person_doc_auth_button_enabled) - allow(Idv::InPersonConfig).to receive(:enabled_for_issuer?).with(anything). - and_return(sp_ipp_enabled) + allow(IdentityConfig.store).to receive(:in_person_doc_auth_button_enabled) + .and_return(in_person_doc_auth_button_enabled) + allow(Idv::InPersonConfig).to receive(:enabled_for_issuer?).with(anything) + .and_return(sp_ipp_enabled) end describe 'when ipp is selected' do @@ -768,8 +768,8 @@ def costing_for(cost_type) allow(IdentityConfig.store).to receive(:in_person_proofing_opt_in_enabled).and_return( in_person_proofing_opt_in_enabled, ) - allow_any_instance_of(ServiceProvider).to receive(:in_person_proofing_enabled). - and_return(false) + allow_any_instance_of(ServiceProvider).to receive(:in_person_proofing_enabled) + .and_return(false) visit_idp_from_sp_with_ial2( :oidc, **{ client_id: service_provider.issuer, diff --git a/spec/features/idv/doc_auth/how_to_verify_spec.rb b/spec/features/idv/doc_auth/how_to_verify_spec.rb index 24a5fb5778a..c4a5522add6 100644 --- a/spec/features/idv/doc_auth/how_to_verify_spec.rb +++ b/spec/features/idv/doc_auth/how_to_verify_spec.rb @@ -18,8 +18,8 @@ allow(IdentityConfig.store).to receive(:in_person_proofing_opt_in_enabled) { in_person_proofing_opt_in_enabled } - allow_any_instance_of(ServiceProvider).to receive(:in_person_proofing_enabled). - and_return(service_provider_in_person_proofing_enabled) + allow_any_instance_of(ServiceProvider).to receive(:in_person_proofing_enabled) + .and_return(service_provider_in_person_proofing_enabled) visit_idp_from_sp_with_ial2( :oidc, **{ client_id: ipp_service_provider.issuer, facial_match_required: facial_match_required } diff --git a/spec/features/idv/doc_auth/hybrid_handoff_spec.rb b/spec/features/idv/doc_auth/hybrid_handoff_spec.rb index 519ba225ac5..7621a89b627 100644 --- a/spec/features/idv/doc_auth/hybrid_handoff_spec.rb +++ b/spec/features/idv/doc_auth/hybrid_handoff_spec.rb @@ -44,9 +44,9 @@ end it 'proceeds to the next page with valid info', :js do - expect(Telephony).to receive(:send_doc_auth_link). - with(hash_including(to: '+1 415-555-0199')). - and_call_original + expect(Telephony).to receive(:send_doc_auth_link) + .with(hash_including(to: '+1 415-555-0199')) + .and_call_original expect_step_indicator_current_step(t('step_indicator.flows.idv.verify_id')) @@ -116,8 +116,8 @@ timeout = distance_of_time_in_words( RateLimiter.attempt_window_in_minutes(:idv_send_link).minutes, ) - allow(IdentityConfig.store).to receive(:idv_send_link_max_attempts). - and_return(idv_send_link_max_attempts) + allow(IdentityConfig.store).to receive(:idv_send_link_max_attempts) + .and_return(idv_send_link_max_attempts) freeze_time do idv_send_link_max_attempts.times do @@ -208,10 +208,10 @@ let(:in_person_doc_auth_button_enabled) { true } let(:sp_ipp_enabled) { true } before do - allow(IdentityConfig.store).to receive(:in_person_doc_auth_button_enabled). - and_return(in_person_doc_auth_button_enabled) - allow(Idv::InPersonConfig).to receive(:enabled_for_issuer?).with(anything). - and_return(sp_ipp_enabled) + allow(IdentityConfig.store).to receive(:in_person_doc_auth_button_enabled) + .and_return(in_person_doc_auth_button_enabled) + allow(Idv::InPersonConfig).to receive(:enabled_for_issuer?).with(anything) + .and_return(sp_ipp_enabled) complete_doc_auth_steps_before_hybrid_handoff_step end @@ -333,16 +333,16 @@ def verify_no_upload_photos_section_and_link(page) end allow(IdentityConfig.store).to receive(:socure_docv_enabled).and_return(socure_docv_enabled) allow(IdentityConfig.store).to receive(:doc_auth_vendor_default).and_return(doc_auth_vendor) - allow(IdentityConfig.store).to receive(:doc_auth_selfie_desktop_test_mode). - and_return(desktop_test_mode_enabled) + allow(IdentityConfig.store).to receive(:doc_auth_selfie_desktop_test_mode) + .and_return(desktop_test_mode_enabled) allow(IdentityConfig.store).to receive(:in_person_proofing_enabled).and_return( in_person_proofing_enabled, ) allow(IdentityConfig.store).to receive(:in_person_proofing_opt_in_enabled).and_return( in_person_proofing_opt_in_enabled, ) - allow_any_instance_of(ServiceProvider).to receive(:in_person_proofing_enabled). - and_return(sp_ipp_enabled) + allow_any_instance_of(ServiceProvider).to receive(:in_person_proofing_enabled) + .and_return(sp_ipp_enabled) visit_idp_from_sp_with_ial2( :oidc, **{ client_id: service_provider.issuer, diff --git a/spec/features/idv/doc_auth/link_sent_spec.rb b/spec/features/idv/doc_auth/link_sent_spec.rb index 82a5b0e76cc..a94311a8b6b 100644 --- a/spec/features/idv/doc_auth/link_sent_spec.rb +++ b/spec/features/idv/doc_auth/link_sent_spec.rb @@ -9,8 +9,8 @@ let(:phone_number) { '415-555-0199' } before do - allow(FeatureManagement). - to(receive(:doc_capture_polling_enabled?).and_return(false)) + allow(FeatureManagement) + .to(receive(:doc_capture_polling_enabled?).and_return(false)) user complete_doc_auth_steps_before_hybrid_handoff_step diff --git a/spec/features/idv/doc_auth/redo_document_capture_spec.rb b/spec/features/idv/doc_auth/redo_document_capture_spec.rb index 9460ea01896..083d17361a9 100644 --- a/spec/features/idv/doc_auth/redo_document_capture_spec.rb +++ b/spec/features/idv/doc_auth/redo_document_capture_spec.rb @@ -324,8 +324,8 @@ context 'on mobile platform', allow_browser_log: true do before do # mock mobile device as cameraCapable, this allows us to process - allow_any_instance_of(ActionController::Parameters). - to receive(:[]).and_wrap_original do |impl, param_name| + allow_any_instance_of(ActionController::Parameters) + .to receive(:[]).and_wrap_original do |impl, param_name| param_name.to_sym == :skip_hybrid_handoff ? '' : impl.call(param_name) end end @@ -338,10 +338,10 @@ complete_doc_auth_steps_before_document_capture_step expect(page).to have_current_path(idv_document_capture_url) - expect(max_capture_attempts_before_native_camera.to_i). - to eq(ActiveSupport::Duration::SECONDS_PER_HOUR) - expect(max_submission_attempts_before_native_camera.to_i). - to eq(ActiveSupport::Duration::SECONDS_PER_HOUR) + expect(max_capture_attempts_before_native_camera.to_i) + .to eq(ActiveSupport::Duration::SECONDS_PER_HOUR) + expect(max_submission_attempts_before_native_camera.to_i) + .to eq(ActiveSupport::Duration::SECONDS_PER_HOUR) expect_step_indicator_current_step(t('step_indicator.flows.idv.verify_id')) expect(page).to have_text(t('doc_auth.headings.document_capture')) attach_images @@ -567,8 +567,8 @@ let(:desktop_selfie_mode) { false } before do - allow(IdentityConfig.store).to receive(:doc_auth_selfie_desktop_test_mode). - and_return(desktop_selfie_mode) + allow(IdentityConfig.store).to receive(:doc_auth_selfie_desktop_test_mode) + .and_return(desktop_selfie_mode) end describe 'when desktop selfie not allowed' do @@ -629,10 +629,10 @@ let(:sp_ipp_enabled) { true } before do - allow(IdentityConfig.store).to receive(:in_person_doc_auth_button_enabled). - and_return(in_person_doc_auth_button_enabled) - allow(Idv::InPersonConfig).to receive(:enabled_for_issuer?).with(anything). - and_return(sp_ipp_enabled) + allow(IdentityConfig.store).to receive(:in_person_doc_auth_button_enabled) + .and_return(in_person_doc_auth_button_enabled) + allow(Idv::InPersonConfig).to receive(:enabled_for_issuer?).with(anything) + .and_return(sp_ipp_enabled) end describe 'when ipp is selected' do @@ -766,8 +766,8 @@ def costing_for(cost_type) allow(IdentityConfig.store).to receive(:in_person_proofing_opt_in_enabled).and_return( in_person_proofing_opt_in_enabled, ) - allow_any_instance_of(ServiceProvider).to receive(:in_person_proofing_enabled). - and_return(false) + allow_any_instance_of(ServiceProvider).to receive(:in_person_proofing_enabled) + .and_return(false) visit_idp_from_sp_with_ial2( :oidc, **{ client_id: service_provider.issuer, diff --git a/spec/features/idv/doc_auth/socure_document_capture_spec.rb b/spec/features/idv/doc_auth/socure_document_capture_spec.rb index e78605c8546..490f97ecc3d 100644 --- a/spec/features/idv/doc_auth/socure_document_capture_spec.rb +++ b/spec/features/idv/doc_auth/socure_document_capture_spec.rb @@ -15,18 +15,18 @@ before(:each) do allow(IdentityConfig.store).to receive(:socure_docv_enabled).and_return(true) - allow(DocAuthRouter).to receive(:doc_auth_vendor_for_bucket). - and_return(Idp::Constants::Vendors::SOCURE) + allow(DocAuthRouter).to receive(:doc_auth_vendor_for_bucket) + .and_return(Idp::Constants::Vendors::SOCURE) allow_any_instance_of(ServiceProviderSession).to receive(:sp_name).and_return('Test SP') - allow(IdentityConfig.store).to receive(:socure_docv_webhook_secret_key). - and_return(socure_docv_webhook_secret_key) - allow(IdentityConfig.store).to receive(:socure_docv_document_request_endpoint). - and_return(fake_socure_docv_document_request_endpoint) + allow(IdentityConfig.store).to receive(:socure_docv_webhook_secret_key) + .and_return(socure_docv_webhook_secret_key) + allow(IdentityConfig.store).to receive(:socure_docv_document_request_endpoint) + .and_return(fake_socure_docv_document_request_endpoint) allow(IdentityConfig.store).to receive(:ruby_workers_idv_enabled).and_return(false) allow_any_instance_of(ApplicationController).to receive(:analytics).and_return(fake_analytics) @docv_transaction_token = stub_docv_document_request - allow(IdentityConfig.store).to receive(:socure_docv_verification_data_test_mode). - and_return(socure_docv_verification_data_test_mode) + allow(IdentityConfig.store).to receive(:socure_docv_verification_data_test_mode) + .and_return(socure_docv_verification_data_test_mode) end context 'happy path', allow_browser_log: true do @@ -95,14 +95,14 @@ context 'successfully erases capture app url when flow is complete' do it 'proceeds to the next page with valid info' do document_capture_session = DocumentCaptureSession.find_by(user_id: @user.id) - expect(document_capture_session.socure_docv_capture_app_url). - to eq(fake_socure_document_capture_app_url) + expect(document_capture_session.socure_docv_capture_app_url) + .to eq(fake_socure_document_capture_app_url) expect(page).to have_current_path(fake_socure_document_capture_app_url) visit idv_socure_document_capture_path expect(page).to have_current_path(idv_socure_document_capture_path) document_capture_session.reload - expect(document_capture_session.socure_docv_capture_app_url). - to eq(fake_socure_document_capture_app_url) + expect(document_capture_session.socure_docv_capture_app_url) + .to eq(fake_socure_document_capture_app_url) socure_docv_upload_documents( docv_transaction_token: @docv_transaction_token, ) @@ -112,14 +112,14 @@ it 'reuse capture app url when appropriate and creates new when not' do document_capture_session = DocumentCaptureSession.find_by(user_id: @user.id) - expect(document_capture_session.socure_docv_capture_app_url). - to eq(fake_socure_document_capture_app_url) + expect(document_capture_session.socure_docv_capture_app_url) + .to eq(fake_socure_document_capture_app_url) expect(page).to have_current_path(fake_socure_document_capture_app_url) visit idv_socure_document_capture_path expect(page).to have_current_path(idv_socure_document_capture_path) document_capture_session.reload - expect(document_capture_session.socure_docv_capture_app_url). - to eq(fake_socure_document_capture_app_url) + expect(document_capture_session.socure_docv_capture_app_url) + .to eq(fake_socure_document_capture_app_url) fake_capture_app2 = 'https://verify.fake-socure.test/capture2' document_capture_session.socure_docv_capture_app_url = fake_capture_app2 document_capture_session.save @@ -128,8 +128,8 @@ event_type: 'DOCUMENT_FRONT_UPLOADED', ) document_capture_session.reload - expect(document_capture_session.socure_docv_capture_app_url). - to eq(fake_capture_app2) + expect(document_capture_session.socure_docv_capture_app_url) + .to eq(fake_capture_app2) socure_docv_send_webhook( docv_transaction_token: @docv_transaction_token, event_type: 'SESSION_EXPIRED', @@ -139,8 +139,8 @@ visit idv_socure_document_capture_path expect(page).to have_current_path(idv_socure_document_capture_path) document_capture_session.reload - expect(document_capture_session.socure_docv_capture_app_url). - to eq(fake_socure_document_capture_app_url) + expect(document_capture_session.socure_docv_capture_app_url) + .to eq(fake_socure_document_capture_app_url) end end end @@ -148,8 +148,8 @@ context 'network connection errors' do context 'getting the capture path' do before do - allow_any_instance_of(Faraday::Connection).to receive(:post). - and_raise(Faraday::ConnectionFailed) + allow_any_instance_of(Faraday::Connection).to receive(:post) + .and_raise(Faraday::ConnectionFailed) end it 'shows the network error page', js: true do @@ -213,8 +213,8 @@ let(:test_token) { 'valid-test-token' } let(:socure_docv_verification_data_test_mode) { true } before do - allow(IdentityConfig.store).to receive(:socure_docv_verification_data_test_mode_tokens). - and_return([test_token]) + allow(IdentityConfig.store).to receive(:socure_docv_verification_data_test_mode_tokens) + .and_return([test_token]) DocAuth::Mock::DocAuthMockClient.reset! end @@ -376,16 +376,16 @@ def expect_rate_limited_header(expected_to_be_present) allow(IdentityConfig.store).to receive(:in_person_proofing_opt_in_enabled).and_return( in_person_proofing_opt_in_enabled, ) - allow(IdentityConfig.store).to receive(:allowed_biometric_ial_providers). - and_return([service_provider.issuer]) + allow(IdentityConfig.store).to receive(:allowed_biometric_ial_providers) + .and_return([service_provider.issuer]) allow(IdentityConfig.store).to receive( :allowed_valid_authn_contexts_semantic_providers, ).and_return([service_provider.issuer]) - allow_any_instance_of(ServiceProvider).to receive(:in_person_proofing_enabled). - and_return(false) + allow_any_instance_of(ServiceProvider).to receive(:in_person_proofing_enabled) + .and_return(false) allow(IdentityConfig.store).to receive(:socure_docv_enabled).and_return(true) - allow(DocAuthRouter).to receive(:doc_auth_vendor_for_bucket). - and_return(Idp::Constants::Vendors::SOCURE) + allow(DocAuthRouter).to receive(:doc_auth_vendor_for_bucket) + .and_return(Idp::Constants::Vendors::SOCURE) visit_idp_from_sp_with_ial2( :oidc, **{ client_id: service_provider.issuer, diff --git a/spec/features/idv/doc_auth/test_credentials_spec.rb b/spec/features/idv/doc_auth/test_credentials_spec.rb index 849236666e8..f9b5d495e81 100644 --- a/spec/features/idv/doc_auth/test_credentials_spec.rb +++ b/spec/features/idv/doc_auth/test_credentials_spec.rb @@ -61,8 +61,8 @@ def triggers_error_test_credentials_missing(credential_file, alert_message) it 'rate limits the user if invalid credentials submitted for max allowed attempts', allow_browser_log: true do - allow(IdentityConfig.store).to receive(:doc_auth_check_failed_image_resubmission_enabled). - and_return(false) + allow(IdentityConfig.store).to receive(:doc_auth_check_failed_image_resubmission_enabled) + .and_return(false) max_attempts = IdentityConfig.store.doc_auth_max_attempts (max_attempts - 1).times do complete_document_capture_step_with_yml( diff --git a/spec/features/idv/doc_auth/verify_info_step_spec.rb b/spec/features/idv/doc_auth/verify_info_step_spec.rb index 86960660722..131b034ce74 100644 --- a/spec/features/idv/doc_auth/verify_info_step_spec.rb +++ b/spec/features/idv/doc_auth/verify_info_step_spec.rb @@ -122,8 +122,8 @@ context 'resolution rate limiting' do let(:max_resolution_attempts) { 3 } before do - allow(IdentityConfig.store).to receive(:idv_max_attempts). - and_return(max_resolution_attempts) + allow(IdentityConfig.store).to receive(:idv_max_attempts) + .and_return(max_resolution_attempts) fill_out_ssn_form_with_ssn_that_fails_resolution click_idv_continue @@ -183,11 +183,11 @@ let(:max_ssn_attempts) { 3 } before do - allow(IdentityConfig.store).to receive(:idv_max_attempts). - and_return(max_resolution_attempts) + allow(IdentityConfig.store).to receive(:idv_max_attempts) + .and_return(max_resolution_attempts) - allow(IdentityConfig.store).to receive(:proof_ssn_max_attempts). - and_return(max_ssn_attempts) + allow(IdentityConfig.store).to receive(:proof_ssn_max_attempts) + .and_return(max_ssn_attempts) fill_out_ssn_form_with_ssn_that_fails_resolution click_idv_continue @@ -283,8 +283,8 @@ it 'allows resubmitting form' do complete_ssn_step - allow(DocumentCaptureSession).to receive(:find_by). - and_return(nil) + allow(DocumentCaptureSession).to receive(:find_by) + .and_return(nil) complete_verify_step expect(fake_analytics).to have_logged_event('IdV: proofing resolution result missing') @@ -300,8 +300,8 @@ it 'allows resubmitting form' do complete_ssn_step - allow(DocumentCaptureSession).to receive(:find_by). - and_return(nil) + allow(DocumentCaptureSession).to receive(:find_by) + .and_return(nil) complete_verify_step expect(page).to have_content(t('idv.failure.timeout')) diff --git a/spec/features/idv/end_to_end_idv_spec.rb b/spec/features/idv/end_to_end_idv_spec.rb index 8c516ce67bd..505e181763e 100644 --- a/spec/features/idv/end_to_end_idv_spec.rb +++ b/spec/features/idv/end_to_end_idv_spec.rb @@ -123,8 +123,8 @@ before do allow(IdentityConfig.store).to receive(:in_person_proofing_enabled).and_return(true) - ServiceProvider.find_by(issuer: service_provider_issuer(sp)). - update(in_person_proofing_enabled: true) + ServiceProvider.find_by(issuer: service_provider_issuer(sp)) + .update(in_person_proofing_enabled: true) end scenario 'In person proofing', allow_browser_log: true do @@ -187,8 +187,8 @@ def validate_agreement_page end def validate_hybrid_handoff_page - allow_any_instance_of(Idv::HybridHandoffController).to receive(:mobile_device?). - and_return(false) + allow_any_instance_of(Idv::HybridHandoffController).to receive(:mobile_device?) + .and_return(false) expect(page).to have_current_path(idv_hybrid_handoff_path) @@ -200,8 +200,8 @@ def validate_hybrid_handoff_page # defaults phone to user's 2fa phone number field = page.find_field(t('two_factor_authentication.phone_label')) - expect(same_phone?(field.value, Features::SessionHelper::IAL1_USER_PHONE)). - to be true + expect(same_phone?(field.value, Features::SessionHelper::IAL1_USER_PHONE)) + .to be true end def validate_document_capture_page diff --git a/spec/features/idv/hybrid_mobile/entry_spec.rb b/spec/features/idv/hybrid_mobile/entry_spec.rb index 4c43e0b5bfc..408c91908ca 100644 --- a/spec/features/idv/hybrid_mobile/entry_spec.rb +++ b/spec/features/idv/hybrid_mobile/entry_spec.rb @@ -43,8 +43,8 @@ context 'when socure is the doc auth vendor' do before do - allow(DocAuthRouter).to receive(:doc_auth_vendor_for_bucket). - and_return(Idp::Constants::Vendors::SOCURE) + allow(DocAuthRouter).to receive(:doc_auth_vendor_for_bucket) + .and_return(Idp::Constants::Vendors::SOCURE) stub_docv_document_request end diff --git a/spec/features/idv/hybrid_mobile/hybrid_socure_mobile_spec.rb b/spec/features/idv/hybrid_mobile/hybrid_socure_mobile_spec.rb index 4560fa0d52e..f96d46d215c 100644 --- a/spec/features/idv/hybrid_mobile/hybrid_socure_mobile_spec.rb +++ b/spec/features/idv/hybrid_mobile/hybrid_socure_mobile_spec.rb @@ -15,18 +15,18 @@ before do allow(FeatureManagement).to receive(:doc_capture_polling_enabled?).and_return(true) allow(IdentityConfig.store).to receive(:socure_docv_enabled).and_return(true) - allow(DocAuthRouter).to receive(:doc_auth_vendor_for_bucket). - and_return(Idp::Constants::Vendors::SOCURE) + allow(DocAuthRouter).to receive(:doc_auth_vendor_for_bucket) + .and_return(Idp::Constants::Vendors::SOCURE) allow(IdentityConfig.store).to receive(:use_vot_in_sp_requests).and_return(true) allow(IdentityConfig.store).to receive(:ruby_workers_idv_enabled).and_return(false) - allow(IdentityConfig.store).to receive(:socure_docv_document_request_endpoint). - and_return(fake_socure_docv_document_request_endpoint) + allow(IdentityConfig.store).to receive(:socure_docv_document_request_endpoint) + .and_return(fake_socure_docv_document_request_endpoint) allow(Telephony).to receive(:send_doc_auth_link).and_wrap_original do |impl, config| @sms_link = config[:link] impl.call(**config) end.at_least(1).times - allow(IdentityConfig.store).to receive(:socure_docv_verification_data_test_mode). - and_return(socure_docv_verification_data_test_mode) + allow(IdentityConfig.store).to receive(:socure_docv_verification_data_test_mode) + .and_return(socure_docv_verification_data_test_mode) @docv_transaction_token = stub_docv_document_request stub_analytics end @@ -262,8 +262,8 @@ let(:test_token) { 'valid-test-token' } let(:socure_docv_verification_data_test_mode) { true } before do - allow(IdentityConfig.store).to receive(:socure_docv_verification_data_test_mode_tokens). - and_return([test_token]) + allow(IdentityConfig.store).to receive(:socure_docv_verification_data_test_mode_tokens) + .and_return([test_token]) DocAuth::Mock::DocAuthMockClient.reset! end @@ -420,8 +420,8 @@ context 'with a network error requesting the capture app url' do before do - allow_any_instance_of(Faraday::Connection).to receive(:post). - and_raise(Faraday::ConnectionFailed) + allow_any_instance_of(Faraday::Connection).to receive(:post) + .and_raise(Faraday::ConnectionFailed) end it 'shows the network error page on the phone and the link sent page on the desktop', diff --git a/spec/features/idv/in_person_spec.rb b/spec/features/idv/in_person_spec.rb index c5af6f91e50..d1ee9670f03 100644 --- a/spec/features/idv/in_person_spec.rb +++ b/spec/features/idv/in_person_spec.rb @@ -117,9 +117,9 @@ deadline = nil freeze_time do acknowledge_and_confirm_personal_key - deadline = (Time.zone.now + IdentityConfig.store.in_person_enrollment_validity_in_days.days). - in_time_zone(Idv::InPerson::ReadyToVerifyPresenter::USPS_SERVER_TIMEZONE). - strftime(t('time.formats.event_date')) + deadline = (Time.zone.now + IdentityConfig.store.in_person_enrollment_validity_in_days.days) + .in_time_zone(Idv::InPerson::ReadyToVerifyPresenter::USPS_SERVER_TIMEZONE) + .strftime(t('time.formats.event_date')) end # ready to verify page @@ -211,8 +211,8 @@ let(:sp) { service_provider } it 'sends a survey when they share information with that partner', allow_browser_log: true do - expect(last_email.html_part.body). - to have_selector( + expect(last_email.html_part.body) + .to have_selector( "a[href='#{IdentityConfig.store.in_person_opt_in_available_completion_survey_url}']", ) end @@ -470,9 +470,9 @@ freeze_time do acknowledge_and_confirm_personal_key deadline = (Time.zone.now + - IdentityConfig.store.in_person_enrollment_validity_in_days.days). - in_time_zone(Idv::InPerson::ReadyToVerifyPresenter::USPS_SERVER_TIMEZONE). - strftime(t('time.formats.event_date')) + IdentityConfig.store.in_person_enrollment_validity_in_days.days) + .in_time_zone(Idv::InPerson::ReadyToVerifyPresenter::USPS_SERVER_TIMEZONE) + .strftime(t('time.formats.event_date')) end # ready to verify page diff --git a/spec/features/idv/in_person_threatmetrix_spec.rb b/spec/features/idv/in_person_threatmetrix_spec.rb index 6747cd4cbbc..af9cb2644c2 100644 --- a/spec/features/idv/in_person_threatmetrix_spec.rb +++ b/spec/features/idv/in_person_threatmetrix_spec.rb @@ -26,8 +26,8 @@ before do allow(IdentityConfig.store).to receive(:in_person_proofing_enabled).and_return(true) allow(IdentityConfig.store).to receive(:in_person_proofing_enforce_tmx).and_return(true) - ServiceProvider.find_by(issuer: service_provider_issuer(sp)). - update(in_person_proofing_enabled: true) + ServiceProvider.find_by(issuer: service_provider_issuer(sp)) + .update(in_person_proofing_enabled: true) end def deactivate_profile_update_enrollment(status:) @@ -141,9 +141,9 @@ def deactivate_profile_update_enrollment(status:) freeze_time do acknowledge_and_confirm_personal_key deadline = (Time.zone.now + - IdentityConfig.store.in_person_enrollment_validity_in_days.days). - in_time_zone(Idv::InPerson::ReadyToVerifyPresenter::USPS_SERVER_TIMEZONE). - strftime(t('time.formats.event_date')) + IdentityConfig.store.in_person_enrollment_validity_in_days.days) + .in_time_zone(Idv::InPerson::ReadyToVerifyPresenter::USPS_SERVER_TIMEZONE) + .strftime(t('time.formats.event_date')) end # ready to verify page diff --git a/spec/features/idv/outage_spec.rb b/spec/features/idv/outage_spec.rb index e7025c608f2..918382a504b 100644 --- a/spec/features/idv/outage_spec.rb +++ b/spec/features/idv/outage_spec.rb @@ -52,13 +52,13 @@ def sign_in_with_idv_required(user:, sms_or_totp: :sms) # Wire up various let()s to configuration keys vendors.each do |service| vendor_status_key = :"vendor_status_#{service}" - allow(IdentityConfig.store).to receive(vendor_status_key). - and_return(send(vendor_status_key)) + allow(IdentityConfig.store).to receive(vendor_status_key) + .and_return(send(vendor_status_key)) end config_flags.each do |key| - allow(IdentityConfig.store).to receive(key). - and_return(send(key)) + allow(IdentityConfig.store).to receive(key) + .and_return(send(key)) end end @@ -263,10 +263,10 @@ def sign_in_with_idv_required(user:, sms_or_totp: :sms) context 'during an IDV maintenance window', js: true do before do - allow(IdentityConfig.store).to receive(:vendor_status_idv_scheduled_maintenance_start). - and_return('2023-01-01T00:00:00Z') - allow(IdentityConfig.store).to receive(:vendor_status_idv_scheduled_maintenance_finish). - and_return('2023-01-01T23:59:59Z') + allow(IdentityConfig.store).to receive(:vendor_status_idv_scheduled_maintenance_start) + .and_return('2023-01-01T00:00:00Z') + allow(IdentityConfig.store).to receive(:vendor_status_idv_scheduled_maintenance_finish) + .and_return('2023-01-01T23:59:59Z') travel_to(Time.zone.parse('2023-01-01T12:00:00Z')) end diff --git a/spec/features/idv/pending_profile_password_reset_spec.rb b/spec/features/idv/pending_profile_password_reset_spec.rb index bc42be34212..fcbe3c719f1 100644 --- a/spec/features/idv/pending_profile_password_reset_spec.rb +++ b/spec/features/idv/pending_profile_password_reset_spec.rb @@ -5,8 +5,8 @@ let(:sp_name) { 'Test SP' } before do - allow_any_instance_of(ServiceProviderSession).to receive(:sp_name). - and_return(sp_name) + allow_any_instance_of(ServiceProviderSession).to receive(:sp_name) + .and_return(sp_name) end scenario 'while GPO pending requires the user to reproof' do diff --git a/spec/features/idv/phone_otp_rate_limiting_spec.rb b/spec/features/idv/phone_otp_rate_limiting_spec.rb index c5d3c14ba72..35d9426b8ef 100644 --- a/spec/features/idv/phone_otp_rate_limiting_spec.rb +++ b/spec/features/idv/phone_otp_rate_limiting_spec.rb @@ -28,8 +28,8 @@ let(:max_attempts) { 2 } before do - allow(IdentityConfig.store).to receive(:login_otp_confirmation_max_attempts). - and_return(max_attempts) + allow(IdentityConfig.store).to receive(:login_otp_confirmation_max_attempts) + .and_return(max_attempts) end it 'rate limits otp attempts at the otp verification step' do @@ -42,8 +42,8 @@ end expect(page).to have_content t('titles.account_locked') - expect(page). - to have_content t('two_factor_authentication.max_otp_login_attempts_reached') + expect(page) + .to have_content t('two_factor_authentication.max_otp_login_attempts_reached') expect_rate_limit_circumvention_to_be_disallowed(user) expect_rate_limit_to_expire(user) diff --git a/spec/features/idv/proofing_components_spec.rb b/spec/features/idv/proofing_components_spec.rb index 19975e08a5d..70268b77ed1 100644 --- a/spec/features/idv/proofing_components_spec.rb +++ b/spec/features/idv/proofing_components_spec.rb @@ -10,8 +10,8 @@ let(:user) { User.find_with_email(email) } before do - allow(IdentityConfig.store).to receive(:ruby_workers_idv_enabled). - and_return(ruby_workers_idv_enabled) + allow(IdentityConfig.store).to receive(:ruby_workers_idv_enabled) + .and_return(ruby_workers_idv_enabled) visit_idp_from_sp_with_ial2(:oidc) register_user(email) diff --git a/spec/features/idv/steps/enter_code_step_spec.rb b/spec/features/idv/steps/enter_code_step_spec.rb index a7b0a6a423a..379558fc413 100644 --- a/spec/features/idv/steps/enter_code_step_spec.rb +++ b/spec/features/idv/steps/enter_code_step_spec.rb @@ -28,8 +28,8 @@ let(:fraud_review_pending) { false } before do - allow(IdentityConfig.store).to receive(:proofing_device_profiling). - and_return(threatmetrix_enabled ? :enabled : :disabled) + allow(IdentityConfig.store).to receive(:proofing_device_profiling) + .and_return(threatmetrix_enabled ? :enabled : :disabled) end it_behaves_like 'verification code entry' diff --git a/spec/features/idv/steps/enter_password_step_spec.rb b/spec/features/idv/steps/enter_password_step_spec.rb index 314af4c9ac5..c76b9a93691 100644 --- a/spec/features/idv/steps/enter_password_step_spec.rb +++ b/spec/features/idv/steps/enter_password_step_spec.rb @@ -42,11 +42,11 @@ gpo_confirmation_entry = GpoConfirmation.last.entry if sp == :saml - expect(gpo_confirmation_entry[:issuer]). - to eq(sp1_issuer) + expect(gpo_confirmation_entry[:issuer]) + .to eq(sp1_issuer) else - expect(gpo_confirmation_entry[:issuer]). - to eq('urn:gov:gsa:openidconnect:sp:server') + expect(gpo_confirmation_entry[:issuer]) + .to eq('urn:gov:gsa:openidconnect:sp:server') end end end @@ -69,8 +69,8 @@ def sends_letter_creates_unverified_profile_sends_email email_count_before_continue = ActionMailer::Base.deliveries.count - expect { click_continue }. - to change { GpoConfirmation.count }.by(1) + expect { click_continue } + .to change { GpoConfirmation.count }.by(1) expect_delivered_email_count(email_count_before_continue + 1) expect(last_email.subject).to eq(t('user_mailer.verify_by_mail_letter_requested.subject')) diff --git a/spec/features/idv/steps/in_person/address_spec.rb b/spec/features/idv/steps/in_person/address_spec.rb index 42d5cbabb04..1fdd88b757b 100644 --- a/spec/features/idv/steps/in_person/address_spec.rb +++ b/spec/features/idv/steps/in_person/address_spec.rb @@ -82,8 +82,8 @@ context 'transliterable Validation' do before do - allow(IdentityConfig.store).to receive(:usps_ipp_transliteration_enabled). - and_return(true) + allow(IdentityConfig.store).to receive(:usps_ipp_transliteration_enabled) + .and_return(true) end it 'shows validation errors', diff --git a/spec/features/idv/steps/in_person/state_id_spec.rb b/spec/features/idv/steps/in_person/state_id_spec.rb index 7572eba495b..25a883e38fa 100644 --- a/spec/features/idv/steps/in_person/state_id_spec.rb +++ b/spec/features/idv/steps/in_person/state_id_spec.rb @@ -311,8 +311,8 @@ context 'transliterable validation' do before do - allow(IdentityConfig.store).to receive(:usps_ipp_transliteration_enabled). - and_return(true) + allow(IdentityConfig.store).to receive(:usps_ipp_transliteration_enabled) + .and_return(true) end it 'shows validation errors', diff --git a/spec/features/idv/steps/in_person/verify_info_spec.rb b/spec/features/idv/steps/in_person/verify_info_spec.rb index 29cf6a5eb1b..03d74790679 100644 --- a/spec/features/idv/steps/in_person/verify_info_spec.rb +++ b/spec/features/idv/steps/in_person/verify_info_spec.rb @@ -12,8 +12,8 @@ before do allow(IdentityConfig.store).to receive(:in_person_proofing_enabled).and_return(true) allow_any_instance_of(ApplicationController).to receive(:analytics).and_return(fake_analytics) - allow(user).to receive(:enrollment). - and_return(enrollment) + allow(user).to receive(:enrollment) + .and_return(enrollment) end context 'when visiting verify info for the first time' do diff --git a/spec/features/idv/steps/in_person_opt_in_ipp_spec.rb b/spec/features/idv/steps/in_person_opt_in_ipp_spec.rb index c9068552a2d..5eb11e2e7d3 100644 --- a/spec/features/idv/steps/in_person_opt_in_ipp_spec.rb +++ b/spec/features/idv/steps/in_person_opt_in_ipp_spec.rb @@ -21,8 +21,8 @@ before do allow(IdentityConfig.store).to receive(:proofing_device_profiling).and_return(:enabled) allow(IdentityConfig.store).to receive(:lexisnexis_threatmetrix_org_id).and_return(org) - allow_any_instance_of(ServiceProvider).to receive(:in_person_proofing_enabled). - and_return(true) + allow_any_instance_of(ServiceProvider).to receive(:in_person_proofing_enabled) + .and_return(true) end it 'allows the user to continue down the happy path selecting to opt in', @@ -102,9 +102,9 @@ freeze_time do acknowledge_and_confirm_personal_key deadline = (Time.zone.now + - IdentityConfig.store.in_person_enrollment_validity_in_days.days). - in_time_zone(Idv::InPerson::ReadyToVerifyPresenter::USPS_SERVER_TIMEZONE). - strftime(t('time.formats.event_date')) + IdentityConfig.store.in_person_enrollment_validity_in_days.days) + .in_time_zone(Idv::InPerson::ReadyToVerifyPresenter::USPS_SERVER_TIMEZONE) + .strftime(t('time.formats.event_date')) end # ready to verify page @@ -244,9 +244,9 @@ freeze_time do acknowledge_and_confirm_personal_key deadline = - (Time.zone.now + IdentityConfig.store.in_person_enrollment_validity_in_days.days). - in_time_zone(Idv::InPerson::ReadyToVerifyPresenter::USPS_SERVER_TIMEZONE). - strftime(t('time.formats.event_date')) + (Time.zone.now + IdentityConfig.store.in_person_enrollment_validity_in_days.days) + .in_time_zone(Idv::InPerson::ReadyToVerifyPresenter::USPS_SERVER_TIMEZONE) + .strftime(t('time.formats.event_date')) end # ready to verify page @@ -294,8 +294,8 @@ before do allow(IdentityConfig.store).to receive(:proofing_device_profiling).and_return(:enabled) allow(IdentityConfig.store).to receive(:lexisnexis_threatmetrix_org_id).and_return(org) - allow_any_instance_of(ServiceProvider).to receive(:in_person_proofing_enabled). - and_return(false) + allow_any_instance_of(ServiceProvider).to receive(:in_person_proofing_enabled) + .and_return(false) end it 'skips how to verify and goes to hybrid_handoff' do @@ -410,9 +410,9 @@ freeze_time do acknowledge_and_confirm_personal_key deadline = - (Time.zone.now + IdentityConfig.store.in_person_enrollment_validity_in_days.days). - in_time_zone(Idv::InPerson::ReadyToVerifyPresenter::USPS_SERVER_TIMEZONE). - strftime(t('time.formats.event_date')) + (Time.zone.now + IdentityConfig.store.in_person_enrollment_validity_in_days.days) + .in_time_zone(Idv::InPerson::ReadyToVerifyPresenter::USPS_SERVER_TIMEZONE) + .strftime(t('time.formats.event_date')) end # ready to verify page @@ -462,8 +462,8 @@ before do allow(IdentityConfig.store).to receive(:in_person_proofing_enabled) { false } allow(IdentityConfig.store).to receive(:in_person_proofing_opt_in_enabled) { true } - allow_any_instance_of(ServiceProvider).to receive(:in_person_proofing_enabled). - and_return(true) + allow_any_instance_of(ServiceProvider).to receive(:in_person_proofing_enabled) + .and_return(true) end it 'skips how to verify and continues along the normal path' do diff --git a/spec/features/idv/steps/resend_letter_step_spec.rb b/spec/features/idv/steps/resend_letter_step_spec.rb index 1d4a4fe1337..fb3eb7f16c1 100644 --- a/spec/features/idv/steps/resend_letter_step_spec.rb +++ b/spec/features/idv/steps/resend_letter_step_spec.rb @@ -9,12 +9,12 @@ let(:max_days_before_resend_disabled) { 30 } before do - allow(IdentityConfig.store).to receive(:minimum_wait_before_another_usps_letter_in_hours). - and_return(minimum_wait_for_letter) - allow(IdentityConfig.store).to receive(:gpo_max_profile_age_to_send_letter_in_days). - and_return(max_days_before_resend_disabled) - allow(IdentityConfig.store).to receive(:second_mfa_reminder_account_age_in_days). - and_return(days_passed + 1) + allow(IdentityConfig.store).to receive(:minimum_wait_before_another_usps_letter_in_hours) + .and_return(minimum_wait_for_letter) + allow(IdentityConfig.store).to receive(:gpo_max_profile_age_to_send_letter_in_days) + .and_return(max_days_before_resend_disabled) + allow(IdentityConfig.store).to receive(:second_mfa_reminder_account_age_in_days) + .and_return(days_passed + 1) end let(:user) { user_with_2fa } @@ -71,8 +71,8 @@ click_on t('idv.messages.gpo.resend') # And then actually ask for a resend - expect { click_on t('idv.gpo.request_another_letter.button') }. - to change { GpoConfirmation.count }.from(1).to(2) + expect { click_on t('idv.gpo.request_another_letter.button') } + .to change { GpoConfirmation.count }.from(1).to(2) expect_user_to_be_unverified(user) expect(page).to have_content(t('idv.messages.gpo.another_letter_on_the_way')) expect(page).to have_content(t('idv.titles.come_back_later')) diff --git a/spec/features/openid_connect/authorization_confirmation_spec.rb b/spec/features/openid_connect/authorization_confirmation_spec.rb index d7da4869098..f95566dcaa4 100644 --- a/spec/features/openid_connect/authorization_confirmation_spec.rb +++ b/spec/features/openid_connect/authorization_confirmation_spec.rb @@ -56,8 +56,8 @@ def create_user_and_remember_device context 'with client-side javascript redirect' do before do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('client_side_js') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('client_side_js') end it_behaves_like 'signin email after signing in again' diff --git a/spec/features/openid_connect/openid_connect_spec.rb b/spec/features/openid_connect/openid_connect_spec.rb index 35ee5556c11..7afa1895245 100644 --- a/spec/features/openid_connect/openid_connect_spec.rb +++ b/spec/features/openid_connect/openid_connect_spec.rb @@ -125,8 +125,8 @@ end it 'auto-allows with a second authorization and redirect_uris in CSP headers if enabled' do - allow(IdentityConfig.store).to receive(:openid_connect_content_security_form_action_enabled). - and_return(true) + allow(IdentityConfig.store).to receive(:openid_connect_content_security_form_action_enabled) + .and_return(true) client_id = 'urn:gov:gsa:openidconnect:sp:server' service_provider = build(:service_provider, issuer: client_id) user = user_with_2fa @@ -137,8 +137,8 @@ visit_idp_from_ial1_oidc_sp(client_id: client_id, prompt: 'select_account') sign_in_user(user) - expect(page.response_headers['Content-Security-Policy']). - to(include('form-action \'self\' http://localhost:7654 https://example.com')) + expect(page.response_headers['Content-Security-Policy']) + .to(include('form-action \'self\' http://localhost:7654 https://example.com')) fill_in_code_with_last_phone_otp click_submit_default @@ -148,8 +148,8 @@ end it 'auto-allows with a second authorization and blank CSP headers if not enabled' do - allow(IdentityConfig.store).to receive(:openid_connect_content_security_form_action_enabled). - and_return(false) + allow(IdentityConfig.store).to receive(:openid_connect_content_security_form_action_enabled) + .and_return(false) client_id = 'urn:gov:gsa:openidconnect:sp:server' service_provider = build(:service_provider, issuer: client_id) user = user_with_2fa @@ -160,8 +160,8 @@ visit_idp_from_ial1_oidc_sp(client_id: client_id, prompt: 'select_account') sign_in_user(user) - expect(page.response_headers['Content-Security-Policy']). - to(include('form-action \'self\'')) + expect(page.response_headers['Content-Security-Policy']) + .to(include('form-action \'self\'')) fill_in_code_with_last_phone_otp click_submit_default @@ -171,8 +171,8 @@ end it 'auto-allows and includes redirect_uris in CSP headers if enabled after an incorrect OTP' do - allow(IdentityConfig.store).to receive(:openid_connect_content_security_form_action_enabled). - and_return(true) + allow(IdentityConfig.store).to receive(:openid_connect_content_security_form_action_enabled) + .and_return(true) client_id = 'urn:gov:gsa:openidconnect:sp:server' service_provider = build(:service_provider, issuer: client_id) @@ -184,15 +184,15 @@ visit_idp_from_ial1_oidc_sp(client_id: client_id, prompt: 'select_account') sign_in_user(user) - expect(page.response_headers['Content-Security-Policy']). - to(include('form-action \'self\' http://localhost:7654 https://example.com')) + expect(page.response_headers['Content-Security-Policy']) + .to(include('form-action \'self\' http://localhost:7654 https://example.com')) fill_in :code, with: 'wrong otp' click_submit_default expect(page).to have_content(t('two_factor_authentication.invalid_otp')) - expect(page.response_headers['Content-Security-Policy']). - to(include('form-action \'self\' http://localhost:7654 https://example.com')) + expect(page.response_headers['Content-Security-Policy']) + .to(include('form-action \'self\' http://localhost:7654 https://example.com')) fill_in_code_with_last_phone_otp click_submit_default @@ -202,8 +202,8 @@ end it 'auto-allows and blank CSP headers if disabled after an incorrect OTP' do - allow(IdentityConfig.store).to receive(:openid_connect_content_security_form_action_enabled). - and_return(true) + allow(IdentityConfig.store).to receive(:openid_connect_content_security_form_action_enabled) + .and_return(true) client_id = 'urn:gov:gsa:openidconnect:sp:server' service_provider = build(:service_provider, issuer: client_id) @@ -215,15 +215,15 @@ visit_idp_from_ial1_oidc_sp(client_id: client_id, prompt: 'select_account') sign_in_user(user) - expect(page.response_headers['Content-Security-Policy']). - to(include('form-action \'self\'')) + expect(page.response_headers['Content-Security-Policy']) + .to(include('form-action \'self\'')) fill_in :code, with: 'wrong otp' click_submit_default expect(page).to have_content(t('two_factor_authentication.invalid_otp')) - expect(page.response_headers['Content-Security-Policy']). - to(include('form-action \'self\'')) + expect(page.response_headers['Content-Security-Policy']) + .to(include('form-action \'self\'')) fill_in_code_with_last_phone_otp click_submit_default @@ -307,8 +307,8 @@ context 'when accepting id_token_hint in logout' do before do - allow(IdentityConfig.store).to receive(:reject_id_token_hint_in_logout). - and_return(false) + allow(IdentityConfig.store).to receive(:reject_id_token_hint_in_logout) + .and_return(false) end context 'when sending id_token_hint' do @@ -357,8 +357,8 @@ post_logout_redirect_uri: 'gov.gsa.openidconnect.test://result/signout', state: state, ) - expect(page.response_headers['Content-Security-Policy']). - to(include('form-action \'self\' gov.gsa.openidconnect.test:')) + expect(page.response_headers['Content-Security-Policy']) + .to(include('form-action \'self\' gov.gsa.openidconnect.test:')) expect(page).to have_content( t( 'openid_connect.logout.heading_with_sp', @@ -423,8 +423,8 @@ context 'when rejecting id_token_hint in logout' do before do - allow(IdentityConfig.store).to receive(:reject_id_token_hint_in_logout). - and_return(true) + allow(IdentityConfig.store).to receive(:reject_id_token_hint_in_logout) + .and_return(true) end it 'logout destroys the session when confirming logout' do @@ -571,8 +571,8 @@ it 'errors if verified_within param is too recent', driver: :mobile_rack_test do client_id = 'urn:gov:gsa:openidconnect:test' - allow(IdentityConfig.store).to receive(:allowed_verified_within_providers). - and_return([client_id]) + allow(IdentityConfig.store).to receive(:allowed_verified_within_providers) + .and_return([client_id]) state = SecureRandom.hex nonce = SecureRandom.hex code_verifier = SecureRandom.hex @@ -597,14 +597,14 @@ redirect_params = UriService.params(oidc_redirect_url) expect(redirect_params[:error]).to eq('invalid_request') - expect(redirect_params[:error_description]). - to include('Verified within value must be at least 30 days or older') + expect(redirect_params[:error_description]) + .to include('Verified within value must be at least 30 days or older') end it 'sends the user through idv again via verified_within param', :js do client_id = 'urn:gov:gsa:openidconnect:sp:server' - allow(IdentityConfig.store).to receive(:allowed_verified_within_providers). - and_return([client_id]) + allow(IdentityConfig.store).to receive(:allowed_verified_within_providers) + .and_return([client_id]) user = user_with_2fa _profile = create( @@ -1047,8 +1047,8 @@ click_agree_and_continue expect(current_url).to eq new_user_session_url - expect(page). - to have_content t('instructions.go_back_to_mobile_app', friendly_name: 'Example iOS App') + expect(page) + .to have_content t('instructions.go_back_to_mobile_app', friendly_name: 'Example iOS App') end end end diff --git a/spec/features/openid_connect/redirect_uri_validation_spec.rb b/spec/features/openid_connect/redirect_uri_validation_spec.rb index 9815881d9d1..693bc943522 100644 --- a/spec/features/openid_connect/redirect_uri_validation_spec.rb +++ b/spec/features/openid_connect/redirect_uri_validation_spec.rb @@ -9,8 +9,8 @@ current_host = URI.parse(page.current_url).host expect(current_host).to eq 'www.example.com' - expect(page). - to have_content t('openid_connect.authorization.errors.redirect_uri_no_match') + expect(page) + .to have_content t('openid_connect.authorization.errors.redirect_uri_no_match') end end @@ -20,8 +20,8 @@ current_host = URI.parse(page.current_url).host expect(current_host).to eq 'www.example.com' - expect(page). - to have_content t('openid_connect.authorization.errors.redirect_uri_invalid') + expect(page) + .to have_content t('openid_connect.authorization.errors.redirect_uri_invalid') end end @@ -33,8 +33,8 @@ expect(current_host).to eq 'www.example.com' expect(current_path).to eq '/errors/service_provider_inactive' - expect(page). - to have_content t( + expect(page) + .to have_content t( 'service_providers.errors.inactive.heading', sp_name: 'Example iOS App (inactive)', app_name: APP_NAME, @@ -48,8 +48,8 @@ current_host = URI.parse(page.current_url).host expect(current_host).to eq 'www.example.com' - expect(page). - to have_content t('openid_connect.authorization.errors.bad_client_id') + expect(page) + .to have_content t('openid_connect.authorization.errors.bad_client_id') end end @@ -90,22 +90,22 @@ current_host = URI.parse(page.current_url).host expect(current_host).to eq 'www.example.com' - expect(page). - to have_content t('openid_connect.authorization.errors.bad_client_id') + expect(page) + .to have_content t('openid_connect.authorization.errors.bad_client_id') visit_idp_from_sp_with_ial1_with_invalid_redirect_uri current_host = URI.parse(page.current_url).host expect(current_host).to eq 'www.example.com' - expect(page). - to have_content t('openid_connect.authorization.errors.redirect_uri_invalid') + expect(page) + .to have_content t('openid_connect.authorization.errors.redirect_uri_invalid') visit_idp_from_sp_with_ial1_with_disallowed_redirect_uri current_host = URI.parse(page.current_url).host expect(current_host).to eq 'www.example.com' - expect(page). - to have_content t('openid_connect.authorization.errors.redirect_uri_no_match') + expect(page) + .to have_content t('openid_connect.authorization.errors.redirect_uri_no_match') end end @@ -122,22 +122,22 @@ current_host = URI.parse(page.current_url).host expect(current_host).to eq 'www.example.com' - expect(page). - to have_content t('openid_connect.authorization.errors.bad_client_id') + expect(page) + .to have_content t('openid_connect.authorization.errors.bad_client_id') visit_idp_from_sp_with_ial1_with_invalid_redirect_uri current_host = URI.parse(page.current_url).host expect(current_host).to eq 'www.example.com' - expect(page). - to have_content t('openid_connect.authorization.errors.redirect_uri_invalid') + expect(page) + .to have_content t('openid_connect.authorization.errors.redirect_uri_invalid') visit_idp_from_sp_with_ial1_with_disallowed_redirect_uri current_host = URI.parse(page.current_url).host expect(current_host).to eq 'www.example.com' - expect(page). - to have_content t('openid_connect.authorization.errors.redirect_uri_no_match') + expect(page) + .to have_content t('openid_connect.authorization.errors.redirect_uri_no_match') end end @@ -166,8 +166,8 @@ current_host = URI.parse(page.current_url).host expect(current_host).to eq 'www.example.com' - expect(page). - to have_content t('openid_connect.authorization.errors.redirect_uri_no_match') + expect(page) + .to have_content t('openid_connect.authorization.errors.redirect_uri_no_match') visit new_user_session_path fill_in_credentials_and_submit(user.email, user.password) diff --git a/spec/features/openid_connect/vtr_spec.rb b/spec/features/openid_connect/vtr_spec.rb index 95b8281afbb..24cefe11000 100644 --- a/spec/features/openid_connect/vtr_spec.rb +++ b/spec/features/openid_connect/vtr_spec.rb @@ -6,8 +6,8 @@ include WebAuthnHelper before do - allow(IdentityConfig.store).to receive(:use_vot_in_sp_requests). - and_return(true) + allow(IdentityConfig.store).to receive(:use_vot_in_sp_requests) + .and_return(true) end scenario 'sign in with VTR request for authentication' do diff --git a/spec/features/phone/default_phone_selection_spec.rb b/spec/features/phone/default_phone_selection_spec.rb index 40340bda191..23dd10e4e47 100644 --- a/spec/features/phone/default_phone_selection_spec.rb +++ b/spec/features/phone/default_phone_selection_spec.rb @@ -129,8 +129,8 @@ end def submit_prefilled_otp_code(user, delivery_preference) - expect(current_path). - to eq login_two_factor_path(otp_delivery_preference: delivery_preference) + expect(current_path) + .to eq login_two_factor_path(otp_delivery_preference: delivery_preference) fill_in('code', with: user.reload.direct_otp) click_button t('forms.buttons.submit.default') end diff --git a/spec/features/remember_device/sp_expiration_spec.rb b/spec/features/remember_device/sp_expiration_spec.rb index 99af39df96f..d09effa271b 100644 --- a/spec/features/remember_device/sp_expiration_spec.rb +++ b/spec/features/remember_device/sp_expiration_spec.rb @@ -110,8 +110,9 @@ def visit_sp(protocol, aal) before do allow(IdentityConfig.store).to receive(:otp_delivery_blocklist_maxretry).and_return(1000) - allow(IdentityConfig.store).to receive(:second_mfa_reminder_account_age_in_days). - and_return([aal1_remember_device_expiration, aal2_remember_device_expiration].max.in_days + 2) + allow(IdentityConfig.store).to receive(:second_mfa_reminder_account_age_in_days) + .and_return([aal1_remember_device_expiration, + aal2_remember_device_expiration].max.in_days + 2) ServiceProvider.find_by(issuer: OidcAuthHelper::OIDC_IAL1_ISSUER).update!( default_aal: aal, diff --git a/spec/features/remember_device/webauthn_spec.rb b/spec/features/remember_device/webauthn_spec.rb index 70d2ad62b85..c826fca2bec 100644 --- a/spec/features/remember_device/webauthn_spec.rb +++ b/spec/features/remember_device/webauthn_spec.rb @@ -98,9 +98,9 @@ def remember_device_and_sign_out_user context 'sign up' do before do - allow(IdentityConfig.store). - to receive(:show_unsupported_passkey_platform_authentication_setup). - and_return(true) + allow(IdentityConfig.store) + .to receive(:show_unsupported_passkey_platform_authentication_setup) + .and_return(true) end def click_2fa_option(option) @@ -127,8 +127,8 @@ def remember_device_and_sign_out_user click_continue - expect(page). - to have_content t('headings.add_info.phone') + expect(page) + .to have_content t('headings.add_info.phone') expect(current_path).to eq phone_setup_path diff --git a/spec/features/saml/redirect_uri_validation_spec.rb b/spec/features/saml/redirect_uri_validation_spec.rb index 1677f6c0eac..a2e0cc06e80 100644 --- a/spec/features/saml/redirect_uri_validation_spec.rb +++ b/spec/features/saml/redirect_uri_validation_spec.rb @@ -13,9 +13,9 @@ state: '123abc', ) sp = ServiceProvider.find_by(issuer: 'http://localhost:3000') - expect(page). - to have_link t('links.back_to_sp', sp: sp.friendly_name), - href: return_to_sp_cancel_path(step: :authentication) + expect(page) + .to have_link t('links.back_to_sp', sp: sp.friendly_name), + href: return_to_sp_cancel_path(step: :authentication) fill_in_credentials_and_submit(user.email, user.password) fill_in_code_with_last_phone_otp diff --git a/spec/features/saml/saml_logout_spec.rb b/spec/features/saml/saml_logout_spec.rb index 3e1400f1e90..da14da53c42 100644 --- a/spec/features/saml/saml_logout_spec.rb +++ b/spec/features/saml/saml_logout_spec.rb @@ -191,8 +191,8 @@ click_agree_and_continue click_button(t('forms.buttons.submit.default')) - identity = ServiceProviderIdentity. - find_by(user_id: user.id, service_provider: saml_settings.issuer) + identity = ServiceProviderIdentity + .find_by(user_id: user.id, service_provider: saml_settings.issuer) expect(OutOfBandSessionAccessor.new(identity.rails_session_id).exists?).to eq true # simulate a remote request diff --git a/spec/features/saml/saml_spec.rb b/spec/features/saml/saml_spec.rb index d0bee87d559..d8e5ab221ff 100644 --- a/spec/features/saml/saml_spec.rb +++ b/spec/features/saml/saml_spec.rb @@ -14,9 +14,9 @@ end it 'returns the user to the acs url after authentication' do - expect(page). - to have_link t('links.back_to_sp', sp: sp.friendly_name), - href: return_to_sp_cancel_path(step: :authentication) + expect(page) + .to have_link t('links.back_to_sp', sp: sp.friendly_name), + href: return_to_sp_cancel_path(step: :authentication) sign_in_via_branded_page(user) click_submit_default @@ -145,19 +145,19 @@ it 'contains a signature method nodeset with SHA256 algorithm' do expect(xmldoc.signature_method_nodeset.length).to eq(1) - expect(xmldoc.signature_method_nodeset[0].attr('Algorithm')). - to eq('http://www.w3.org/2001/04/xmldsig-more#rsa-sha256') + expect(xmldoc.signature_method_nodeset[0].attr('Algorithm')) + .to eq('http://www.w3.org/2001/04/xmldsig-more#rsa-sha256') end it 'contains a digest method nodeset with SHA256 algorithm' do expect(xmldoc.digest_method_nodeset.length).to eq(1) - expect(xmldoc.digest_method_nodeset[0].attr('Algorithm')). - to eq('http://www.w3.org/2001/04/xmlenc#sha256') + expect(xmldoc.digest_method_nodeset[0].attr('Algorithm')) + .to eq('http://www.w3.org/2001/04/xmlenc#sha256') end it 'redirects to /test/saml/decode_assertion after submitting the form' do - expect(page.current_url). - to eq(saml_settings.assertion_consumer_service_url) + expect(page.current_url) + .to eq(saml_settings.assertion_consumer_service_url) end it 'stores SP identifier in Identity model' do @@ -203,8 +203,8 @@ it 'updates the service providers in the database' do page.driver.header 'X-LOGIN-DASHBOARD-TOKEN', '123ABC' - expect { page.driver.post '/api/service_provider' }. - to(change { ServiceProvider.active.sort_by(&:id) }) + expect { page.driver.post '/api/service_provider' } + .to(change { ServiceProvider.active.sort_by(&:id) }) expect(page.status_code).to eq 200 end diff --git a/spec/features/sign_in/remember_device_default_spec.rb b/spec/features/sign_in/remember_device_default_spec.rb index 6679e98eca3..2da2fec5b22 100644 --- a/spec/features/sign_in/remember_device_default_spec.rb +++ b/spec/features/sign_in/remember_device_default_spec.rb @@ -8,8 +8,8 @@ user = create(:user, :fully_registered) sign_in_user(user) - expect(page). - to have_checked_field t('forms.messages.remember_device') + expect(page) + .to have_checked_field t('forms.messages.remember_device') end end context 'when signing in from an SP when the SP is AAL2' do diff --git a/spec/features/sign_in/setup_piv_cac_after_sign_in_spec.rb b/spec/features/sign_in/setup_piv_cac_after_sign_in_spec.rb index 146b5441230..ee2d82a983d 100644 --- a/spec/features/sign_in/setup_piv_cac_after_sign_in_spec.rb +++ b/spec/features/sign_in/setup_piv_cac_after_sign_in_spec.rb @@ -53,8 +53,8 @@ http://localhost:7654 https://example.com STR - expect(page.response_headers['Content-Security-Policy']). - to(include(expected_form_action)) + expect(page.response_headers['Content-Security-Policy']) + .to(include(expected_form_action)) end scenario 'user opts to add piv/cac card and has to reauthenticate on remembered device' do diff --git a/spec/features/sign_in/two_factor_options_spec.rb b/spec/features/sign_in/two_factor_options_spec.rb index 3650b4c9ea2..08e88a5bcfd 100644 --- a/spec/features/sign_in/two_factor_options_spec.rb +++ b/spec/features/sign_in/two_factor_options_spec.rb @@ -17,16 +17,16 @@ click_link t('two_factor_authentication.login_options_link_text') - expect(page). - to have_content t('two_factor_authentication.login_options.sms') - expect(page). - to have_content t('two_factor_authentication.login_options.voice') - expect(page). - to_not have_content t('two_factor_authentication.login_options.backup_code') - expect(page). - to_not have_content t('two_factor_authentication.login_options.piv_cac') - expect(page). - to_not have_content t('two_factor_authentication.login_options.auth_app') + expect(page) + .to have_content t('two_factor_authentication.login_options.sms') + expect(page) + .to have_content t('two_factor_authentication.login_options.voice') + expect(page) + .to_not have_content t('two_factor_authentication.login_options.backup_code') + expect(page) + .to_not have_content t('two_factor_authentication.login_options.piv_cac') + expect(page) + .to_not have_content t('two_factor_authentication.login_options.auth_app') end end @@ -37,16 +37,16 @@ click_link t('two_factor_authentication.login_options_link_text') - expect(page). - to_not have_content t('two_factor_authentication.login_options.sms') - expect(page). - to_not have_content t('two_factor_authentication.login_options.voice') - expect(page). - to have_content t('two_factor_authentication.login_options.backup_code') - expect(page). - to_not have_content t('two_factor_authentication.login_options.piv_cac') - expect(page). - to_not have_content t('two_factor_authentication.login_options.auth_app') + expect(page) + .to_not have_content t('two_factor_authentication.login_options.sms') + expect(page) + .to_not have_content t('two_factor_authentication.login_options.voice') + expect(page) + .to have_content t('two_factor_authentication.login_options.backup_code') + expect(page) + .to_not have_content t('two_factor_authentication.login_options.piv_cac') + expect(page) + .to_not have_content t('two_factor_authentication.login_options.auth_app') end end @@ -57,16 +57,16 @@ click_link t('two_factor_authentication.login_options_link_text') - expect(page). - to have_content t('two_factor_authentication.login_options.sms') - expect(page). - to have_content t('two_factor_authentication.login_options.voice') - expect(page). - to_not have_content t('two_factor_authentication.login_options.backup_code') - expect(page). - to_not have_content t('two_factor_authentication.login_options.piv_cac') - expect(page). - to_not have_content t('two_factor_authentication.login_options.auth_app') + expect(page) + .to have_content t('two_factor_authentication.login_options.sms') + expect(page) + .to have_content t('two_factor_authentication.login_options.voice') + expect(page) + .to_not have_content t('two_factor_authentication.login_options.backup_code') + expect(page) + .to_not have_content t('two_factor_authentication.login_options.piv_cac') + expect(page) + .to_not have_content t('two_factor_authentication.login_options.auth_app') end end @@ -80,16 +80,16 @@ click_link t('two_factor_authentication.login_options_link_text') - expect(page). - to have_content t('two_factor_authentication.login_options.sms') - expect(page). - to_not have_content t('two_factor_authentication.login_options.voice') - expect(page). - to_not have_content t('two_factor_authentication.login_options.backup_code') - expect(page). - to_not have_content t('two_factor_authentication.login_options.piv_cac') - expect(page). - to_not have_content t('two_factor_authentication.login_options.auth_app') + expect(page) + .to have_content t('two_factor_authentication.login_options.sms') + expect(page) + .to_not have_content t('two_factor_authentication.login_options.voice') + expect(page) + .to_not have_content t('two_factor_authentication.login_options.backup_code') + expect(page) + .to_not have_content t('two_factor_authentication.login_options.piv_cac') + expect(page) + .to_not have_content t('two_factor_authentication.login_options.auth_app') end end @@ -103,16 +103,16 @@ click_link t('two_factor_authentication.login_options_link_text') - expect(page). - to have_content t('two_factor_authentication.login_options.sms') - expect(page). - to_not have_content t('two_factor_authentication.login_options.voice') - expect(page). - to_not have_content t('two_factor_authentication.login_options.backup_code') - expect(page). - to_not have_content t('two_factor_authentication.login_options.piv_cac') - expect(page). - to_not have_content t('two_factor_authentication.login_options.auth_app') + expect(page) + .to have_content t('two_factor_authentication.login_options.sms') + expect(page) + .to_not have_content t('two_factor_authentication.login_options.voice') + expect(page) + .to_not have_content t('two_factor_authentication.login_options.backup_code') + expect(page) + .to_not have_content t('two_factor_authentication.login_options.piv_cac') + expect(page) + .to_not have_content t('two_factor_authentication.login_options.auth_app') end end @@ -123,16 +123,16 @@ click_link t('two_factor_authentication.login_options_link_text') - expect(page). - to_not have_content t('two_factor_authentication.login_options.sms') - expect(page). - to_not have_content t('two_factor_authentication.login_options.voice') - expect(page). - to have_content t('two_factor_authentication.login_options.personal_key') - expect(page). - to have_content t('two_factor_authentication.login_options.auth_app') - expect(page). - to_not have_content t('two_factor_authentication.login_options.piv_cac') + expect(page) + .to_not have_content t('two_factor_authentication.login_options.sms') + expect(page) + .to_not have_content t('two_factor_authentication.login_options.voice') + expect(page) + .to have_content t('two_factor_authentication.login_options.personal_key') + expect(page) + .to have_content t('two_factor_authentication.login_options.auth_app') + expect(page) + .to_not have_content t('two_factor_authentication.login_options.piv_cac') end end @@ -143,16 +143,16 @@ click_link t('two_factor_authentication.login_options_link_text') - expect(page). - to_not have_content t('two_factor_authentication.login_options.sms') - expect(page). - to_not have_content t('two_factor_authentication.login_options.voice') - expect(page). - to have_content t('two_factor_authentication.login_options.personal_key') - expect(page). - to_not have_content t('two_factor_authentication.login_options.auth_app') - expect(page). - to have_content t('two_factor_authentication.login_options.piv_cac') + expect(page) + .to_not have_content t('two_factor_authentication.login_options.sms') + expect(page) + .to_not have_content t('two_factor_authentication.login_options.voice') + expect(page) + .to have_content t('two_factor_authentication.login_options.personal_key') + expect(page) + .to_not have_content t('two_factor_authentication.login_options.auth_app') + expect(page) + .to have_content t('two_factor_authentication.login_options.piv_cac') end end @@ -163,16 +163,16 @@ click_link t('two_factor_authentication.login_options_link_text') - expect(page). - to have_content t('two_factor_authentication.login_options.sms') - expect(page). - to have_content t('two_factor_authentication.login_options.voice') - expect(page). - to_not have_content t('two_factor_authentication.login_options.backup_code') - expect(page). - to have_content t('two_factor_authentication.login_options.auth_app') - expect(page). - to_not have_content t('two_factor_authentication.login_options.piv_cac') + expect(page) + .to have_content t('two_factor_authentication.login_options.sms') + expect(page) + .to have_content t('two_factor_authentication.login_options.voice') + expect(page) + .to_not have_content t('two_factor_authentication.login_options.backup_code') + expect(page) + .to have_content t('two_factor_authentication.login_options.auth_app') + expect(page) + .to_not have_content t('two_factor_authentication.login_options.piv_cac') end end @@ -183,16 +183,16 @@ click_link t('two_factor_authentication.login_options_link_text') - expect(page). - to have_content t('two_factor_authentication.login_options.sms') - expect(page). - to have_content t('two_factor_authentication.login_options.voice') - expect(page). - to_not have_content t('two_factor_authentication.login_options.backup_code') - expect(page). - to_not have_content t('two_factor_authentication.login_options.auth_app') - expect(page). - to have_content t('two_factor_authentication.login_options.piv_cac') + expect(page) + .to have_content t('two_factor_authentication.login_options.sms') + expect(page) + .to have_content t('two_factor_authentication.login_options.voice') + expect(page) + .to_not have_content t('two_factor_authentication.login_options.backup_code') + expect(page) + .to_not have_content t('two_factor_authentication.login_options.auth_app') + expect(page) + .to have_content t('two_factor_authentication.login_options.piv_cac') end end @@ -203,16 +203,16 @@ click_link t('two_factor_authentication.login_options_link_text') - expect(page). - to_not have_content t('two_factor_authentication.login_options.sms') - expect(page). - to_not have_content t('two_factor_authentication.login_options.voice') - expect(page). - to have_content t('two_factor_authentication.login_options.personal_key') - expect(page). - to have_content t('two_factor_authentication.login_options.auth_app') - expect(page). - to have_content t('two_factor_authentication.login_options.piv_cac') + expect(page) + .to_not have_content t('two_factor_authentication.login_options.sms') + expect(page) + .to_not have_content t('two_factor_authentication.login_options.voice') + expect(page) + .to have_content t('two_factor_authentication.login_options.personal_key') + expect(page) + .to have_content t('two_factor_authentication.login_options.auth_app') + expect(page) + .to have_content t('two_factor_authentication.login_options.piv_cac') end end @@ -223,16 +223,16 @@ click_link t('two_factor_authentication.login_options_link_text') - expect(page). - to have_content t('two_factor_authentication.login_options.sms') - expect(page). - to have_content t('two_factor_authentication.login_options.voice') - expect(page). - to_not have_content t('two_factor_authentication.login_options.backup_code') - expect(page). - to have_content t('two_factor_authentication.login_options.auth_app') - expect(page). - to have_content t('two_factor_authentication.login_options.piv_cac') + expect(page) + .to have_content t('two_factor_authentication.login_options.sms') + expect(page) + .to have_content t('two_factor_authentication.login_options.voice') + expect(page) + .to_not have_content t('two_factor_authentication.login_options.backup_code') + expect(page) + .to have_content t('two_factor_authentication.login_options.auth_app') + expect(page) + .to have_content t('two_factor_authentication.login_options.piv_cac') end end @@ -245,22 +245,22 @@ click_link t('two_factor_authentication.login_options_link_text') - expect(page). - to have_content t('two_factor_authentication.login_options.sms') - expect(page). - to have_content t('two_factor_authentication.login_options.voice') - expect(page). - to_not have_content t('two_factor_authentication.login_options.backup_code') - expect(page). - to_not have_content t('two_factor_authentication.login_options.auth_app') - expect(page). - to_not have_content t('two_factor_authentication.login_options.piv_cac') + expect(page) + .to have_content t('two_factor_authentication.login_options.sms') + expect(page) + .to have_content t('two_factor_authentication.login_options.voice') + expect(page) + .to_not have_content t('two_factor_authentication.login_options.backup_code') + expect(page) + .to_not have_content t('two_factor_authentication.login_options.auth_app') + expect(page) + .to_not have_content t('two_factor_authentication.login_options.piv_cac') # Passing "visible: false" since the option would be hidden if JavaScript is disabled. Rather # than use ChromeDriver, the purpose of this spec is to ensure that it is rendered as a single # option by the server, so we're not as concerned about whether it's visible. - expect(page). - to have_selector('#two_factor_options_form_selection_webauthn', count: 1, visible: false) + expect(page) + .to have_selector('#two_factor_options_form_selection_webauthn', count: 1, visible: false) end end @@ -276,16 +276,16 @@ click_link t('two_factor_authentication.login_options_link_text') expect(page).to have_selector("#two_factor_options_form_selection_sms_#{first_id}", count: 1) - expect(page). - to have_selector("#two_factor_options_form_selection_sms_#{second_id}", count: 1) + expect(page) + .to have_selector("#two_factor_options_form_selection_sms_#{second_id}", count: 1) expect(page).to_not have_content('+1 202-555-1212') expect(page).to_not have_content('+1 202-555-1213') expect(page).to have_content('(***) ***-1212') expect(page).to have_content('(***) ***-1213') - expect(page). - to have_selector("#two_factor_options_form_selection_voice_#{first_id}", count: 1) - expect(page). - to have_selector("#two_factor_options_form_selection_voice_#{second_id}", count: 1) + expect(page) + .to have_selector("#two_factor_options_form_selection_voice_#{first_id}", count: 1) + expect(page) + .to have_selector("#two_factor_options_form_selection_voice_#{second_id}", count: 1) expect(page).to have_selector('#two_factor_options_form_selection_personal_key', count: 0) expect(page).to have_selector('#two_factor_options_form_selection_backup_code', count: 0) expect(page).to have_selector('#two_factor_options_form_selection_auth_app', count: 0) diff --git a/spec/features/sp_cost_tracking_spec.rb b/spec/features/sp_cost_tracking_spec.rb index 9526068ac37..feb8f84eac2 100644 --- a/spec/features/sp_cost_tracking_spec.rb +++ b/spec/features/sp_cost_tracking_spec.rb @@ -13,8 +13,8 @@ let(:password) { Features::SessionHelper::VALID_PASSWORD } before do - allow(IdentityConfig.store).to receive(:allowed_verified_within_providers). - and_return([issuer]) + allow(IdentityConfig.store).to receive(:allowed_verified_within_providers) + .and_return([issuer]) end it 'logs the correct costs for an ial2 user creation from sp with oidc', js: true do diff --git a/spec/features/two_factor_authentication/change_factor_spec.rb b/spec/features/two_factor_authentication/change_factor_spec.rb index 1d49e668fcd..f6905accfbf 100644 --- a/spec/features/two_factor_authentication/change_factor_spec.rb +++ b/spec/features/two_factor_authentication/change_factor_spec.rb @@ -48,8 +48,8 @@ }, ).once - expect(current_path). - to eq login_two_factor_path(otp_delivery_preference: 'sms') + expect(current_path) + .to eq login_two_factor_path(otp_delivery_preference: 'sms') end end diff --git a/spec/features/two_factor_authentication/multiple_mfa_sign_up_spec.rb b/spec/features/two_factor_authentication/multiple_mfa_sign_up_spec.rb index 054231a779a..aa751bc08b8 100644 --- a/spec/features/two_factor_authentication/multiple_mfa_sign_up_spec.rb +++ b/spec/features/two_factor_authentication/multiple_mfa_sign_up_spec.rb @@ -21,8 +21,8 @@ click_continue - expect(page). - to have_content t('headings.add_info.phone') + expect(page) + .to have_content t('headings.add_info.phone') expect(page).to have_current_path phone_setup_path @@ -53,8 +53,8 @@ click_continue - expect(page). - to have_content t('headings.add_info.phone') + expect(page) + .to have_content t('headings.add_info.phone') expect(page).to have_current_path phone_setup_path @@ -126,8 +126,8 @@ click_continue - expect(page). - to have_content t('headings.add_info.phone') + expect(page) + .to have_content t('headings.add_info.phone') click_continue @@ -191,9 +191,9 @@ context 'with platform authenticator as the first mfa' do it 'does not allow the user to skip selecting second mfa' do - allow(IdentityConfig.store). - to receive(:show_unsupported_passkey_platform_authentication_setup). - and_return(true) + allow(IdentityConfig.store) + .to receive(:show_unsupported_passkey_platform_authentication_setup) + .and_return(true) mock_webauthn_setup_challenge user = sign_up_and_set_password user.password = Features::SessionHelper::VALID_PASSWORD @@ -265,9 +265,9 @@ describe 'adding a phone as a second mfa' do it 'at setup, phone as second MFA show a cancel link that returns to mfa setup' do - allow(IdentityConfig.store). - to receive(:show_unsupported_passkey_platform_authentication_setup). - and_return(true) + allow(IdentityConfig.store) + .to receive(:show_unsupported_passkey_platform_authentication_setup) + .and_return(true) sign_up_and_set_password mock_webauthn_setup_challenge @@ -294,21 +294,21 @@ context 'User with phishing resistant service provider' do it 'should show phishing option first then all mfa options for second mfa' do - allow(IdentityConfig.store). - to receive(:show_unsupported_passkey_platform_authentication_setup). - and_return(true) + allow(IdentityConfig.store) + .to receive(:show_unsupported_passkey_platform_authentication_setup) + .and_return(true) visit_idp_from_ial1_oidc_sp_requesting_phishing_resistant(prompt: 'select_account') sign_up_and_set_password mock_webauthn_setup_challenge - expect(page). - to have_content(t('two_factor_authentication.two_factor_choice_options.webauthn')) - expect(page). - to have_content(t('two_factor_authentication.two_factor_choice_options.piv_cac')) - expect(page). - to_not have_content(t('two_factor_authentication.two_factor_choice_options.auth_app')) - expect(page). - to_not have_content(t('two_factor_authentication.two_factor_choice_options.phone')) + expect(page) + .to have_content(t('two_factor_authentication.two_factor_choice_options.webauthn')) + expect(page) + .to have_content(t('two_factor_authentication.two_factor_choice_options.piv_cac')) + expect(page) + .to_not have_content(t('two_factor_authentication.two_factor_choice_options.auth_app')) + expect(page) + .to_not have_content(t('two_factor_authentication.two_factor_choice_options.phone')) select_2fa_option('webauthn_platform', visible: :all) click_continue @@ -316,14 +316,14 @@ mock_press_button_on_hardware_key_on_setup click_link t('mfa.add') - expect(page). - to have_content(t('two_factor_authentication.two_factor_choice_options.webauthn')) - expect(page). - to have_content(t('two_factor_authentication.two_factor_choice_options.piv_cac')) - expect(page). - to have_content(t('two_factor_authentication.two_factor_choice_options.auth_app')) - expect(page). - to have_content(t('two_factor_authentication.two_factor_choice_options.phone')) + expect(page) + .to have_content(t('two_factor_authentication.two_factor_choice_options.webauthn')) + expect(page) + .to have_content(t('two_factor_authentication.two_factor_choice_options.piv_cac')) + expect(page) + .to have_content(t('two_factor_authentication.two_factor_choice_options.auth_app')) + expect(page) + .to have_content(t('two_factor_authentication.two_factor_choice_options.phone')) end end diff --git a/spec/features/two_factor_authentication/sign_in_spec.rb b/spec/features/two_factor_authentication/sign_in_spec.rb index 437b5b54985..932eb1380d3 100644 --- a/spec/features/two_factor_authentication/sign_in_spec.rb +++ b/spec/features/two_factor_authentication/sign_in_spec.rb @@ -13,8 +13,8 @@ click_continue - expect(page). - to have_content t('headings.add_info.phone') + expect(page) + .to have_content t('headings.add_info.phone') send_one_time_code_without_entering_phone_number @@ -66,12 +66,12 @@ before do PhoneNumberOptOut.create_or_find_with_phone(phone_configuration.phone) opt_out_manager = instance_double('Telephony::Pinpoint::OptOutManager') - allow(opt_out_manager). - to receive(:opt_in_phone_number). - with(phone_configuration.formatted_phone). - and_return(FormResponse.new(success: true)) - allow_any_instance_of(TwoFactorAuthentication::SmsOptInController). - to receive(:opt_out_manager).and_return(opt_out_manager) + allow(opt_out_manager) + .to receive(:opt_in_phone_number) + .with(phone_configuration.formatted_phone) + .and_return(FormResponse.new(success: true)) + allow_any_instance_of(TwoFactorAuthentication::SmsOptInController) + .to receive(:opt_out_manager).and_return(opt_out_manager) end scenario 'renders the sms opt-out error screen when signing in' do @@ -286,8 +286,8 @@ def submit_2fa_setup_form_with_valid_phone sign_in_before_2fa(user) expect(current_path).to eq login_two_factor_path(otp_delivery_preference: 'sms') - expect(page). - to have_content t('two_factor_authentication.header_text') + expect(page) + .to have_content t('two_factor_authentication.header_text') attempt_to_bypass_2fa @@ -429,8 +429,8 @@ def attempt_to_bypass_2fa it 'does not change their OTP delivery preference' do allow(OtpRateLimiter).to receive(:new).and_return(otp_rate_limiter) - allow(otp_rate_limiter).to receive(:exceeded_otp_send_limit?). - and_return(false) + allow(otp_rate_limiter).to receive(:exceeded_otp_send_limit?) + .and_return(false) sign_in_user(user) @@ -575,8 +575,8 @@ def attempt_to_bypass_2fa let(:max_attempts) { 2 } let(:user) { create(:user, :fully_registered) } before do - allow(IdentityConfig.store).to receive(:login_otp_confirmation_max_attempts). - and_return(max_attempts) + allow(IdentityConfig.store).to receive(:login_otp_confirmation_max_attempts) + .and_return(max_attempts) end def wrong_phone_otp diff --git a/spec/features/users/password_recovery_via_recovery_code_spec.rb b/spec/features/users/password_recovery_via_recovery_code_spec.rb index 9af1df8b475..d22c78b04bf 100644 --- a/spec/features/users/password_recovery_via_recovery_code_spec.rb +++ b/spec/features/users/password_recovery_via_recovery_code_spec.rb @@ -69,8 +69,8 @@ reset_password_and_sign_back_in(user, new_password) click_link t('two_factor_authentication.login_options_link_text') - expect(page). - to_not have_selector("label[for='two_factor_options_form_selection_personal_key']") + expect(page) + .to_not have_selector("label[for='two_factor_options_form_selection_personal_key']") end context 'account recovery alternative paths' do diff --git a/spec/features/users/piv_cac_management_spec.rb b/spec/features/users/piv_cac_management_spec.rb index 15bc6a225d8..8397f36686f 100644 --- a/spec/features/users/piv_cac_management_spec.rb +++ b/spec/features/users/piv_cac_management_spec.rb @@ -15,8 +15,8 @@ visit account_two_factor_authentication_path click_link t('account.index.piv_cac_add'), href: setup_piv_cac_url - expect(page.response_headers['Content-Security-Policy'].split(';').map(&:strip)). - to(include("form-action https://*.pivcac.test.example.com 'self'")) + expect(page.response_headers['Content-Security-Policy'].split(';').map(&:strip)) + .to(include("form-action https://*.pivcac.test.example.com 'self'")) fill_in t('instructions.mfa.piv_cac.step_1'), with: 'Card' click_on t('forms.piv_cac_setup.submit') diff --git a/spec/features/users/regenerate_personal_key_spec.rb b/spec/features/users/regenerate_personal_key_spec.rb index 822f7f1a452..e9087371979 100644 --- a/spec/features/users/regenerate_personal_key_spec.rb +++ b/spec/features/users/regenerate_personal_key_spec.rb @@ -13,8 +13,8 @@ sign_in_and_2fa_user(user) old_digest = user.encrypted_recovery_code_digest - expect(Telephony).to receive(:send_personal_key_regeneration_notice). - with(to: user.phone_configurations.first.phone, country_code: 'US') + expect(Telephony).to receive(:send_personal_key_regeneration_notice) + .with(to: user.phone_configurations.first.phone, country_code: 'US') visit account_two_factor_authentication_path click_on(t('account.links.regenerate_personal_key'), match: :prefer_exact) diff --git a/spec/features/users/sign_in_spec.rb b/spec/features/users/sign_in_spec.rb index 297a23f5efe..41a2f2d91a9 100644 --- a/spec/features/users/sign_in_spec.rb +++ b/spec/features/users/sign_in_spec.rb @@ -29,8 +29,8 @@ signin('test@example.com', 'Please123!') link_url = new_user_password_url - expect(page). - to have_link t('devise.failure.not_found_in_database_link_text', href: link_url) + expect(page) + .to have_link t('devise.failure.not_found_in_database_link_text', href: link_url) end scenario 'user is suspended, gets show please call page after 2fa' do @@ -189,8 +189,8 @@ before :each do allow(IdentityConfig.store).to receive(:session_check_frequency).and_return(1) allow(IdentityConfig.store).to receive(:session_check_delay).and_return(0) - allow(IdentityConfig.store).to receive(:session_timeout_warning_seconds). - and_return(Devise.timeout_in) + allow(IdentityConfig.store).to receive(:session_timeout_warning_seconds) + .and_return(Devise.timeout_in) sign_in_and_2fa_user visit forget_all_browsers_path @@ -239,8 +239,8 @@ it 'displays the session timeout warning with partially signed in copy' do allow(IdentityConfig.store).to receive(:session_check_frequency).and_return(1) allow(IdentityConfig.store).to receive(:session_check_delay).and_return(0) - allow(IdentityConfig.store).to receive(:session_timeout_warning_seconds). - and_return(Devise.timeout_in) + allow(IdentityConfig.store).to receive(:session_timeout_warning_seconds) + .and_return(Devise.timeout_in) user = create(:user, :fully_registered) sign_in_user(user) @@ -410,8 +410,8 @@ rotate_attribute_encryption_key_with_invalid_queue - expect { signin(email, password) }. - to raise_error Encryption::EncryptionError, 'unable to decrypt attribute with any key' + expect { signin(email, password) } + .to raise_error Encryption::EncryptionError, 'unable to decrypt attribute with any key' user = user.reload expect(user.confirmed_email_addresses.first.encrypted_email).to eq encrypted_email @@ -449,8 +449,8 @@ link_url = new_user_password_url - expect(page). - to have_link t('devise.failure.invalid_link_text', href: link_url) + expect(page) + .to have_link t('devise.failure.invalid_link_text', href: link_url) expect(current_path).to eq root_path end end @@ -495,8 +495,8 @@ it 'redirects to sign in page with flash message' do user = create(:user, :fully_registered) visit new_user_session_path(request_id: '123') - allow_any_instance_of(Users::SessionsController). - to receive(:create).and_raise(ActionController::InvalidAuthenticityToken) + allow_any_instance_of(Users::SessionsController) + .to receive(:create).and_raise(ActionController::InvalidAuthenticityToken) fill_in_credentials_and_submit(user.email, user.password) @@ -518,8 +518,8 @@ expect(Telephony::Test::Call.calls.length).to eq(0) expect(Telephony::Test::Message.messages.length).to eq(1) - expect(page). - to have_current_path(login_two_factor_path(otp_delivery_preference: 'sms')) + expect(page) + .to have_current_path(login_two_factor_path(otp_delivery_preference: 'sms')) expect(page).to have_content t( 'two_factor_authentication.otp_delivery_preference.voice_unsupported', location: 'Australia', @@ -536,8 +536,8 @@ expect(Telephony::Test::Call.calls.length).to eq(0) expect(Telephony::Test::Message.messages.length).to eq(0) - expect(page). - to have_current_path(login_two_factor_path(otp_delivery_preference: 'sms')) + expect(page) + .to have_current_path(login_two_factor_path(otp_delivery_preference: 'sms')) expect(page).to have_content t( 'two_factor_authentication.otp_delivery_preference.voice_unsupported', location: 'Algeria', @@ -561,8 +561,8 @@ expect(Telephony::Test::Call.calls.length).to eq(0) expect(Telephony::Test::Message.messages.length).to eq(1) - expect(page). - to have_current_path(login_two_factor_path(otp_delivery_preference: 'sms')) + expect(page) + .to have_current_path(login_two_factor_path(otp_delivery_preference: 'sms')) expect(page).to have_content t( 'two_factor_authentication.otp_delivery_preference.voice_unsupported', location: unsupported_country_name, @@ -584,8 +584,8 @@ expect(Telephony::Test::Call.calls.length).to eq(0) expect(Telephony::Test::Message.messages.length).to eq(1) - expect(page). - to have_current_path(login_two_factor_path(otp_delivery_preference: 'sms')) + expect(page) + .to have_current_path(login_two_factor_path(otp_delivery_preference: 'sms')) expect(page).to have_content t( 'two_factor_authentication.otp_delivery_preference.voice_unsupported', location: unsupported_country_name, @@ -607,8 +607,8 @@ expect(Telephony::Test::Call.calls.length).to eq(0) expect(Telephony::Test::Message.messages.length).to eq(1) - expect(page). - to have_current_path(login_two_factor_path(otp_delivery_preference: 'sms')) + expect(page) + .to have_current_path(login_two_factor_path(otp_delivery_preference: 'sms')) expect(page).to have_content t( 'two_factor_authentication.otp_delivery_preference.voice_unsupported', location: unsupported_country_name, @@ -885,8 +885,8 @@ before do allow(FeatureManagement).to receive(:sign_in_recaptcha_enabled?).and_return(true) allow(IdentityConfig.store).to receive(:recaptcha_mock_validator).and_return(true) - allow(IdentityConfig.store).to receive(:sign_in_recaptcha_log_failures_only). - and_return(sign_in_recaptcha_log_failures_only) + allow(IdentityConfig.store).to receive(:sign_in_recaptcha_log_failures_only) + .and_return(sign_in_recaptcha_log_failures_only) allow(IdentityConfig.store).to receive(:sign_in_recaptcha_score_threshold).and_return(0.2) allow(IdentityConfig.store).to receive(:sign_in_recaptcha_percent_tested).and_return(100) reload_ab_tests @@ -919,8 +919,8 @@ context 'user is chosen to check if password compromised' do before do allow(SecureRandom).to receive(:random_number).and_return(5) - allow(IdentityConfig.store).to receive(:compromised_password_randomizer_threshold). - and_return(2) + allow(IdentityConfig.store).to receive(:compromised_password_randomizer_threshold) + .and_return(2) end it 'should bring user to manage password page with warning' do visit_idp_from_sp_with_ial1(:oidc) @@ -953,8 +953,8 @@ context 'user is not chosen to check if password compromised' do before do allow(SecureRandom).to receive(:random_number).and_return(2) - allow(IdentityConfig.store).to receive(:compromised_password_randomizer_threshold). - and_return(5) + allow(IdentityConfig.store).to receive(:compromised_password_randomizer_threshold) + .and_return(5) end it 'should continue without issue' do visit new_user_session_path @@ -972,8 +972,8 @@ context 'user is chosen to check if password compromised' do before do allow(SecureRandom).to receive(:random_number).and_return(5) - allow(IdentityConfig.store).to receive(:compromised_password_randomizer_threshold). - and_return(2) + allow(IdentityConfig.store).to receive(:compromised_password_randomizer_threshold) + .and_return(2) end it 'should bring user to account page and set password compromised attr' do visit new_user_session_path @@ -990,8 +990,8 @@ context 'user is not chosen to check if password compromised' do before do allow(SecureRandom).to receive(:random_number).and_return(2) - allow(IdentityConfig.store).to receive(:compromised_password_randomizer_threshold). - and_return(5) + allow(IdentityConfig.store).to receive(:compromised_password_randomizer_threshold) + .and_return(5) end it 'should continue without issue and does not set password compromised attr' do visit new_user_session_path diff --git a/spec/features/users/sign_up_spec.rb b/spec/features/users/sign_up_spec.rb index 7dad8caa392..5667891a4fc 100644 --- a/spec/features/users/sign_up_spec.rb +++ b/spec/features/users/sign_up_spec.rb @@ -252,8 +252,8 @@ def clipboard_text expect(page).to have_current_path(root_path) action = t('devise.confirmations.sign_in') - expect(page). - to have_content t('devise.confirmations.already_confirmed', action: action) + expect(page) + .to have_content t('devise.confirmations.already_confirmed', action: action) end end @@ -263,8 +263,8 @@ def clipboard_text expect(page).to have_current_path(sign_up_register_path) - expect(page). - to have_content t('errors.messages.confirmation_invalid_token') + expect(page) + .to have_content t('errors.messages.confirmation_invalid_token') end end @@ -322,8 +322,8 @@ def clipboard_text sign_in_user(user) visit authenticator_setup_path - expect(page). - to have_current_path login_two_factor_path(otp_delivery_preference: 'sms') + expect(page) + .to have_current_path login_two_factor_path(otp_delivery_preference: 'sms') end it 'prompts to sign in when accessing authenticator_setup_path before signing in' do diff --git a/spec/features/users/totp_management_spec.rb b/spec/features/users/totp_management_spec.rb index aabca5c1c97..8eb78e84398 100644 --- a/spec/features/users/totp_management_spec.rb +++ b/spec/features/users/totp_management_spec.rb @@ -187,8 +187,8 @@ expect(page).to have_current_path(account_two_factor_authentication_path) expect(user.auth_app_configurations.count).to eq(2) - expect(page). - to_not have_link(t('account.index.auth_app_add'), href: authenticator_setup_url) + expect(page) + .to_not have_link(t('account.index.auth_app_add'), href: authenticator_setup_url) end end end diff --git a/spec/features/users/user_edit_spec.rb b/spec/features/users/user_edit_spec.rb index f59179ed579..e84d3a8aaf0 100644 --- a/spec/features/users/user_edit_spec.rb +++ b/spec/features/users/user_edit_spec.rb @@ -16,8 +16,8 @@ click_button 'Update' expect(page).to have_css '.usa-alert', text: 'Please review the problems below:' - expect(page). - to have_content t( + expect(page) + .to have_content t( 'errors.attributes.password.too_short.other', count: Devise.password_length.first, ) diff --git a/spec/features/users/user_profile_spec.rb b/spec/features/users/user_profile_spec.rb index 32399dede83..5340eead14e 100644 --- a/spec/features/users/user_profile_spec.rb +++ b/spec/features/users/user_profile_spec.rb @@ -237,8 +237,8 @@ expect(page).to have_button(t('account.re_verify.footer')) expect(page).to_not have_content(parsed_date) click_button t('account.re_verify.footer') - expect(page). - to have_content t('two_factor_authentication.login_options.sms') + expect(page) + .to have_content t('two_factor_authentication.login_options.sms') click_button t('forms.buttons.continue') fill_in_code_with_last_phone_otp click_submit_default diff --git a/spec/features/visitors/email_confirmation_spec.rb b/spec/features/visitors/email_confirmation_spec.rb index 299234123c6..5cc1857ea22 100644 --- a/spec/features/visitors/email_confirmation_spec.rb +++ b/spec/features/visitors/email_confirmation_spec.rb @@ -46,14 +46,14 @@ it 'sends the user the confirmation email again' do email = 'test@example.com' - expect { sign_up_with(email) }. - to change { ActionMailer::Base.deliveries.count }.by(1) + expect { sign_up_with(email) } + .to change { ActionMailer::Base.deliveries.count }.by(1) expect(last_email.html_part.body).to have_content( t('user_mailer.email_confirmation_instructions.subject'), ) - expect { sign_up_with(email) }. - to change { ActionMailer::Base.deliveries.count }.by(1) + expect { sign_up_with(email) } + .to change { ActionMailer::Base.deliveries.count }.by(1) expect(last_email.html_part.body).to have_content( t('user_mailer.email_confirmation_instructions.subject'), ) @@ -64,8 +64,8 @@ it 'sends the confirmation email again' do sign_up_with('test@example.com') - expect { click_on t('notices.signed_up_but_unconfirmed.resend_confirmation_email') }. - to change { ActionMailer::Base.deliveries.count }.by(1) + expect { click_on t('notices.signed_up_but_unconfirmed.resend_confirmation_email') } + .to change { ActionMailer::Base.deliveries.count }.by(1) expect(last_email.html_part.body).to have_content( t('user_mailer.email_confirmation_instructions.subject'), diff --git a/spec/features/visitors/password_recovery_spec.rb b/spec/features/visitors/password_recovery_spec.rb index dfc4c00878a..8f223c34bd7 100644 --- a/spec/features/visitors/password_recovery_spec.rb +++ b/spec/features/visitors/password_recovery_spec.rb @@ -14,8 +14,8 @@ click_link t('links.passwords.forgot') fill_in t('account.index.email'), with: user.email - expect(PushNotification::HttpPush).to receive(:deliver). - with(PushNotification::RecoveryActivatedEvent.new(user: user)) + expect(PushNotification::HttpPush).to receive(:deliver) + .with(PushNotification::RecoveryActivatedEvent.new(user: user)) click_button t('forms.buttons.continue') @@ -222,8 +222,8 @@ fill_in t('components.password_confirmation.confirm_label'), with: '1234' click_button t('forms.passwords.edit.buttons.submit') - expect(page). - to have_content t( + expect(page) + .to have_content t( 'errors.attributes.password.too_short.other', count: Devise.password_length.first ) end diff --git a/spec/features/visitors/sign_up_with_email_spec.rb b/spec/features/visitors/sign_up_with_email_spec.rb index 409b324821f..7633a1aecc6 100644 --- a/spec/features/visitors/sign_up_with_email_spec.rb +++ b/spec/features/visitors/sign_up_with_email_spec.rb @@ -43,8 +43,8 @@ scenario 'sends email saying someone tried to sign up with their email address' do user = create(:user) - expect { sign_up_with(user.email) }. - to change { ActionMailer::Base.deliveries.count }.by(1) + expect { sign_up_with(user.email) } + .to change { ActionMailer::Base.deliveries.count }.by(1) expect(last_email.html_part.body).to have_content( t('user_mailer.signup_with_your_email.intro_html', app_name_html: APP_NAME), @@ -72,8 +72,8 @@ sign_up_with(email) starting_count = unread_emails_for(email).size - remaining_attempts = IdentityConfig.store. - reg_unconfirmed_email_max_attempts - 1 - starting_count + remaining_attempts = IdentityConfig.store + .reg_unconfirmed_email_max_attempts - 1 - starting_count 1.upto(remaining_attempts) do |i| sign_up_with(email) diff --git a/spec/features/webauthn/hidden_spec.rb b/spec/features/webauthn/hidden_spec.rb index 0c0ea800316..9af74c27f11 100644 --- a/spec/features/webauthn/hidden_spec.rb +++ b/spec/features/webauthn/hidden_spec.rb @@ -62,8 +62,8 @@ context 'when in ab test for desktop setup' do before do - allow(IdentityConfig.store).to receive(:desktop_ft_unlock_setup_option_percent_tested). - and_return(100) + allow(IdentityConfig.store).to receive(:desktop_ft_unlock_setup_option_percent_tested) + .and_return(100) reload_ab_tests end @@ -77,8 +77,8 @@ context 'when A/B test is disabled' do before do - allow(IdentityConfig.store).to receive(:desktop_ft_unlock_setup_option_percent_tested). - and_return(0) + allow(IdentityConfig.store).to receive(:desktop_ft_unlock_setup_option_percent_tested) + .and_return(0) reload_ab_tests end diff --git a/spec/forms/backup_code_verification_form_spec.rb b/spec/forms/backup_code_verification_form_spec.rb index fca3a992ce3..b23a295bd2b 100644 --- a/spec/forms/backup_code_verification_form_spec.rb +++ b/spec/forms/backup_code_verification_form_spec.rb @@ -27,10 +27,10 @@ end it 'marks code as used' do - expect { subject }. - to change { backup_code_config.reload.used_at }. - from(nil). - to kind_of(Time) + expect { subject } + .to change { backup_code_config.reload.used_at } + .from(nil) + .to kind_of(Time) end end diff --git a/spec/forms/delete_user_email_form_spec.rb b/spec/forms/delete_user_email_form_spec.rb index 8bc089fa4b6..2cd97c40545 100644 --- a/spec/forms/delete_user_email_form_spec.rb +++ b/spec/forms/delete_user_email_form_spec.rb @@ -43,18 +43,18 @@ end it 'notifies subscribers that the identifier was recycled and the email changed' do - expect(PushNotification::HttpPush).to receive(:deliver).once. - with(PushNotification::IdentifierRecycledEvent.new( + expect(PushNotification::HttpPush).to receive(:deliver).once + .with(PushNotification::IdentifierRecycledEvent.new( user: user, email: email_address.email, )).ordered - expect(PushNotification::HttpPush).to receive(:deliver).once. - with(PushNotification::EmailChangedEvent.new( + expect(PushNotification::HttpPush).to receive(:deliver).once + .with(PushNotification::EmailChangedEvent.new( user: user, email: email_address.email, )).ordered - expect(PushNotification::HttpPush).to receive(:deliver).once. - with(PushNotification::RecoveryInformationChangedEvent.new( + expect(PushNotification::HttpPush).to receive(:deliver).once + .with(PushNotification::RecoveryInformationChangedEvent.new( user: user, )).ordered diff --git a/spec/forms/edit_phone_form_spec.rb b/spec/forms/edit_phone_form_spec.rb index fec67501fde..944fa79d7c0 100644 --- a/spec/forms/edit_phone_form_spec.rb +++ b/spec/forms/edit_phone_form_spec.rb @@ -25,8 +25,8 @@ result = subject.submit(params) expect(result.success?).to eq(false) - expect(result.errors[:delivery_preference].first). - to eq 'is not included in the list' + expect(result.errors[:delivery_preference].first) + .to eq 'is not included in the list' end end @@ -62,8 +62,8 @@ result = subject.submit(params) expect(result.success?).to eq(false) - expect(result.errors[:delivery_preference].first). - to eq 'is not included in the list' + expect(result.errors[:delivery_preference].first) + .to eq 'is not included in the list' end end diff --git a/spec/forms/gpo_verify_form_spec.rb b/spec/forms/gpo_verify_form_spec.rb index 6c50506aaa2..d8ade881b3f 100644 --- a/spec/forms/gpo_verify_form_spec.rb +++ b/spec/forms/gpo_verify_form_spec.rb @@ -97,10 +97,10 @@ let(:minimum_wait_before_another_usps_letter_in_hours) { 0 } before do - allow(IdentityConfig.store).to receive(:usps_confirmation_max_days). - and_return(expiration_days) - allow(IdentityConfig.store).to receive(:minimum_wait_before_another_usps_letter_in_hours). - and_return(minimum_wait_before_another_usps_letter_in_hours) + allow(IdentityConfig.store).to receive(:usps_confirmation_max_days) + .and_return(expiration_days) + allow(IdentityConfig.store).to receive(:minimum_wait_before_another_usps_letter_in_hours) + .and_return(minimum_wait_before_another_usps_letter_in_hours) end it 'is invalid' do @@ -332,8 +332,8 @@ ) end it 'sends the correct information for scheduling an in person enrollment' do - expect(UspsInPersonProofing::EnrollmentHelper).to receive(:schedule_in_person_enrollment). - with(user: anything, pii: anything, is_enhanced_ipp: is_enhanced_ipp) + expect(UspsInPersonProofing::EnrollmentHelper).to receive(:schedule_in_person_enrollment) + .with(user: anything, pii: anything, is_enhanced_ipp: is_enhanced_ipp) subject.submit(is_enhanced_ipp) end diff --git a/spec/forms/idv/api_image_upload_form_spec.rb b/spec/forms/idv/api_image_upload_form_spec.rb index 422527d7b89..8c74bbb742c 100644 --- a/spec/forms/idv/api_image_upload_form_spec.rb +++ b/spec/forms/idv/api_image_upload_form_spec.rb @@ -110,8 +110,8 @@ { width: 40, height: 40, mimeType: 'image/png', source: 'acuant' } end before do - allow(IdentityConfig.store).to receive(:doc_auth_selfie_desktop_test_mode). - and_return(false) + allow(IdentityConfig.store).to receive(:doc_auth_selfie_desktop_test_mode) + .and_return(false) end context 'id images are uploaded' do @@ -330,10 +330,10 @@ context 'when acuant a/b test is enabled' do before do - allow(IdentityConfig.store).to receive(:idv_acuant_sdk_upgrade_a_b_testing_enabled). - and_return(true) - allow(IdentityConfig.store).to receive(:idv_acuant_sdk_upgrade_a_b_testing_percent). - and_return(50) + allow(IdentityConfig.store).to receive(:idv_acuant_sdk_upgrade_a_b_testing_enabled) + .and_return(true) + allow(IdentityConfig.store).to receive(:idv_acuant_sdk_upgrade_a_b_testing_percent) + .and_return(50) end it 'returns the expected response' do @@ -541,8 +541,8 @@ expect(capture_result.failed_selfie_image_fingerprints.length).to eq(1) response = form.submit expect(response.errors).to have_key(:selfie) - expect(response.errors). - to have_value([I18n.t('doc_auth.errors.doc.resubmit_failed_image')]) + expect(response.errors) + .to have_value([I18n.t('doc_auth.errors.doc.resubmit_failed_image')]) end end end @@ -617,8 +617,8 @@ response = form.submit expect(response.errors).to have_key(:front) expect(response.errors).to have_key(:back) - expect(response.errors). - to have_value([I18n.t('doc_auth.errors.doc.resubmit_failed_image')]) + expect(response.errors) + .to have_value([I18n.t('doc_auth.errors.doc.resubmit_failed_image')]) expect(fake_analytics).to have_logged_event( 'IdV: failed doc image resubmitted', submit_attempts: 1, @@ -645,10 +645,10 @@ let(:images_cropped) { false } before do - expect_any_instance_of(DocAuth::Mock::DocAuthMockClient). - to receive(:post_images). - with(hash_including(image_source: image_source, images_cropped: images_cropped)). - and_call_original + expect_any_instance_of(DocAuth::Mock::DocAuthMockClient) + .to receive(:post_images) + .with(hash_including(image_source: image_source, images_cropped: images_cropped)) + .and_call_original end context 'manual uploads' do diff --git a/spec/forms/idv/doc_pii_form_spec.rb b/spec/forms/idv/doc_pii_form_spec.rb index 41aa4c5581c..f4ceee1be8a 100644 --- a/spec/forms/idv/doc_pii_form_spec.rb +++ b/spec/forms/idv/doc_pii_form_spec.rb @@ -210,8 +210,8 @@ expect(result).to be_kind_of(FormResponse) expect(result.success?).to eq(false) - expect(result.errors.keys). - to contain_exactly( + expect(result.errors.keys) + .to contain_exactly( :name, :dob, :zipcode, diff --git a/spec/forms/idv/phone_confirmation_otp_verification_form_spec.rb b/spec/forms/idv/phone_confirmation_otp_verification_form_spec.rb index 53b719da32d..23466747747 100644 --- a/spec/forms/idv/phone_confirmation_otp_verification_form_spec.rb +++ b/spec/forms/idv/phone_confirmation_otp_verification_form_spec.rb @@ -17,8 +17,8 @@ let(:max_attempts) { 2 } before do - allow(IdentityConfig.store).to receive(:login_otp_confirmation_max_attempts). - and_return(max_attempts) + allow(IdentityConfig.store).to receive(:login_otp_confirmation_max_attempts) + .and_return(max_attempts) end describe '#submit' do diff --git a/spec/forms/idv/phone_form_spec.rb b/spec/forms/idv/phone_form_spec.rb index 46d89945415..2a2e925e7dd 100644 --- a/spec/forms/idv/phone_form_spec.rb +++ b/spec/forms/idv/phone_form_spec.rb @@ -247,8 +247,8 @@ let(:result) { subject.submit(params) } before do - allow(subject).to receive(:unsupported_delivery_methods). - and_return(unsupported_delivery_methods) + allow(subject).to receive(:unsupported_delivery_methods) + .and_return(unsupported_delivery_methods) end context 'with one unsupported delivery method' do diff --git a/spec/forms/idv/ssn_format_form_spec.rb b/spec/forms/idv/ssn_format_form_spec.rb index da76c8c2686..64de7f33b9f 100644 --- a/spec/forms/idv/ssn_format_form_spec.rb +++ b/spec/forms/idv/ssn_format_form_spec.rb @@ -41,8 +41,8 @@ context 'when the form has invalid attributes' do it 'raises an error' do - expect { subject.submit(ssn: '111111111', foo: 1) }. - to raise_error(ArgumentError, 'foo is an invalid ssn attribute') + expect { subject.submit(ssn: '111111111', foo: 1) } + .to raise_error(ArgumentError, 'foo is an invalid ssn attribute') end end end diff --git a/spec/forms/new_phone_form_spec.rb b/spec/forms/new_phone_form_spec.rb index e6aa25f0c3a..02da25ab5c4 100644 --- a/spec/forms/new_phone_form_spec.rb +++ b/spec/forms/new_phone_form_spec.rb @@ -116,8 +116,8 @@ result = subject.submit(params) expect(result.success?).to eq(false) - expect(result.errors[:otp_delivery_preference].first). - to eq 'is not included in the list' + expect(result.errors[:otp_delivery_preference].first) + .to eq 'is not included in the list' end end @@ -134,8 +134,8 @@ result = subject.submit(params) expect(result.success?).to eq(false) - expect(result.errors[:otp_delivery_preference].first). - to eq 'is not included in the list' + expect(result.errors[:otp_delivery_preference].first) + .to eq 'is not included in the list' end end @@ -213,8 +213,8 @@ before do allow(IdentityConfig.store).to receive(:phone_service_check).and_return(true) - expect(Telephony).to receive(:phone_info).with(phone). - and_raise(Aws::Pinpoint::Errors::BadRequestException.new(nil, nil)) + expect(Telephony).to receive(:phone_info).with(phone) + .and_raise(Aws::Pinpoint::Errors::BadRequestException.new(nil, nil)) end it 'is invalid and does not raise' do @@ -258,8 +258,8 @@ context 'when AWS rate limits info type checks' do before do - expect(Telephony).to receive(:phone_info). - and_raise(Aws::Pinpoint::Errors::TooManyRequestsException.new(nil, 'error message')) + expect(Telephony).to receive(:phone_info) + .and_raise(Aws::Pinpoint::Errors::TooManyRequestsException.new(nil, 'error message')) end it 'logs a warning and fails open' do @@ -298,8 +298,8 @@ context 'blocklisted carrier numbers' do before do - allow(IdentityConfig.store).to receive(:phone_carrier_registration_blocklist_array). - and_return(['Blocked Phone Carrier']) + allow(IdentityConfig.store).to receive(:phone_carrier_registration_blocklist_array) + .and_return(['Blocked Phone Carrier']) end context 'when phone number carrier is in blocklist' do @@ -350,8 +350,8 @@ before do allow(IdentityConfig.store).to receive(:recaptcha_mock_validator).and_return(true) - allow(IdentityConfig.store).to receive(:phone_recaptcha_score_threshold). - and_return(score_threshold) + allow(IdentityConfig.store).to receive(:phone_recaptcha_score_threshold) + .and_return(score_threshold) end it 'assigns recaptcha_assessment_id value' do @@ -391,8 +391,8 @@ before do allow(FeatureManagement).to receive(:phone_recaptcha_enabled?).and_return(true) - allow(recaptcha_form).to receive(:submit).with(recaptcha_token). - and_return([recaptcha_form_response, recaptcha_assessment_id]) + allow(recaptcha_form).to receive(:submit).with(recaptcha_token) + .and_return([recaptcha_form_response, recaptcha_assessment_id]) allow(recaptcha_form).to receive(:errors).and_return(errors) allow(form).to receive(:recaptcha_form).and_return(recaptcha_form) end @@ -406,10 +406,10 @@ end it 'assigns recaptcha_assessment_id value' do - expect { result }. - to change { form.recaptcha_assessment_id }. - from(nil). - to(recaptcha_assessment_id) + expect { result } + .to change { form.recaptcha_assessment_id } + .from(nil) + .to(recaptcha_assessment_id) end context 'with recaptcha enterprise' do diff --git a/spec/forms/openid_connect_authorize_form_spec.rb b/spec/forms/openid_connect_authorize_form_spec.rb index fe1598234dc..6b015d11b91 100644 --- a/spec/forms/openid_connect_authorize_form_spec.rb +++ b/spec/forms/openid_connect_authorize_form_spec.rb @@ -88,8 +88,8 @@ let(:redirect_uri) { 'https://wrongurl.com' } it 'has errors and does not redirect to the bad redirect_uri' do - expect(result.errors[:redirect_uri]). - to include(t('openid_connect.authorization.errors.redirect_uri_no_match')) + expect(result.errors[:redirect_uri]) + .to include(t('openid_connect.authorization.errors.redirect_uri_no_match')) expect(result.extra[:redirect_uri]).to be_nil end @@ -107,8 +107,8 @@ it 'is invalid' do expect(form.vtr).to be_nil expect(form.valid?).to eq(false) - expect(form.errors[:acr_values]). - to include(t('openid_connect.authorization.errors.no_valid_acr_values')) + expect(form.errors[:acr_values]) + .to include(t('openid_connect.authorization.errors.no_valid_acr_values')) expect(form.errors[:vtr]).to be_empty end end @@ -150,8 +150,8 @@ it 'has errors' do expect(valid?).to eq(false) - expect(form.errors[:vtr]). - to include(t('openid_connect.authorization.errors.no_valid_vtr')) + expect(form.errors[:vtr]) + .to include(t('openid_connect.authorization.errors.no_valid_vtr')) end end @@ -160,8 +160,8 @@ let(:vtr) { nil } it 'has errors' do expect(valid?).to eq(false) - expect(form.errors[:acr_values]). - to include(t('openid_connect.authorization.errors.no_valid_acr_values')) + expect(form.errors[:acr_values]) + .to include(t('openid_connect.authorization.errors.no_valid_acr_values')) end end @@ -171,8 +171,8 @@ it 'has errors' do expect(valid?).to eq(false) - expect(form.errors[:acr_values]). - to include(t('openid_connect.authorization.errors.no_auth')) + expect(form.errors[:acr_values]) + .to include(t('openid_connect.authorization.errors.no_auth')) end end @@ -182,8 +182,8 @@ let(:client_id) { 'urn:gov:gsa:openidconnect:test:loa1' } it 'has errors' do expect(valid?).to eq(false) - expect(form.errors[:acr_values]). - to include(t('openid_connect.authorization.errors.no_auth')) + expect(form.errors[:acr_values]) + .to include(t('openid_connect.authorization.errors.no_auth')) end end @@ -193,8 +193,8 @@ it 'has errors' do expect(valid?).to eq(false) - expect(form.errors[:acr_values]). - to include(t('openid_connect.authorization.errors.no_valid_acr_values')) + expect(form.errors[:acr_values]) + .to include(t('openid_connect.authorization.errors.no_valid_acr_values')) end context 'with a known IAL value' do @@ -218,8 +218,8 @@ context 'with a service provider not in the allow list' do it 'has errors' do expect(valid?).to eq false - expect(form.errors[:acr_values]). - to include(t('openid_connect.authorization.errors.no_auth')) + expect(form.errors[:acr_values]) + .to include(t('openid_connect.authorization.errors.no_auth')) end end @@ -249,8 +249,8 @@ it 'fails with a not authorized error' do expect(form).not_to be_valid - expect(form.errors[:acr_values]). - to include(t('openid_connect.authorization.errors.no_auth')) + expect(form.errors[:acr_values]) + .to include(t('openid_connect.authorization.errors.no_auth')) end end @@ -282,8 +282,8 @@ let(:vtr) { nil } it 'has errors' do expect(valid?).to eq(false) - expect(form.errors[:acr_values]). - to include(t('openid_connect.authorization.errors.missing_ial')) + expect(form.errors[:acr_values]) + .to include(t('openid_connect.authorization.errors.missing_ial')) end end @@ -291,8 +291,8 @@ let(:client_id) { 'not_a_real_client_id' } it 'has errors' do expect(valid?).to eq(false) - expect(form.errors[:client_id]). - to include(t('openid_connect.authorization.errors.bad_client_id')) + expect(form.errors[:client_id]) + .to include(t('openid_connect.authorization.errors.bad_client_id')) end end @@ -346,8 +346,8 @@ let(:scope) { 'foo bar baz' } it 'has errors' do expect(valid?).to eq(false) - expect(form.errors[:scope]). - to include(t('openid_connect.authorization.errors.no_valid_scope')) + expect(form.errors[:scope]) + .to include(t('openid_connect.authorization.errors.no_valid_scope')) end end @@ -357,8 +357,8 @@ it 'has errors' do allow(IdentityConfig.store).to receive(:unauthorized_scope_enabled).and_return(true) expect(valid?).to eq(false) - expect(form.errors[:scope]). - to include(t('openid_connect.authorization.errors.unauthorized_scope')) + expect(form.errors[:scope]) + .to include(t('openid_connect.authorization.errors.unauthorized_scope')) end end @@ -388,8 +388,8 @@ it 'has errors' do allow(IdentityConfig.store).to receive(:unauthorized_scope_enabled).and_return(true) expect(valid?).to eq(false) - expect(form.errors[:scope]). - to include(t('openid_connect.authorization.errors.unauthorized_scope')) + expect(form.errors[:scope]) + .to include(t('openid_connect.authorization.errors.unauthorized_scope')) end end @@ -403,8 +403,8 @@ let(:redirect_uri) { ':aaaa' } it 'has errors' do expect(valid?).to eq(false) - expect(form.errors[:redirect_uri]). - to include(t('openid_connect.authorization.errors.redirect_uri_invalid')) + expect(form.errors[:redirect_uri]) + .to include(t('openid_connect.authorization.errors.redirect_uri_invalid')) end end @@ -412,8 +412,8 @@ let(:redirect_uri) { 'http://localhost:3000/test' } it 'has errors' do expect(valid?).to eq(false) - expect(form.errors[:redirect_uri]). - to include(t('openid_connect.authorization.errors.redirect_uri_no_match')) + expect(form.errors[:redirect_uri]) + .to include(t('openid_connect.authorization.errors.redirect_uri_no_match')) end end @@ -621,8 +621,8 @@ context 'the issuer is allowed to use verified_within' do before do - allow(IdentityConfig.store).to receive(:allowed_verified_within_providers). - and_return([client_id]) + allow(IdentityConfig.store).to receive(:allowed_verified_within_providers) + .and_return([client_id]) end context 'without a verified_within' do @@ -639,8 +639,8 @@ it 'has errors' do expect(form.valid?).to eq(false) - expect(form.errors[:verified_within]). - to eq(['value must be at least 30 days or older']) + expect(form.errors[:verified_within]) + .to eq(['value must be at least 30 days or older']) end end @@ -665,8 +665,8 @@ context 'the issuer is not allowed to use verified_within' do before do - allow(IdentityConfig.store).to receive(:allowed_verified_within_providers). - and_return([]) + allow(IdentityConfig.store).to receive(:allowed_verified_within_providers) + .and_return([]) end context 'without a verified_within' do @@ -759,8 +759,8 @@ it 'returns a redirect URI with the code from the identity session_uuid' do identity = user.identities.where(service_provider: client_id).first - expect(form.success_redirect_uri). - to eq "#{redirect_uri}?code=#{identity.session_uuid}&state=#{state}" + expect(form.success_redirect_uri) + .to eq "#{redirect_uri}?code=#{identity.session_uuid}&state=#{state}" end it 'logs a hash of the code in the analytics params' do diff --git a/spec/forms/openid_connect_logout_form_spec.rb b/spec/forms/openid_connect_logout_form_spec.rb index aac5a1433eb..60a635f5196 100644 --- a/spec/forms/openid_connect_logout_form_spec.rb +++ b/spec/forms/openid_connect_logout_form_spec.rb @@ -45,8 +45,8 @@ let(:current_user) { nil } before do - allow(IdentityConfig.store).to receive(:reject_id_token_hint_in_logout). - and_return(false) + allow(IdentityConfig.store).to receive(:reject_id_token_hint_in_logout) + .and_return(false) end describe '#submit' do @@ -144,8 +144,8 @@ it 'is not valid' do expect(valid?).to eq(false) - expect(form.errors[:id_token_hint]). - to include(t('openid_connect.logout.errors.id_token_hint')) + expect(form.errors[:id_token_hint]) + .to include(t('openid_connect.logout.errors.id_token_hint')) end end @@ -156,8 +156,8 @@ it 'is not valid' do expect(valid?).to eq(false) - expect(form.errors[:id_token_hint]). - to include(t('openid_connect.logout.errors.id_token_hint')) + expect(form.errors[:id_token_hint]) + .to include(t('openid_connect.logout.errors.id_token_hint')) end end @@ -192,8 +192,8 @@ it 'is not valid' do expect(valid?).to eq(false) - expect(form.errors[:redirect_uri]). - to include(t('openid_connect.authorization.errors.redirect_uri_no_match')) + expect(form.errors[:redirect_uri]) + .to include(t('openid_connect.authorization.errors.redirect_uri_no_match')) end end end @@ -205,8 +205,8 @@ let(:current_user) { nil } before do - allow(IdentityConfig.store).to receive(:reject_id_token_hint_in_logout). - and_return(true) + allow(IdentityConfig.store).to receive(:reject_id_token_hint_in_logout) + .and_return(true) end describe '#submit' do @@ -292,8 +292,8 @@ it 'is not valid' do expect(valid?).to eq(false) - expect(form.errors[:id_token_hint]). - to include(t('openid_connect.logout.errors.id_token_hint_present')) + expect(form.errors[:id_token_hint]) + .to include(t('openid_connect.logout.errors.id_token_hint_present')) end end end @@ -313,8 +313,8 @@ it 'is not valid' do expect(valid?).to eq(false) - expect(form.errors[:redirect_uri]). - to include(t('openid_connect.authorization.errors.redirect_uri_no_match')) + expect(form.errors[:redirect_uri]) + .to include(t('openid_connect.authorization.errors.redirect_uri_no_match')) end end @@ -323,14 +323,14 @@ it 'does not include error about redirect_uri' do expect(valid?).to eq(false) - expect(form.errors[:redirect_uri]). - not_to include(t('openid_connect.authorization.errors.redirect_uri_no_match')) + expect(form.errors[:redirect_uri]) + .not_to include(t('openid_connect.authorization.errors.redirect_uri_no_match')) end it 'is not valid' do expect(valid?).to eq(false) - expect(form.errors[:client_id]). - to include(t('openid_connect.logout.errors.client_id_missing')) + expect(form.errors[:client_id]) + .to include(t('openid_connect.logout.errors.client_id_missing')) end end end diff --git a/spec/forms/openid_connect_token_form_spec.rb b/spec/forms/openid_connect_token_form_spec.rb index e9b8403418c..9af7e585223 100644 --- a/spec/forms/openid_connect_token_form_spec.rb +++ b/spec/forms/openid_connect_token_form_spec.rb @@ -51,8 +51,8 @@ let(:user) { create(:user) } let!(:identity) do - IdentityLinker.new(user, service_provider). - link_identity( + IdentityLinker.new(user, service_provider) + .link_identity( nonce: nonce, rails_session_id: SecureRandom.hex, ial: 1, @@ -138,8 +138,8 @@ it 'is false, and has errors if the sp is set for pkce only mode' do allow_any_instance_of(ServiceProvider).to receive(:pkce).and_return(true) expect(valid?).to eq(false) - expect(form.errors[:code]). - to include(t('openid_connect.token.errors.invalid_authentication')) + expect(form.errors[:code]) + .to include(t('openid_connect.token.errors.invalid_authentication')) end context 'with a trailing slash in the audience url' do @@ -215,8 +215,8 @@ it 'is invalid' do expect(valid?).to eq(false) - expect(form.errors[:client_assertion]). - to include("Invalid issuer. Expected [\"#{client_id}\"], received wrong") + expect(form.errors[:client_assertion]) + .to include("Invalid issuer. Expected [\"#{client_id}\"], received wrong") end end @@ -225,8 +225,8 @@ it 'is invalid' do expect(valid?).to eq(false) - expect(form.errors[:client_assertion]). - to include("Invalid subject. Expected #{client_id}, received wrong") + expect(form.errors[:client_assertion]) + .to include("Invalid subject. Expected #{client_id}, received wrong") end end @@ -276,8 +276,8 @@ it 'is has an error' do expect(valid?).to eq(false) - expect(form.errors[:client_assertion]). - to include(t('openid_connect.token.errors.invalid_signature')) + expect(form.errors[:client_assertion]) + .to include(t('openid_connect.token.errors.invalid_signature')) end end @@ -314,8 +314,8 @@ it 'is false, and has errors if the sp is set for jwt only mode' do allow_any_instance_of(ServiceProvider).to receive(:pkce).and_return(false) expect(valid?).to eq(false) - expect(form.errors[:code]). - to include(t('openid_connect.token.errors.invalid_authentication')) + expect(form.errors[:code]) + .to include(t('openid_connect.token.errors.invalid_authentication')) end end @@ -325,8 +325,8 @@ it 'is not valid' do expect(valid?).to eq(false) - expect(form.errors[:code_verifier]). - to include(t('openid_connect.token.errors.invalid_code_verifier')) + expect(form.errors[:code_verifier]) + .to include(t('openid_connect.token.errors.invalid_code_verifier')) end end @@ -336,8 +336,8 @@ it 'is not valid' do expect(valid?).to eq(false) - expect(form.errors[:code_verifier]). - to include(t('openid_connect.token.errors.invalid_code_verifier')) + expect(form.errors[:code_verifier]) + .to include(t('openid_connect.token.errors.invalid_code_verifier')) end end @@ -362,8 +362,8 @@ it 'is invalid' do expect(valid?).to eq(false) - expect(form.errors[:code]). - to include(t('openid_connect.token.errors.invalid_authentication')) + expect(form.errors[:code]) + .to include(t('openid_connect.token.errors.invalid_authentication')) end end end diff --git a/spec/forms/password_form_spec.rb b/spec/forms/password_form_spec.rb index 74e76e5bffe..c4ea0483c4e 100644 --- a/spec/forms/password_form_spec.rb +++ b/spec/forms/password_form_spec.rb @@ -86,8 +86,8 @@ it 'returns false' do expect(result.success?).to eq false - expect(result.errors[:password_confirmation]). - to include(t('errors.messages.password_mismatch')) + expect(result.errors[:password_confirmation]) + .to include(t('errors.messages.password_mismatch')) end end diff --git a/spec/forms/phone_recaptcha_form_spec.rb b/spec/forms/phone_recaptcha_form_spec.rb index 6ab1d72f91b..332f99650b7 100644 --- a/spec/forms/phone_recaptcha_form_spec.rb +++ b/spec/forms/phone_recaptcha_form_spec.rb @@ -7,10 +7,10 @@ let(:analytics) { FakeAnalytics.new } subject(:form) { described_class.new(parsed_phone:, analytics:) } before do - allow(IdentityConfig.store).to receive(:phone_recaptcha_country_score_overrides). - and_return(country_score_overrides_config) - allow(IdentityConfig.store).to receive(:phone_recaptcha_score_threshold). - and_return(score_threshold_config) + allow(IdentityConfig.store).to receive(:phone_recaptcha_country_score_overrides) + .and_return(country_score_overrides_config) + allow(IdentityConfig.store).to receive(:phone_recaptcha_score_threshold) + .and_return(score_threshold_config) end it 'passes instance variables to form' do @@ -18,16 +18,16 @@ RecaptchaForm, submit: FormResponse.new(success: true), ) - expect(RecaptchaForm).to receive(:new). - with( + expect(RecaptchaForm).to receive(:new) + .with( score_threshold: score_threshold_config, analytics:, recaptcha_action: described_class::RECAPTCHA_ACTION, extra_analytics_properties: { phone_country_code: parsed_phone.country, }, - ). - and_return(recaptcha_form) + ) + .and_return(recaptcha_form) form.submit('token') end diff --git a/spec/forms/recaptcha_enterprise_form_spec.rb b/spec/forms/recaptcha_enterprise_form_spec.rb index 6a133b14570..7d54b9df6f3 100644 --- a/spec/forms/recaptcha_enterprise_form_spec.rb +++ b/spec/forms/recaptcha_enterprise_form_spec.rb @@ -27,12 +27,12 @@ end before do - allow(IdentityConfig.store).to receive(:recaptcha_enterprise_project_id). - and_return(recaptcha_enterprise_project_id) - allow(IdentityConfig.store).to receive(:recaptcha_enterprise_api_key). - and_return(recaptcha_enterprise_api_key) - allow(IdentityConfig.store).to receive(:recaptcha_site_key). - and_return(recaptcha_site_key) + allow(IdentityConfig.store).to receive(:recaptcha_enterprise_project_id) + .and_return(recaptcha_enterprise_project_id) + allow(IdentityConfig.store).to receive(:recaptcha_enterprise_api_key) + .and_return(recaptcha_enterprise_api_key) + allow(IdentityConfig.store).to receive(:recaptcha_site_key) + .and_return(recaptcha_site_key) end describe '#exempt?' do @@ -425,10 +425,10 @@ end def stub_recaptcha_response(body:, action:, site_key: recaptcha_site_key, token: nil) - stub_request(:post, assessment_url). - with do |req| + stub_request(:post, assessment_url) + .with do |req| req.body == { event: { token:, siteKey: site_key, expectedAction: action } }.to_json - end. - to_return(headers: { 'Content-Type': 'application/json' }, body: body.to_json) + end + .to_return(headers: { 'Content-Type': 'application/json' }, body: body.to_json) end end diff --git a/spec/forms/recaptcha_form_spec.rb b/spec/forms/recaptcha_form_spec.rb index 63bf1096e7d..eeb833905f5 100644 --- a/spec/forms/recaptcha_form_spec.rb +++ b/spec/forms/recaptcha_form_spec.rb @@ -12,8 +12,8 @@ end before do - allow(IdentityConfig.store).to receive(:recaptcha_secret_key). - and_return(recaptcha_secret_key) + allow(IdentityConfig.store).to receive(:recaptcha_secret_key) + .and_return(recaptcha_secret_key) end describe '#exempt?' do @@ -344,8 +344,8 @@ end def stub_recaptcha_response(body:, secret: recaptcha_secret_key, token: nil) - stub_request(:post, RecaptchaForm::VERIFICATION_ENDPOINT). - with { |req| req.body == URI.encode_www_form(secret:, response: token) }. - to_return(headers: { 'Content-Type': 'application/json' }, body: body.to_json) + stub_request(:post, RecaptchaForm::VERIFICATION_ENDPOINT) + .with { |req| req.body == URI.encode_www_form(secret:, response: token) } + .to_return(headers: { 'Content-Type': 'application/json' }, body: body.to_json) end end diff --git a/spec/forms/register_user_email_form_spec.rb b/spec/forms/register_user_email_form_spec.rb index bb9d4a6b72b..d1aead02e72 100644 --- a/spec/forms/register_user_email_form_spec.rb +++ b/spec/forms/register_user_email_form_spec.rb @@ -160,9 +160,9 @@ it 'sends confirmation instructions to existing user' do expect(send_sign_up_email_confirmation).to receive(:call) - expect(SendSignUpEmailConfirmation).to receive(:new). - with(existing_user). - and_return(send_sign_up_email_confirmation) + expect(SendSignUpEmailConfirmation).to receive(:new) + .with(existing_user) + .and_return(send_sign_up_email_confirmation) result = subject.submit(params).to_h @@ -195,8 +195,8 @@ it 'creates rate_limiter events after reaching rate_limiter limit' do 1.upto(rate_limit) do |i| - RegisterUserEmailForm.new(analytics:). - submit( + RegisterUserEmailForm.new(analytics:) + .submit( email: "taken+#{i}@gmail.com", terms_accepted: '1', ) end @@ -216,8 +216,8 @@ send_sign_up_email_confirmation = instance_double(SendSignUpEmailConfirmation) expect(send_sign_up_email_confirmation).to receive(:call) - expect(SendSignUpEmailConfirmation).to receive(:new). - and_return(send_sign_up_email_confirmation) + expect(SendSignUpEmailConfirmation).to receive(:new) + .and_return(send_sign_up_email_confirmation) result = subject.submit(email: email_address.email, terms_accepted: '1') uuid = result.extra[:user_id] @@ -265,8 +265,8 @@ it 'creates rate_limiter events after reaching rate_limiter limit' do 1.upto(rate_limit) do |i| - RegisterUserEmailForm.new(analytics:). - submit(params.merge(email: "taken+#{i}@gmail.com")) + RegisterUserEmailForm.new(analytics:) + .submit(params.merge(email: "taken+#{i}@gmail.com")) end expect(analytics).to have_logged_event( diff --git a/spec/forms/security_event_form_spec.rb b/spec/forms/security_event_form_spec.rb index 4056c01d4d0..19241a31a5f 100644 --- a/spec/forms/security_event_form_spec.rb +++ b/spec/forms/security_event_form_spec.rb @@ -73,8 +73,8 @@ context 'reset_password_on_auth_fraud_event is enabled' do before do allow(IdentityConfig.store).to( - receive(:reset_password_on_auth_fraud_event). - and_return(true), + receive(:reset_password_on_auth_fraud_event) + .and_return(true), ) end @@ -86,8 +86,8 @@ context 'reset_password_on_auth_fraud_event is disabled' do before do allow(IdentityConfig.store).to( - receive(:reset_password_on_auth_fraud_event). - and_return(false), + receive(:reset_password_on_auth_fraud_event) + .and_return(false), ) end @@ -97,8 +97,8 @@ end it 'creates a password_invalidated event' do - expect { submit }. - to(change { user.events.password_invalidated.size }.from(0).to(1)) + expect { submit } + .to(change { user.events.password_invalidated.size }.from(0).to(1)) end end @@ -246,8 +246,8 @@ it 'is invalid' do expect(valid?).to eq(false) expect(form.error_code).to eq('jwtAud') - expect(form.errors[:aud]). - to include("invalid aud claim, expected #{api_risc_security_events_url}") + expect(form.errors[:aud]) + .to include("invalid aud claim, expected #{api_risc_security_events_url}") end end end diff --git a/spec/forms/select_email_form_spec.rb b/spec/forms/select_email_form_spec.rb index 539fd7ef340..9775d56ed8c 100644 --- a/spec/forms/select_email_form_spec.rb +++ b/spec/forms/select_email_form_spec.rb @@ -21,9 +21,9 @@ let(:identity) { create(:service_provider_identity, :consented, user:) } it 'updates linked email address' do - expect { response }.to change { identity.reload.email_address_id }. - from(nil). - to(selected_email_id) + expect { response }.to change { identity.reload.email_address_id } + .from(nil) + .to(selected_email_id) end end end diff --git a/spec/forms/sign_in_recaptcha_form_spec.rb b/spec/forms/sign_in_recaptcha_form_spec.rb index 6887ab3b187..428c3cc7593 100644 --- a/spec/forms/sign_in_recaptcha_form_spec.rb +++ b/spec/forms/sign_in_recaptcha_form_spec.rb @@ -21,8 +21,8 @@ ) end before do - allow(IdentityConfig.store).to receive(:sign_in_recaptcha_score_threshold). - and_return(score_threshold_config) + allow(IdentityConfig.store).to receive(:sign_in_recaptcha_score_threshold) + .and_return(score_threshold_config) end it 'passes instance variables to form' do @@ -30,14 +30,14 @@ RecaptchaMockForm, submit: FormResponse.new(success: true), ) - expect(RecaptchaMockForm).to receive(:new). - with( + expect(RecaptchaMockForm).to receive(:new) + .with( score_threshold: score_threshold_config, score:, analytics:, recaptcha_action: described_class::RECAPTCHA_ACTION, - ). - and_return(recaptcha_form) + ) + .and_return(recaptcha_form) form.submit(recaptcha_token:) end diff --git a/spec/forms/totp_setup_form_spec.rb b/spec/forms/totp_setup_form_spec.rb index 6e2dcd7ac8f..4f8670ebef7 100644 --- a/spec/forms/totp_setup_form_spec.rb +++ b/spec/forms/totp_setup_form_spec.rb @@ -26,8 +26,8 @@ end it 'sends a recovery information changed event' do - expect(PushNotification::HttpPush).to receive(:deliver). - with(PushNotification::RecoveryInformationChangedEvent.new(user: user)) + expect(PushNotification::HttpPush).to receive(:deliver) + .with(PushNotification::RecoveryInformationChangedEvent.new(user: user)) form = TotpSetupForm.new(user, secret, code, name) form.submit diff --git a/spec/forms/update_user_password_form_spec.rb b/spec/forms/update_user_password_form_spec.rb index d9a01f90637..8a44793b200 100644 --- a/spec/forms/update_user_password_form_spec.rb +++ b/spec/forms/update_user_password_form_spec.rb @@ -81,8 +81,8 @@ it 'encrypts the active profile' do encryptor = instance_double(UserProfilesEncryptor) - allow(UserProfilesEncryptor).to receive(:new). - with(user: user, user_session: user_session, password: password).and_return(encryptor) + allow(UserProfilesEncryptor).to receive(:new) + .with(user: user, user_session: user_session, password: password).and_return(encryptor) allow(encryptor).to receive(:encrypt) subject.submit(params) @@ -111,8 +111,8 @@ it 'encrypts the pending profile' do encryptor = instance_double(UserProfilesEncryptor) - allow(UserProfilesEncryptor).to receive(:new). - with(user: user, user_session: user_session, password: password).and_return(encryptor) + allow(UserProfilesEncryptor).to receive(:new) + .with(user: user, user_session: user_session, password: password).and_return(encryptor) allow(encryptor).to receive(:encrypt) subject.submit(params) diff --git a/spec/forms/user_piv_cac_setup_form_spec.rb b/spec/forms/user_piv_cac_setup_form_spec.rb index 41130f6ef03..7e391df4166 100644 --- a/spec/forms/user_piv_cac_setup_form_spec.rb +++ b/spec/forms/user_piv_cac_setup_form_spec.rb @@ -28,8 +28,8 @@ result = instance_double(FormResponse) extra = { multi_factor_auth_method: 'piv_cac', key_id: 'foo' } - expect(FormResponse).to receive(:new). - with(success: true, errors: {}, extra: extra).and_return(result) + expect(FormResponse).to receive(:new) + .with(success: true, errors: {}, extra: extra).and_return(result) expect(form.submit).to eq result user.reload expect(TwoFactorAuthentication::PivCacPolicy.new(user).enabled?).to eq true @@ -37,8 +37,8 @@ end it 'sends a recovery information changed event' do - expect(PushNotification::HttpPush).to receive(:deliver). - with(PushNotification::RecoveryInformationChangedEvent.new(user: user)) + expect(PushNotification::HttpPush).to receive(:deliver) + .with(PushNotification::RecoveryInformationChangedEvent.new(user: user)) form.submit end @@ -50,8 +50,8 @@ result = instance_double(FormResponse) extra = { multi_factor_auth_method: 'piv_cac', key_id: 'foo' } - expect(FormResponse).to receive(:new). - with(success: true, errors: {}, extra: extra).and_return(result) + expect(FormResponse).to receive(:new) + .with(success: true, errors: {}, extra: extra).and_return(result) expect(form.submit).to eq result expect(TwoFactorAuthentication::PivCacPolicy.new(user.reload).enabled?).to eq true end @@ -65,9 +65,9 @@ result = instance_double(FormResponse) extra = { multi_factor_auth_method: 'piv_cac', key_id: 'foo' } - expect(FormResponse).to receive(:new). - with(success: false, errors: { type: 'piv_cac.already_associated' }, - extra: extra).and_return(result) + expect(FormResponse).to receive(:new) + .with(success: false, errors: { type: 'piv_cac.already_associated' }, + extra: extra).and_return(result) expect(form.submit).to eq result expect(TwoFactorAuthentication::PivCacPolicy.new(user.reload).enabled?).to eq false expect(form.error_type).to eq 'piv_cac.already_associated' @@ -85,8 +85,8 @@ result = instance_double(FormResponse) extra = { multi_factor_auth_method: 'piv_cac', key_id: 'foo' } - expect(FormResponse).to receive(:new). - with(success: false, errors: { type: 'token.bad' }, extra: extra).and_return(result) + expect(FormResponse).to receive(:new) + .with(success: false, errors: { type: 'token.bad' }, extra: extra).and_return(result) expect(form.submit).to eq result expect(TwoFactorAuthentication::PivCacPolicy.new(user.reload).enabled?).to eq false expect(form.error_type).to eq 'token.bad' @@ -104,8 +104,8 @@ result = instance_double(FormResponse) extra = { multi_factor_auth_method: 'piv_cac', key_id: 'foo' } - expect(FormResponse).to receive(:new). - with(success: false, errors: { type: 'token.invalid' }, extra: extra).and_return(result) + expect(FormResponse).to receive(:new) + .with(success: false, errors: { type: 'token.invalid' }, extra: extra).and_return(result) expect(form.submit).to eq result expect(form.error_type).to eq 'token.invalid' end @@ -118,8 +118,8 @@ result = instance_double(FormResponse) extra = { multi_factor_auth_method: 'piv_cac', key_id: nil } - expect(FormResponse).to receive(:new). - with(success: false, errors: {}, extra: extra).and_return(result) + expect(FormResponse).to receive(:new) + .with(success: false, errors: {}, extra: extra).and_return(result) expect(form.submit).to eq result expect(TwoFactorAuthentication::PivCacPolicy.new(user.reload).enabled?).to eq false end diff --git a/spec/forms/webauthn_setup_form_spec.rb b/spec/forms/webauthn_setup_form_spec.rb index f2cc7fee99b..f9d9227b5f1 100644 --- a/spec/forms/webauthn_setup_form_spec.rb +++ b/spec/forms/webauthn_setup_form_spec.rb @@ -55,13 +55,13 @@ user.reload expect(user.webauthn_configurations.roaming_authenticators.count).to eq(1) - expect(user.webauthn_configurations.roaming_authenticators.first.transports). - to eq(['usb']) + expect(user.webauthn_configurations.roaming_authenticators.first.transports) + .to eq(['usb']) end it 'sends a recovery information changed event' do - expect(PushNotification::HttpPush).to receive(:deliver). - with(PushNotification::RecoveryInformationChangedEvent.new(user: user)) + expect(PushNotification::HttpPush).to receive(:deliver) + .with(PushNotification::RecoveryInformationChangedEvent.new(user: user)) subject.submit(params) end @@ -220,8 +220,8 @@ context 'when the attestation response raises an error' do before do - allow(WebAuthn::AttestationStatement). - to receive(:from).and_raise(WebAuthn::AuthenticatorDataFormatError) + allow(WebAuthn::AttestationStatement) + .to receive(:from).and_raise(WebAuthn::AuthenticatorDataFormatError) end it 'returns false with an error when the attestation response raises an error' do @@ -300,8 +300,8 @@ expect(user.webauthn_configurations.platform_authenticators.count).to eq(2) expect( user.webauthn_configurations.platform_authenticators[1].name, - ). - to eq("#{device_name} (1)") + ) + .to eq("#{device_name} (1)") expect(result.to_h[:success]).to eq(true) end end @@ -325,8 +325,8 @@ expect(result.success?).to eq(true) expect(user.webauthn_configurations.platform_authenticators.count).to eq(3) - expect(user.webauthn_configurations.platform_authenticators.last.name). - to eq("#{device_name} (2)") + expect(user.webauthn_configurations.platform_authenticators.last.name) + .to eq("#{device_name} (2)") end end end diff --git a/spec/forms/webauthn_verification_form_spec.rb b/spec/forms/webauthn_verification_form_spec.rb index 5bbeca9a9d2..31ece588fdb 100644 --- a/spec/forms/webauthn_verification_form_spec.rb +++ b/spec/forms/webauthn_verification_form_spec.rb @@ -310,8 +310,8 @@ context 'when verification raises OpenSSL exception' do before do - allow_any_instance_of(WebAuthn::AuthenticatorAssertionResponse).to receive(:verify). - and_raise(OpenSSL::PKey::PKeyError) + allow_any_instance_of(WebAuthn::AuthenticatorAssertionResponse).to receive(:verify) + .and_raise(OpenSSL::PKey::PKeyError) end it 'returns unsucessful result' do diff --git a/spec/helpers/application_helper_spec.rb b/spec/helpers/application_helper_spec.rb index 317cf5536c8..493d9ee694f 100644 --- a/spec/helpers/application_helper_spec.rb +++ b/spec/helpers/application_helper_spec.rb @@ -21,8 +21,8 @@ let(:raise_on_missing_title) { nil } before do - allow(IdentityConfig.store).to receive(:raise_on_missing_title). - and_return(raise_on_missing_title) + allow(IdentityConfig.store).to receive(:raise_on_missing_title) + .and_return(raise_on_missing_title) end context 'configured not to raise on missing title' do diff --git a/spec/helpers/locale_helper_spec.rb b/spec/helpers/locale_helper_spec.rb index 356aa61e928..b4ab33faee7 100644 --- a/spec/helpers/locale_helper_spec.rb +++ b/spec/helpers/locale_helper_spec.rb @@ -73,8 +73,8 @@ end it 'warns about a bad email_language' do - expect(Rails.logger).to receive(:warn). - with("user_id=#{user.uuid} has bad email_language=#{user.email_language}") + expect(Rails.logger).to receive(:warn) + .with("user_id=#{user.uuid} has bad email_language=#{user.email_language}") subject end diff --git a/spec/helpers/script_helper_spec.rb b/spec/helpers/script_helper_spec.rb index a13e12aa403..432550d65af 100644 --- a/spec/helpers/script_helper_spec.rb +++ b/spec/helpers/script_helper_spec.rb @@ -20,15 +20,15 @@ before do javascript_packs_tag_once('application') javascript_packs_tag_once('document-capture', 'document-capture') - allow(Rails.application.config.asset_sources).to receive(:get_sources). - with('application').and_return(['/application.js']) - allow(Rails.application.config.asset_sources).to receive(:get_sources). - with('document-capture').and_return(['/document-capture.js']) + allow(Rails.application.config.asset_sources).to receive(:get_sources) + .with('application').and_return(['/application.js']) + allow(Rails.application.config.asset_sources).to receive(:get_sources) + .with('document-capture').and_return(['/document-capture.js']) allow(Rails.application.config.asset_sources).to receive(:get_assets).with( 'application', 'document-capture', - ). - and_return(['clock.svg', 'sprite.svg']) + ) + .and_return(['clock.svg', 'sprite.svg']) end it 'prints asset paths sources' do @@ -91,9 +91,9 @@ context 'with script integrity available' do before do allow(Rails.application.config.asset_sources).to receive(:get_integrity).and_return(nil) - allow(Rails.application.config.asset_sources).to receive(:get_integrity). - with('/application.js'). - and_return('sha256-aztp/wpATyjXXpigZtP8ZP/9mUCHDMaL7OKFRbmnUIazQ9ehNmg4CD5Ljzym/TyA') + allow(Rails.application.config.asset_sources).to receive(:get_integrity) + .with('/application.js') + .and_return('sha256-aztp/wpATyjXXpigZtP8ZP/9mUCHDMaL7OKFRbmnUIazQ9ehNmg4CD5Ljzym/TyA') end it 'adds integrity attribute' do @@ -122,11 +122,11 @@ context 'with attributes' do before do javascript_packs_tag_once('track-errors', defer: true) - allow(Rails.application.config.asset_sources).to receive(:get_sources). - with('track-errors').and_return(['/track-errors.js']) - allow(Rails.application.config.asset_sources).to receive(:get_assets). - with('application', 'document-capture', 'track-errors'). - and_return([]) + allow(Rails.application.config.asset_sources).to receive(:get_sources) + .with('track-errors').and_return(['/track-errors.js']) + allow(Rails.application.config.asset_sources).to receive(:get_assets) + .with('application', 'document-capture', 'track-errors') + .and_return([]) end it 'adds attribute' do @@ -147,11 +147,11 @@ url_params: { agency: 'gsa' }, async: true, ) - allow(Rails.application.config.asset_sources).to receive(:get_sources). - with('digital-analytics-program').and_return(['/digital-analytics-program.js']) - allow(Rails.application.config.asset_sources).to receive(:get_assets). - with('application', 'document-capture', 'digital-analytics-program'). - and_return([]) + allow(Rails.application.config.asset_sources).to receive(:get_sources) + .with('digital-analytics-program').and_return(['/digital-analytics-program.js']) + allow(Rails.application.config.asset_sources).to receive(:get_assets) + .with('application', 'document-capture', 'digital-analytics-program') + .and_return([]) end it 'includes url parameters in script url for the pack' do @@ -205,8 +205,8 @@ context 'with named scripts argument' do before do - allow(Rails.application.config.asset_sources).to receive(:get_sources).with('application'). - and_return(['/application.js']) + allow(Rails.application.config.asset_sources).to receive(:get_sources).with('application') + .and_return(['/application.js']) end it 'enqueues those scripts before printing them' do diff --git a/spec/helpers/threat_metrix_helper_spec.rb b/spec/helpers/threat_metrix_helper_spec.rb index d0cf955a2b0..be4a52bb204 100644 --- a/spec/helpers/threat_metrix_helper_spec.rb +++ b/spec/helpers/threat_metrix_helper_spec.rb @@ -6,18 +6,18 @@ describe '#threatmetrix_javascript_urls' do let(:session_id) { '1234' } before do - allow(IdentityConfig.store). - to receive(:lexisnexis_threatmetrix_org_id). - and_return('test_id') + allow(IdentityConfig.store) + .to receive(:lexisnexis_threatmetrix_org_id) + .and_return('test_id') - allow(Rails.application.config.asset_sources).to receive(:get_sources). - with('mock-device-profiling').and_return(['/mock-device-profiling.js']) + allow(Rails.application.config.asset_sources).to receive(:get_sources) + .with('mock-device-profiling').and_return(['/mock-device-profiling.js']) end context 'mock is enabled' do before do - allow(IdentityConfig.store). - to receive(:lexisnexis_threatmetrix_mock_enabled). - and_return(true) + allow(IdentityConfig.store) + .to receive(:lexisnexis_threatmetrix_mock_enabled) + .and_return(true) end it 'should return mock config source' do sources = threatmetrix_javascript_urls(session_id) @@ -26,14 +26,14 @@ end context 'mock is not enabled' do before do - allow(IdentityConfig.store). - to receive(:lexisnexis_threatmetrix_mock_enabled). - and_return(false) + allow(IdentityConfig.store) + .to receive(:lexisnexis_threatmetrix_mock_enabled) + .and_return(false) end it 'should return actual url' do javascript_sources = threatmetrix_javascript_urls(session_id) - expect(javascript_sources). - to eq(['https://h.online-metrix.net/fp/tags.js?org_id=test_id&session_id=1234']) + expect(javascript_sources) + .to eq(['https://h.online-metrix.net/fp/tags.js?org_id=test_id&session_id=1234']) end end end @@ -41,36 +41,36 @@ describe '#threatmetrix_iframe_url' do let(:session_id) { '1234' } before do - allow(IdentityConfig.store). - to receive(:lexisnexis_threatmetrix_org_id). - and_return('test_id') + allow(IdentityConfig.store) + .to receive(:lexisnexis_threatmetrix_org_id) + .and_return('test_id') - allow(Rails.application.config.asset_sources).to receive(:get_sources). - with('mock-device-profiling').and_return(['/mock-device-profiling.js']) + allow(Rails.application.config.asset_sources).to receive(:get_sources) + .with('mock-device-profiling').and_return(['/mock-device-profiling.js']) end context 'mock is enabled' do before do - allow(IdentityConfig.store). - to receive(:lexisnexis_threatmetrix_mock_enabled). - and_return(true) + allow(IdentityConfig.store) + .to receive(:lexisnexis_threatmetrix_mock_enabled) + .and_return(true) end it 'should return mock javascript config' do iframe_sources = threatmetrix_iframe_url(session_id) - expect(iframe_sources). - to eq('http://www.example.com/test/device_profiling?org_id=test_id&session_id=1234') + expect(iframe_sources) + .to eq('http://www.example.com/test/device_profiling?org_id=test_id&session_id=1234') end end context 'mock is not enabled' do before do - allow(IdentityConfig.store). - to receive(:lexisnexis_threatmetrix_mock_enabled). - and_return(false) + allow(IdentityConfig.store) + .to receive(:lexisnexis_threatmetrix_mock_enabled) + .and_return(false) end it 'should return mock config source' do iframe_sources = threatmetrix_iframe_url(session_id) - expect(iframe_sources). - to eq('https://h.online-metrix.net/fp/tags?org_id=test_id&session_id=1234') + expect(iframe_sources) + .to eq('https://h.online-metrix.net/fp/tags?org_id=test_id&session_id=1234') end end end diff --git a/spec/i18n_spec.rb b/spec/i18n_spec.rb index 960aa40598c..105eab71d2f 100644 --- a/spec/i18n_spec.rb +++ b/spec/i18n_spec.rb @@ -246,9 +246,9 @@ def allowed_untranslated_key?(locale, key) # most common interpolation arguments is the correct one. We then take the keys # in the remaining groups and add them to the missing keys list. keys = - interpolation_arguments.group_by { |_k, v| v }. - sort_by { |_k, v| v.length * -1 }.drop(1). - flat_map { |x| x[1] }.to_h.keys + interpolation_arguments.group_by { |_k, v| v } + .sort_by { |_k, v| v.length * -1 }.drop(1) + .flat_map { |x| x[1] }.to_h.keys missing_interpolation_argument_locale_keys += keys end @@ -301,8 +301,8 @@ def allowed_untranslated_key?(locale, key) root_dir = File.expand_path(File.join(File.dirname(__FILE__), '../')) - ([File.join(root_dir, '/config/locales')] + Dir[File.join(root_dir, '/config/locales/**')]). - sort.each do |group_path| + ([File.join(root_dir, '/config/locales')] + Dir[File.join(root_dir, '/config/locales/**')]) + .sort.each do |group_path| i18n_group = group_path.sub("#{root_dir}/", '') describe i18n_group do @@ -411,8 +411,8 @@ def likely_html_interpolation?(str) end def extract_interpolation_arguments(translation) - translation.scan(I18n::INTERPOLATION_PATTERN). - map(&:compact).map(&:first).to_set + translation.scan(I18n::INTERPOLATION_PATTERN) + .map(&:compact).map(&:first).to_set end def flatten_hash(hash, flatten_arrays: true, parent_keys: [], out_hash: {}) diff --git a/spec/jobs/account_creation_threat_metrix_job_spec.rb b/spec/jobs/account_creation_threat_metrix_job_spec.rb index 091df7d8fda..deb21ec8696 100644 --- a/spec/jobs/account_creation_threat_metrix_job_spec.rb +++ b/spec/jobs/account_creation_threat_metrix_job_spec.rb @@ -12,12 +12,12 @@ let(:job_analytics) { FakeAnalytics.new } before do - allow(IdentityConfig.store).to receive(:account_creation_device_profiling). - and_return(authentication_device_profiling) - allow(IdentityConfig.store).to receive(:lexisnexis_threatmetrix_mock_enabled). - and_return(lexisnexis_threatmetrix_mock_enabled) - allow(IdentityConfig.store).to receive(:lexisnexis_threatmetrix_base_url). - and_return('https://www.example.com') + allow(IdentityConfig.store).to receive(:account_creation_device_profiling) + .and_return(authentication_device_profiling) + allow(IdentityConfig.store).to receive(:lexisnexis_threatmetrix_mock_enabled) + .and_return(lexisnexis_threatmetrix_mock_enabled) + allow(IdentityConfig.store).to receive(:lexisnexis_threatmetrix_base_url) + .and_return('https://www.example.com') allow(instance).to receive(:analytics).and_return(job_analytics) end diff --git a/spec/jobs/data_warehouse/daily_sensitive_column_report_spec.rb b/spec/jobs/data_warehouse/daily_sensitive_column_report_spec.rb index 5c81de89a0b..8ee01850e74 100644 --- a/spec/jobs/data_warehouse/daily_sensitive_column_report_spec.rb +++ b/spec/jobs/data_warehouse/daily_sensitive_column_report_spec.rb @@ -66,8 +66,8 @@ allow(Identity::Hostdata).to receive(:env).and_return('int') allow(Identity::Hostdata).to receive(:aws_account_id).and_return('1234') allow(Identity::Hostdata).to receive(:aws_region).and_return('us-west-1') - allow(IdentityConfig.store).to receive(:s3_idp_dw_tasks). - and_return(s3_idp_dw_tasks) + allow(IdentityConfig.store).to receive(:s3_idp_dw_tasks) + .and_return(s3_idp_dw_tasks) Aws.config[:s3] = { stub_responses: { diff --git a/spec/jobs/data_warehouse/table_summary_stats_export_job_spec.rb b/spec/jobs/data_warehouse/table_summary_stats_export_job_spec.rb index 980f93ce836..da6f88bf8f6 100644 --- a/spec/jobs/data_warehouse/table_summary_stats_export_job_spec.rb +++ b/spec/jobs/data_warehouse/table_summary_stats_export_job_spec.rb @@ -29,10 +29,10 @@ allow(Identity::Hostdata).to receive(:env).and_return('int') allow(Identity::Hostdata).to receive(:aws_account_id).and_return('1234') allow(Identity::Hostdata).to receive(:aws_region).and_return('us-west-1') - allow(IdentityConfig.store).to receive(:s3_data_warehouse_bucket_prefix). - and_return(s3_data_warehouse_bucket_prefix) - allow(IdentityConfig.store).to receive(:data_warehouse_enabled). - and_return(data_warehouse_enabled) + allow(IdentityConfig.store).to receive(:s3_data_warehouse_bucket_prefix) + .and_return(s3_data_warehouse_bucket_prefix) + allow(IdentityConfig.store).to receive(:data_warehouse_enabled) + .and_return(data_warehouse_enabled) Aws.config[:s3] = { stub_responses: { put_object: {}, @@ -50,8 +50,8 @@ let(:data_warehouse_enabled) { false } it 'does not perform the job' do - allow(IdentityConfig.store).to receive(:data_warehouse_enabled). - and_return(data_warehouse_enabled) + allow(IdentityConfig.store).to receive(:data_warehouse_enabled) + .and_return(data_warehouse_enabled) expect(job).not_to receive(:fetch_table_max_ids_and_counts) expect(job).not_to receive(:upload_file_to_s3_bucket) end @@ -85,8 +85,8 @@ before do allow(ActiveRecord::Base.connection).to receive(:tables).and_return(['non_id_table']) - allow(ActiveRecord::Base.connection).to receive(:columns).with('non_id_table'). - and_return([double(name: 'name')]) + allow(ActiveRecord::Base.connection).to receive(:columns).with('non_id_table') + .and_return([double(name: 'name')]) end it 'skips tables without an id column' do diff --git a/spec/jobs/fraud_rejection_daily_job_spec.rb b/spec/jobs/fraud_rejection_daily_job_spec.rb index 52bfbd1daa9..4c87e8ef5b8 100644 --- a/spec/jobs/fraud_rejection_daily_job_spec.rb +++ b/spec/jobs/fraud_rejection_daily_job_spec.rb @@ -11,8 +11,8 @@ rejected_profiles = Profile.where.not(fraud_rejection_at: nil) - allow(job).to receive(:analytics).with(user: rejectedable_profile.user). - and_return(job_analytics) + allow(job).to receive(:analytics).with(user: rejectedable_profile.user) + .and_return(job_analytics) expect { job.perform(Time.zone.today) }.to change { rejected_profiles.count }.by(1) expect(job_analytics).to have_logged_event( diff --git a/spec/jobs/get_usps_proofing_results_job_spec.rb b/spec/jobs/get_usps_proofing_results_job_spec.rb index 48282d9c7ad..99ff7bfaa0a 100644 --- a/spec/jobs/get_usps_proofing_results_job_spec.rb +++ b/spec/jobs/get_usps_proofing_results_job_spec.rb @@ -2608,8 +2608,8 @@ context 'when the results delay is configured to be negative time' do before do - allow(IdentityConfig.store).to receive(:in_person_results_delay_in_hours). - and_return(-1) + allow(IdentityConfig.store).to receive(:in_person_results_delay_in_hours) + .and_return(-1) end context 'when the USPS proofing results has a passed status' do @@ -2637,8 +2637,8 @@ context 'when the results delay is not configured' do before do - allow(IdentityConfig.store).to receive(:in_person_results_delay_in_hours). - and_return(nil) + allow(IdentityConfig.store).to receive(:in_person_results_delay_in_hours) + .and_return(nil) end context 'when the USPS proofing results has a passed status' do diff --git a/spec/jobs/get_usps_ready_proofing_results_job_spec.rb b/spec/jobs/get_usps_ready_proofing_results_job_spec.rb index 0500a8fb50c..4c070bd93e2 100644 --- a/spec/jobs/get_usps_ready_proofing_results_job_spec.rb +++ b/spec/jobs/get_usps_ready_proofing_results_job_spec.rb @@ -14,8 +14,8 @@ ) ActiveJob::Base.queue_adapter = :test allow(job).to receive(:analytics).and_return(job_analytics) - allow(IdentityConfig.store).to receive(:get_usps_proofing_results_job_reprocess_delay_minutes). - and_return(reprocess_delay_minutes) + allow(IdentityConfig.store).to receive(:get_usps_proofing_results_job_reprocess_delay_minutes) + .and_return(reprocess_delay_minutes) stub_const( 'GetUspsProofingResultsJob::REQUEST_DELAY_IN_SECONDS', request_delay_ms / GetUspsProofingResultsJob::MILLISECONDS_PER_SECOND, @@ -35,9 +35,9 @@ it 'requests the enrollments that need their status checked' do freeze_time do expect(InPersonEnrollment).to( - receive(:needs_status_check_on_ready_enrollments). - with(...reprocess_delay_minutes.minutes.ago). - and_return(InPersonEnrollment.all), + receive(:needs_status_check_on_ready_enrollments) + .with(...reprocess_delay_minutes.minutes.ago) + .and_return(InPersonEnrollment.all), ) job.perform(Time.zone.now) @@ -61,8 +61,8 @@ job.perform(Time.zone.now) - expect(InPersonEnrollment.where.not(status_check_attempted_at: nil).pluck(:id)). - to(match_array(ready_ids)) + expect(InPersonEnrollment.where.not(status_check_attempted_at: nil).pluck(:id)) + .to(match_array(ready_ids)) expect(job_analytics).to have_logged_event( 'GetUspsProofingResultsJob: Job started', enrollments_count: 6, diff --git a/spec/jobs/get_usps_waiting_proofing_results_job_spec.rb b/spec/jobs/get_usps_waiting_proofing_results_job_spec.rb index 57bf43b1389..3a2b2078e8a 100644 --- a/spec/jobs/get_usps_waiting_proofing_results_job_spec.rb +++ b/spec/jobs/get_usps_waiting_proofing_results_job_spec.rb @@ -14,8 +14,8 @@ ) ActiveJob::Base.queue_adapter = :test allow(job).to receive(:analytics).and_return(job_analytics) - allow(IdentityConfig.store).to receive(:get_usps_proofing_results_job_reprocess_delay_minutes). - and_return(reprocess_delay_minutes) + allow(IdentityConfig.store).to receive(:get_usps_proofing_results_job_reprocess_delay_minutes) + .and_return(reprocess_delay_minutes) stub_const( 'GetUspsProofingResultsJob::REQUEST_DELAY_IN_SECONDS', request_delay_ms / GetUspsProofingResultsJob::MILLISECONDS_PER_SECOND, @@ -35,9 +35,9 @@ it 'requests the enrollments that need their status checked' do freeze_time do expect(InPersonEnrollment).to( - receive(:needs_status_check_on_waiting_enrollments). - with(...reprocess_delay_minutes.minutes.ago). - and_return(InPersonEnrollment.all), + receive(:needs_status_check_on_waiting_enrollments) + .with(...reprocess_delay_minutes.minutes.ago) + .and_return(InPersonEnrollment.all), ) job.perform(Time.zone.now) @@ -61,8 +61,8 @@ job.perform(Time.zone.now) - expect(InPersonEnrollment.where.not(status_check_attempted_at: nil).pluck(:id)). - to(match_array(waiting_ids)) + expect(InPersonEnrollment.where.not(status_check_attempted_at: nil).pluck(:id)) + .to(match_array(waiting_ids)) expect(job_analytics).to have_logged_event( 'GetUspsProofingResultsJob: Job started', enrollments_count: 6, diff --git a/spec/jobs/gpo_daily_job_spec.rb b/spec/jobs/gpo_daily_job_spec.rb index 84b13ff7db3..b6a21071095 100644 --- a/spec/jobs/gpo_daily_job_spec.rb +++ b/spec/jobs/gpo_daily_job_spec.rb @@ -13,8 +13,8 @@ end before do - allow(IdentityConfig.store).to receive(:gpo_designated_receiver_pii). - and_return(designated_receiver_pii) + allow(IdentityConfig.store).to receive(:gpo_designated_receiver_pii) + .and_return(designated_receiver_pii) end describe '#perform' do diff --git a/spec/jobs/gpo_expiration_job_spec.rb b/spec/jobs/gpo_expiration_job_spec.rb index a9e4aa86631..74fbfab945d 100644 --- a/spec/jobs/gpo_expiration_job_spec.rb +++ b/spec/jobs/gpo_expiration_job_spec.rb @@ -177,8 +177,8 @@ job.perform(limit: limit) - expect(Profile.where.not(gpo_verification_pending_at: nil).count). - to eql(initial_count - limit) + expect(Profile.where.not(gpo_verification_pending_at: nil).count) + .to eql(initial_count - limit) end end end diff --git a/spec/jobs/gpo_reminder_job_spec.rb b/spec/jobs/gpo_reminder_job_spec.rb index 4a193b5df23..816e2eb5428 100644 --- a/spec/jobs/gpo_reminder_job_spec.rb +++ b/spec/jobs/gpo_reminder_job_spec.rb @@ -43,8 +43,8 @@ let(:job_analytics) { FakeAnalytics.new } before do - allow(IdentityConfig.store).to receive(:usps_confirmation_max_days). - and_return(max_days_ago_to_send_letter) + allow(IdentityConfig.store).to receive(:usps_confirmation_max_days) + .and_return(max_days_ago_to_send_letter) allow(Analytics).to receive(:new).and_return(job_analytics) user_with_invalid_profile.gpo_verification_pending_profile.deactivate(:password_reset) diff --git a/spec/jobs/in_person/enrollments_ready_for_status_check/batch_processor_spec.rb b/spec/jobs/in_person/enrollments_ready_for_status_check/batch_processor_spec.rb index 6eced3d0342..6b02084eef5 100644 --- a/spec/jobs/in_person/enrollments_ready_for_status_check/batch_processor_spec.rb +++ b/spec/jobs/in_person/enrollments_ready_for_status_check/batch_processor_spec.rb @@ -68,10 +68,10 @@ def failed_delete end it 'invalid item is marked as processed and deleted' do - expect(enrollment_pipeline).to receive(:process_message). - with(message).and_return(false).once - expect(sqs_batch_wrapper).to receive(:delete_message_batch). - with(messages).and_return(delete_result).once + expect(enrollment_pipeline).to receive(:process_message) + .with(message).and_return(false).once + expect(sqs_batch_wrapper).to receive(:delete_message_batch) + .with(messages).and_return(delete_result).once expect(delete_result).to receive(:failed).and_return([]) expect(delete_result).to receive(:successful).and_return(messages) expect(error_reporter).not_to receive(:report_error) @@ -87,10 +87,10 @@ def failed_delete end it 'valid item is marked as processed and deleted' do - expect(enrollment_pipeline).to receive(:process_message). - with(message).and_return(true).once - expect(sqs_batch_wrapper).to receive(:delete_message_batch). - with(messages).and_return(delete_result).once + expect(enrollment_pipeline).to receive(:process_message) + .with(message).and_return(true).once + expect(sqs_batch_wrapper).to receive(:delete_message_batch) + .with(messages).and_return(delete_result).once expect(delete_result).to receive(:failed).and_return([]) expect(delete_result).to receive(:successful).and_return( [ @@ -110,10 +110,10 @@ def failed_delete end it 'item is marked as processed but fails to be deleted' do - expect(enrollment_pipeline).to receive(:process_message). - with(message).and_return(true).once - expect(sqs_batch_wrapper).to receive(:delete_message_batch). - with(messages).and_return(delete_result).once + expect(enrollment_pipeline).to receive(:process_message) + .with(message).and_return(true).once + expect(sqs_batch_wrapper).to receive(:delete_message_batch) + .with(messages).and_return(delete_result).once error_entry = failed_delete expect(delete_result).to receive(:failed).and_return( [ @@ -142,10 +142,10 @@ def failed_delete it 'item is marked as processed but the batch delete call throws an error' do error = RuntimeError.new 'test batch error' - expect(enrollment_pipeline).to receive(:process_message). - with(message).and_return(true).once - expect(sqs_batch_wrapper).to receive(:delete_message_batch). - with(messages).and_raise(error).once + expect(enrollment_pipeline).to receive(:process_message) + .with(message).and_return(true).once + expect(sqs_batch_wrapper).to receive(:delete_message_batch) + .with(messages).and_raise(error).once expect(error_reporter).to receive(:report_error).with(error).once expected_analytics_stats = { **analytics_stats, @@ -179,8 +179,8 @@ def failed_delete true, true, ).exactly(5).times - expect(sqs_batch_wrapper).to receive(:delete_message_batch). - with(messages).and_return(delete_result).once + expect(sqs_batch_wrapper).to receive(:delete_message_batch) + .with(messages).and_return(delete_result).once error_entry = failed_delete error_entry2 = failed_delete diff --git a/spec/jobs/in_person/enrollments_ready_for_status_check/enrollment_pipeline_spec.rb b/spec/jobs/in_person/enrollments_ready_for_status_check/enrollment_pipeline_spec.rb index ed907478144..54531f8cf89 100644 --- a/spec/jobs/in_person/enrollments_ready_for_status_check/enrollment_pipeline_spec.rb +++ b/spec/jobs/in_person/enrollments_ready_for_status_check/enrollment_pipeline_spec.rb @@ -8,8 +8,8 @@ let(:pipeline_analytics) { FakeAnalytics.new } before(:each) do - allow(IdentityConfig.store).to receive(:in_person_enrollments_ready_job_email_body_pattern). - and_return('\A\s*(?\d{16})\s*\Z') + allow(IdentityConfig.store).to receive(:in_person_enrollments_ready_job_email_body_pattern) + .and_return('\A\s*(?\d{16})\s*\Z') allow(error_reporter).to receive(:report_error) end @@ -123,8 +123,8 @@ let(:expected_error_extra) { nil } before(:each) do - allow(sqs_message).to receive(:message_id). - and_return(sqs_message_id) + allow(sqs_message).to receive(:message_id) + .and_return(sqs_message_id) end def expect_error(error, **extra) @@ -330,8 +330,8 @@ def expect_error(error, **extra) :pick, ).and_raise(error) - expect(error_reporter).to receive(:report_error). - with( + expect(error_reporter).to receive(:report_error) + .with( error, sqs_message_id:, sns_message_id:, @@ -350,12 +350,12 @@ def expect_error(error, **extra) enrollment = create(:in_person_enrollment, enrollment_code:, status: :pending, user:) error = ActiveRecord::ConnectionNotEstablished.new - expect(InPersonEnrollment).to receive(:update). - with(enrollment.id, ready_for_status_check: true). - and_raise(error) + expect(InPersonEnrollment).to receive(:update) + .with(enrollment.id, ready_for_status_check: true) + .and_raise(error) - expect(error_reporter).to receive(:report_error). - with( + expect(error_reporter).to receive(:report_error) + .with( error, sqs_message_id:, sns_message_id:, @@ -380,8 +380,8 @@ def expect_error(error, **extra) allow(sqs_message).to receive(:body).and_return(sns_text_payload.to_json) enrollment = create(:in_person_enrollment, enrollment_code:, status: :pending, user:) - expect(InPersonEnrollment).to receive(:update). - with(enrollment.id, ready_for_status_check: true).once + expect(InPersonEnrollment).to receive(:update) + .with(enrollment.id, ready_for_status_check: true).once expect(error_reporter).not_to receive(:report_error) @@ -398,8 +398,8 @@ def expect_error(error, **extra) allow(sqs_message).to receive(:body).and_return(sns_html_payload.to_json) enrollment = create(:in_person_enrollment, enrollment_code:, status: :pending, user:) - expect(InPersonEnrollment).to receive(:update). - with(enrollment.id, ready_for_status_check: true).once + expect(InPersonEnrollment).to receive(:update) + .with(enrollment.id, ready_for_status_check: true).once expect(error_reporter).not_to receive(:report_error) @@ -417,8 +417,8 @@ def expect_error(error, **extra) enrollment = create(:in_person_enrollment, enrollment_code:, status: :pending, user:) - expect(InPersonEnrollment).to receive(:update). - with(enrollment.id, ready_for_status_check: true).once + expect(InPersonEnrollment).to receive(:update) + .with(enrollment.id, ready_for_status_check: true).once expect(error_reporter).not_to receive(:report_error) @@ -435,8 +435,8 @@ def expect_error(error, **extra) enrollment = create(:in_person_enrollment, enrollment_code:, status: :pending, user:) - expect(InPersonEnrollment).to receive(:update). - with(enrollment.id, ready_for_status_check: true).once + expect(InPersonEnrollment).to receive(:update) + .with(enrollment.id, ready_for_status_check: true).once expect(error_reporter).not_to receive(:report_error) diff --git a/spec/jobs/in_person/enrollments_ready_for_status_check/sqs_batch_wrapper_spec.rb b/spec/jobs/in_person/enrollments_ready_for_status_check/sqs_batch_wrapper_spec.rb index f9ae2baf538..b4dbb72636e 100644 --- a/spec/jobs/in_person/enrollments_ready_for_status_check/sqs_batch_wrapper_spec.rb +++ b/spec/jobs/in_person/enrollments_ready_for_status_check/sqs_batch_wrapper_spec.rb @@ -26,9 +26,9 @@ def create_mock_message create_mock_message, ] - expect(sqs_client).to receive(:receive_message). - with(receive_params). - and_return(mock_result) + expect(sqs_client).to receive(:receive_message) + .with(receive_params) + .and_return(mock_result) expect(mock_result).to receive(:messages).and_return(mock_messages) expect(sqs_batch_wrapper.poll).to eq(mock_messages) diff --git a/spec/jobs/in_person/enrollments_ready_for_status_check_job_spec.rb b/spec/jobs/in_person/enrollments_ready_for_status_check_job_spec.rb index 429268793e7..c70e25a5cae 100644 --- a/spec/jobs/in_person/enrollments_ready_for_status_check_job_spec.rb +++ b/spec/jobs/in_person/enrollments_ready_for_status_check_job_spec.rb @@ -9,10 +9,10 @@ describe '#perform' do before(:each) do allow(job).to receive(:analytics).and_return(analytics) - allow(IdentityConfig.store).to receive(:in_person_proofing_enabled). - and_return(in_person_proofing_enabled) - allow(IdentityConfig.store).to receive(:in_person_enrollments_ready_job_enabled). - and_return(in_person_enrollments_ready_job_enabled) + allow(IdentityConfig.store).to receive(:in_person_proofing_enabled) + .and_return(in_person_proofing_enabled) + allow(IdentityConfig.store).to receive(:in_person_enrollments_ready_job_enabled) + .and_return(in_person_enrollments_ready_job_enabled) end def process_batch_result @@ -289,9 +289,9 @@ def new_message wait_time_seconds = 20 aws_http_timeout = 5 - expect(Aws::SQS::Client).to receive(:new). - with(http_read_timeout: wait_time_seconds + aws_http_timeout). - and_return(sqs_client) + expect(Aws::SQS::Client).to receive(:new) + .with(http_read_timeout: wait_time_seconds + aws_http_timeout) + .and_return(sqs_client) expect(IdentityConfig.store).to receive_messages( aws_http_timeout:, @@ -302,8 +302,8 @@ def new_message ) wrapper = instance_double(InPerson::EnrollmentsReadyForStatusCheck::SqsBatchWrapper) - expect(InPerson::EnrollmentsReadyForStatusCheck::SqsBatchWrapper).to receive(:new). - with( + expect(InPerson::EnrollmentsReadyForStatusCheck::SqsBatchWrapper).to receive(:new) + .with( sqs_client: sqs_client, queue_url:, receive_params: { @@ -325,8 +325,8 @@ def new_message batch_processor_error_reporter = instance_double( InPerson::EnrollmentsReadyForStatusCheck::ErrorReporter, ) - expect(InPerson::EnrollmentsReadyForStatusCheck::ErrorReporter).to receive(:new). - with( + expect(InPerson::EnrollmentsReadyForStatusCheck::ErrorReporter).to receive(:new) + .with( InPerson::EnrollmentsReadyForStatusCheck::BatchProcessor.name, analytics, ).and_return(batch_processor_error_reporter) @@ -337,28 +337,28 @@ def new_message enrollment_pipeline_error_reporter = instance_double( InPerson::EnrollmentsReadyForStatusCheck::ErrorReporter, ) - expect(InPerson::EnrollmentsReadyForStatusCheck::ErrorReporter).to receive(:new). - with( + expect(InPerson::EnrollmentsReadyForStatusCheck::ErrorReporter).to receive(:new) + .with( InPerson::EnrollmentsReadyForStatusCheck::EnrollmentPipeline.name, analytics, ).and_return(enrollment_pipeline_error_reporter) email_body_pattern = 'abcd' - expect(IdentityConfig.store).to receive(:in_person_enrollments_ready_job_email_body_pattern). - and_return(email_body_pattern) + expect(IdentityConfig.store).to receive(:in_person_enrollments_ready_job_email_body_pattern) + .and_return(email_body_pattern) enrollment_pipeline = instance_double( InPerson::EnrollmentsReadyForStatusCheck::EnrollmentPipeline, ) - expect(InPerson::EnrollmentsReadyForStatusCheck::EnrollmentPipeline).to receive(:new). - with( + expect(InPerson::EnrollmentsReadyForStatusCheck::EnrollmentPipeline).to receive(:new) + .with( error_reporter: enrollment_pipeline_error_reporter, email_body_pattern: /abcd/, ).and_return(enrollment_pipeline) batch_processor = instance_double(InPerson::EnrollmentsReadyForStatusCheck::BatchProcessor) - expect(InPerson::EnrollmentsReadyForStatusCheck::BatchProcessor).to receive(:new). - with( + expect(InPerson::EnrollmentsReadyForStatusCheck::BatchProcessor).to receive(:new) + .with( error_reporter: batch_processor_error_reporter, sqs_batch_wrapper:, enrollment_pipeline:, diff --git a/spec/jobs/in_person/send_proofing_notification_job_spec.rb b/spec/jobs/in_person/send_proofing_notification_job_spec.rb index efdc8ef29ed..6c5cd9adc7a 100644 --- a/spec/jobs/in_person/send_proofing_notification_job_spec.rb +++ b/spec/jobs/in_person/send_proofing_notification_job_spec.rb @@ -50,10 +50,10 @@ before do ActiveJob::Base.queue_adapter = :test allow(job).to receive(:analytics).and_return(analytics) - allow(IdentityConfig.store).to receive(:in_person_proofing_enabled). - and_return(in_person_proofing_enabled) - allow(IdentityConfig.store).to receive(:in_person_send_proofing_notifications_enabled). - and_return(in_person_send_proofing_notifications_enabled) + allow(IdentityConfig.store).to receive(:in_person_proofing_enabled) + .and_return(in_person_proofing_enabled) + allow(IdentityConfig.store).to receive(:in_person_send_proofing_notifications_enabled) + .and_return(in_person_send_proofing_notifications_enabled) end describe '#perform' do @@ -155,8 +155,8 @@ before do allow(Telephony).to receive(:send_notification).and_return(sms_success_response) - allow(Idv::InPerson::EnrollmentCodeFormatter).to receive(:format). - and_return(formatted_string) + allow(Idv::InPerson::EnrollmentCodeFormatter).to receive(:format) + .and_return(formatted_string) end it 'handles English language preference' do @@ -164,10 +164,10 @@ passed_enrollment.update!(proofed_at: Time.zone.now) formatted_date = I18n.l(proofed_date, format: :sms_date, locale: 'en') - expect(Telephony). - to( - receive(:send_notification). - with( + expect(Telephony) + .to( + receive(:send_notification) + .with( to: phone_number, message: "Login.gov: You visited the Post Office on #{formatted_date}." \ " Check email for your result." \ @@ -185,10 +185,10 @@ passed_enrollment.update!(proofed_at: Time.zone.now) formatted_date = I18n.l(proofed_date, format: :sms_date, locale: 'fr') - expect(Telephony). - to( - receive(:send_notification). - with( + expect(Telephony) + .to( + receive(:send_notification) + .with( to: phone_number, message: "Login.gov : Vous avez visité le bureau de poste le " \ "#{formatted_date}. Vérifiez votre e-mail pour obtenir votre résultat. Ce" \ @@ -206,10 +206,10 @@ passed_enrollment.update!(proofed_at: Time.zone.now) formatted_date = I18n.l(proofed_date, format: :sms_date, locale: 'es') - expect(Telephony). - to( - receive(:send_notification). - with( + expect(Telephony) + .to( + receive(:send_notification) + .with( to: phone_number, message: "Login.gov: Usted acudió a la oficina de correos el " \ "#{formatted_date}. Revise el resultado en su correo electrónico. " \ @@ -248,9 +248,9 @@ context 'when an exception is raised trying to find the enrollment' do it 'logs the exception details' do - allow(InPersonEnrollment). - to receive(:find_by). - and_raise(ActiveRecord::DatabaseConnectionError) + allow(InPersonEnrollment) + .to receive(:find_by) + .and_raise(ActiveRecord::DatabaseConnectionError) job.perform(passed_enrollment.id) @@ -267,10 +267,10 @@ let(:exception_message) { 'SMS unsupported' } it 'logs the exception details' do - allow(Telephony). - to( - receive(:send_notification). - and_raise(Telephony::SmsUnsupportedError.new(exception_message)), + allow(Telephony) + .to( + receive(:send_notification) + .and_raise(Telephony::SmsUnsupportedError.new(exception_message)), ) job.perform(passed_enrollment.id) diff --git a/spec/jobs/job_helpers/stale_job_helper_spec.rb b/spec/jobs/job_helpers/stale_job_helper_spec.rb index 216557c8a64..2dcae9df0d7 100644 --- a/spec/jobs/job_helpers/stale_job_helper_spec.rb +++ b/spec/jobs/job_helpers/stale_job_helper_spec.rb @@ -11,8 +11,8 @@ let(:async_stale_job_timeout_seconds) { 300 } before do - allow(IdentityConfig.store).to receive(:async_stale_job_timeout_seconds). - and_return(async_stale_job_timeout_seconds) + allow(IdentityConfig.store).to receive(:async_stale_job_timeout_seconds) + .and_return(async_stale_job_timeout_seconds) end describe '#stale_job?' do diff --git a/spec/jobs/reports/daily_auths_report_spec.rb b/spec/jobs/reports/daily_auths_report_spec.rb index 3ab49279531..6a2815a88d6 100644 --- a/spec/jobs/reports/daily_auths_report_spec.rb +++ b/spec/jobs/reports/daily_auths_report_spec.rb @@ -12,12 +12,12 @@ allow(Identity::Hostdata).to receive(:env).and_return('int') allow(Identity::Hostdata).to receive(:aws_account_id).and_return('1234') allow(Identity::Hostdata).to receive(:aws_region).and_return('us-west-1') - allow(IdentityConfig.store).to receive(:s3_public_reports_enabled). - and_return(s3_public_reports_enabled) - allow(IdentityConfig.store).to receive(:s3_report_bucket_prefix). - and_return(s3_report_bucket_prefix) - allow(IdentityConfig.store).to receive(:s3_report_public_bucket_prefix). - and_return(s3_report_public_bucket_prefix) + allow(IdentityConfig.store).to receive(:s3_public_reports_enabled) + .and_return(s3_public_reports_enabled) + allow(IdentityConfig.store).to receive(:s3_report_bucket_prefix) + .and_return(s3_report_bucket_prefix) + allow(IdentityConfig.store).to receive(:s3_report_public_bucket_prefix) + .and_return(s3_report_public_bucket_prefix) Aws.config[:s3] = { stub_responses: { @@ -81,8 +81,8 @@ end it 'aggregates by issuer' do - expect(report).to receive(:upload_file_to_s3_bucket). - exactly(2).times do |path:, body:, content_type:, bucket:| + expect(report).to receive(:upload_file_to_s3_bucket) + .exactly(2).times do |path:, body:, content_type:, bucket:| parsed = JSON.parse(body, symbolize_names: true) expect(parsed[:start]).to eq(report_date.beginning_of_day.as_json) diff --git a/spec/jobs/reports/daily_dropoffs_report_spec.rb b/spec/jobs/reports/daily_dropoffs_report_spec.rb index 12a488b2632..a1f15680c25 100644 --- a/spec/jobs/reports/daily_dropoffs_report_spec.rb +++ b/spec/jobs/reports/daily_dropoffs_report_spec.rb @@ -12,12 +12,12 @@ allow(Identity::Hostdata).to receive(:env).and_return('int') allow(Identity::Hostdata).to receive(:aws_account_id).and_return('1234') allow(Identity::Hostdata).to receive(:aws_region).and_return('us-west-1') - allow(IdentityConfig.store).to receive(:s3_public_reports_enabled). - and_return(s3_public_reports_enabled) - allow(IdentityConfig.store).to receive(:s3_report_bucket_prefix). - and_return(s3_report_bucket_prefix) - allow(IdentityConfig.store).to receive(:s3_report_public_bucket_prefix). - and_return(s3_report_public_bucket_prefix) + allow(IdentityConfig.store).to receive(:s3_public_reports_enabled) + .and_return(s3_public_reports_enabled) + allow(IdentityConfig.store).to receive(:s3_report_bucket_prefix) + .and_return(s3_report_bucket_prefix) + allow(IdentityConfig.store).to receive(:s3_report_public_bucket_prefix) + .and_return(s3_report_public_bucket_prefix) Aws.config[:s3] = { stub_responses: { @@ -106,8 +106,8 @@ end it 'aggregates by issuer' do - expect(report).to receive(:upload_file_to_s3_bucket). - exactly(2).times do |path:, body:, content_type:, bucket:| + expect(report).to receive(:upload_file_to_s3_bucket) + .exactly(2).times do |path:, body:, content_type:, bucket:| csv = CSV.parse(body, headers: true) row = csv.first diff --git a/spec/jobs/reports/daily_registration_report_spec.rb b/spec/jobs/reports/daily_registration_report_spec.rb index 62d2b850b5d..4e9d88f873c 100644 --- a/spec/jobs/reports/daily_registration_report_spec.rb +++ b/spec/jobs/reports/daily_registration_report_spec.rb @@ -12,12 +12,12 @@ allow(Identity::Hostdata).to receive(:env).and_return('int') allow(Identity::Hostdata).to receive(:aws_account_id).and_return('1234') allow(Identity::Hostdata).to receive(:aws_region).and_return('us-west-1') - allow(IdentityConfig.store).to receive(:s3_public_reports_enabled). - and_return(s3_public_reports_enabled) - allow(IdentityConfig.store).to receive(:s3_report_bucket_prefix). - and_return(s3_report_bucket_prefix) - allow(IdentityConfig.store).to receive(:s3_report_public_bucket_prefix). - and_return(s3_report_public_bucket_prefix) + allow(IdentityConfig.store).to receive(:s3_public_reports_enabled) + .and_return(s3_public_reports_enabled) + allow(IdentityConfig.store).to receive(:s3_report_bucket_prefix) + .and_return(s3_report_bucket_prefix) + allow(IdentityConfig.store).to receive(:s3_report_public_bucket_prefix) + .and_return(s3_report_public_bucket_prefix) Aws.config[:s3] = { stub_responses: { @@ -84,8 +84,8 @@ end it 'calculates users and fully registered users by day' do - expect(report).to receive(:upload_file_to_s3_bucket). - exactly(2).times do |path:, body:, content_type:, bucket:| + expect(report).to receive(:upload_file_to_s3_bucket) + .exactly(2).times do |path:, body:, content_type:, bucket:| parsed = JSON.parse(body, symbolize_names: true) expect(parsed[:finish]).to eq(report_date.end_of_day.as_json) diff --git a/spec/jobs/reports/duplicate_ssn_report_spec.rb b/spec/jobs/reports/duplicate_ssn_report_spec.rb index 271790e7830..f2a3ce9b67e 100644 --- a/spec/jobs/reports/duplicate_ssn_report_spec.rb +++ b/spec/jobs/reports/duplicate_ssn_report_spec.rb @@ -68,8 +68,8 @@ csv = CSV.parse(report_body, headers: true) expect(csv.length).to eq(3) - expect(csv.find { |r| r['uuid'] == unique_profile.user.uuid }). - to be_nil, 'does not include unique users in the report' + expect(csv.find { |r| r['uuid'] == unique_profile.user.uuid }) + .to be_nil, 'does not include unique users in the report' today_user = fingerprint2_today_profile.user today_row = csv.find { |r| r['uuid'] == today_user.uuid } diff --git a/spec/jobs/reports/fraud_metrics_report_spec.rb b/spec/jobs/reports/fraud_metrics_report_spec.rb index 0c7cc22e981..590620aa3d4 100644 --- a/spec/jobs/reports/fraud_metrics_report_spec.rb +++ b/spec/jobs/reports/fraud_metrics_report_spec.rb @@ -62,8 +62,8 @@ allow(Identity::Hostdata).to receive(:env).and_return('int') allow(Identity::Hostdata).to receive(:aws_account_id).and_return('1234') allow(Identity::Hostdata).to receive(:aws_region).and_return('us-west-1') - allow(IdentityConfig.store).to receive(:s3_report_bucket_prefix). - and_return(s3_report_bucket_prefix) + allow(IdentityConfig.store).to receive(:s3_report_bucket_prefix) + .and_return(s3_report_bucket_prefix) Aws.config[:s3] = { stub_responses: { @@ -71,19 +71,19 @@ }, } - allow(IdentityConfig.store).to receive(:team_daily_fraud_metrics_emails). - and_return(mock_test_fraud_emails) - allow(IdentityConfig.store).to receive(:team_monthly_fraud_metrics_emails). - and_return(mock_team_fraud_emails) + allow(IdentityConfig.store).to receive(:team_daily_fraud_metrics_emails) + .and_return(mock_test_fraud_emails) + allow(IdentityConfig.store).to receive(:team_monthly_fraud_metrics_emails) + .and_return(mock_team_fraud_emails) - allow(report.fraud_metrics_lg99_report).to receive(:lg99_metrics_table). - and_return(mock_identity_verification_lg99_data) + allow(report.fraud_metrics_lg99_report).to receive(:lg99_metrics_table) + .and_return(mock_identity_verification_lg99_data) - allow(report.fraud_metrics_lg99_report).to receive(:suspended_metrics_table). - and_return(mock_suspended_metrics_table) + allow(report.fraud_metrics_lg99_report).to receive(:suspended_metrics_table) + .and_return(mock_suspended_metrics_table) - allow(report.fraud_metrics_lg99_report).to receive(:reinstated_metrics_table). - and_return(mock_reinstated_metrics_table) + allow(report.fraud_metrics_lg99_report).to receive(:reinstated_metrics_table) + .and_return(mock_reinstated_metrics_table) end it 'sends out a report to just to team agnes' do diff --git a/spec/jobs/reports/monthly_key_metrics_report_spec.rb b/spec/jobs/reports/monthly_key_metrics_report_spec.rb index eebb7131c49..c4bf44ccdd8 100644 --- a/spec/jobs/reports/monthly_key_metrics_report_spec.rb +++ b/spec/jobs/reports/monthly_key_metrics_report_spec.rb @@ -49,8 +49,8 @@ allow(Identity::Hostdata).to receive(:env).and_return('int') allow(Identity::Hostdata).to receive(:aws_account_id).and_return('1234') allow(Identity::Hostdata).to receive(:aws_region).and_return('us-west-1') - allow(IdentityConfig.store).to receive(:s3_report_bucket_prefix). - and_return(s3_report_bucket_prefix) + allow(IdentityConfig.store).to receive(:s3_report_bucket_prefix) + .and_return(s3_report_bucket_prefix) Aws.config[:s3] = { stub_responses: { @@ -58,15 +58,15 @@ }, } - allow(report.proofing_rate_report).to receive(:as_csv). - and_return(mock_proofing_rate_data) - allow(report.monthly_idv_report).to receive(:as_csv). - and_return(mock_monthly_idv_data) + allow(report.proofing_rate_report).to receive(:as_csv) + .and_return(mock_proofing_rate_data) + allow(report.monthly_idv_report).to receive(:as_csv) + .and_return(mock_monthly_idv_data) - allow(IdentityConfig.store).to receive(:team_daily_reports_emails). - and_return(mock_daily_reports_emails) - allow(IdentityConfig.store).to receive(:team_all_login_emails). - and_return(mock_all_login_emails) + allow(IdentityConfig.store).to receive(:team_daily_reports_emails) + .and_return(mock_daily_reports_emails) + allow(IdentityConfig.store).to receive(:team_all_login_emails) + .and_return(mock_all_login_emails) end it 'sends out a report to just to team agnes' do diff --git a/spec/jobs/reports/quarterly_account_stats_spec.rb b/spec/jobs/reports/quarterly_account_stats_spec.rb index 036b85d7abc..e63167ad50b 100644 --- a/spec/jobs/reports/quarterly_account_stats_spec.rb +++ b/spec/jobs/reports/quarterly_account_stats_spec.rb @@ -9,9 +9,9 @@ let(:ninety_days_ago) { end_date - 90.days } it 'saves the report' do - expect(subject).to receive(:report_body). - with(ninety_days_ago, end_date). - and_return('csv text') + expect(subject).to receive(:report_body) + .with(ninety_days_ago, end_date) + .and_return('csv text') expect(subject).to receive(:save_report).with( 'quarterly-account-stats', 'csv text', diff --git a/spec/jobs/reports/query_helpers_spec.rb b/spec/jobs/reports/query_helpers_spec.rb index 178a0d6c939..5dc20e83c32 100644 --- a/spec/jobs/reports/query_helpers_spec.rb +++ b/spec/jobs/reports/query_helpers_spec.rb @@ -9,8 +9,8 @@ end it 'quotes strings to be psql string literals' do - expect(quote(%(a string with "quotes" in 'the middle'))). - to eq(%('a string with "quotes" in ''the middle''')) + expect(quote(%(a string with "quotes" in 'the middle'))) + .to eq(%('a string with "quotes" in ''the middle''')) end it 'quotes arrays as list expressions' do diff --git a/spec/jobs/reports/sp_issuer_user_counts_report_spec.rb b/spec/jobs/reports/sp_issuer_user_counts_report_spec.rb index a063406119d..87efb3a5be2 100644 --- a/spec/jobs/reports/sp_issuer_user_counts_report_spec.rb +++ b/spec/jobs/reports/sp_issuer_user_counts_report_spec.rb @@ -36,11 +36,11 @@ end before do - expect(Db::Identity::SpUserCounts).to receive(:with_issuer).with(issuer). - and_return(user_counts) + expect(Db::Identity::SpUserCounts).to receive(:with_issuer).with(issuer) + .and_return(user_counts) - allow(IdentityConfig.store).to receive(:sp_issuer_user_counts_report_configs). - and_return([{ 'issuer' => issuer, 'emails' => [email] }]) + allow(IdentityConfig.store).to receive(:sp_issuer_user_counts_report_configs) + .and_return([{ 'issuer' => issuer, 'emails' => [email] }]) allow(ReportMailer).to receive(:tables_report).and_call_original end diff --git a/spec/jobs/resolution_proofing_job_spec.rb b/spec/jobs/resolution_proofing_job_spec.rb index 1af200134b2..c28352a132b 100644 --- a/spec/jobs/resolution_proofing_job_spec.rb +++ b/spec/jobs/resolution_proofing_job_spec.rb @@ -20,14 +20,14 @@ let(:ipp_enrollment_in_progress) { false } before do - allow(IdentityConfig.store).to receive(:proofing_device_profiling). - and_return(proofing_device_profiling) - allow(IdentityConfig.store).to receive(:lexisnexis_threatmetrix_mock_enabled). - and_return(lexisnexis_threatmetrix_mock_enabled) - allow(IdentityConfig.store).to receive(:lexisnexis_threatmetrix_base_url). - and_return('https://www.example.com') - allow(IdentityConfig.store).to receive(:idv_resolution_default_vendor). - and_return(:instant_verify) + allow(IdentityConfig.store).to receive(:proofing_device_profiling) + .and_return(proofing_device_profiling) + allow(IdentityConfig.store).to receive(:lexisnexis_threatmetrix_mock_enabled) + .and_return(lexisnexis_threatmetrix_mock_enabled) + allow(IdentityConfig.store).to receive(:lexisnexis_threatmetrix_base_url) + .and_return('https://www.example.com') + allow(IdentityConfig.store).to receive(:idv_resolution_default_vendor) + .and_return(:instant_verify) end describe '#perform' do @@ -95,18 +95,18 @@ expect(result_context[:should_proof_state_id]) # result[:context][:stages][:resolution] - expect(result_context_stages_resolution[:vendor_name]). - to eq('lexisnexis:instant_verify') + expect(result_context_stages_resolution[:vendor_name]) + .to eq('lexisnexis:instant_verify') expect(result_context_stages_resolution[:errors]).to include(:'Execute Instant Verify') expect(result_context_stages_resolution[:exception]).to eq(nil) expect(result_context_stages_resolution[:success]).to eq(true) expect(result_context_stages_resolution[:timed_out]).to eq(false) expect(result_context_stages_resolution[:transaction_id]).to eq('123456') expect(result_context_stages_resolution[:reference]).to eq('Reference1') - expect(result_context_stages_resolution[:can_pass_with_additional_verification]). - to eq(false) - expect(result_context_stages_resolution[:attributes_requiring_additional_verification]). - to eq([]) + expect(result_context_stages_resolution[:can_pass_with_additional_verification]) + .to eq(false) + expect(result_context_stages_resolution[:attributes_requiring_additional_verification]) + .to eq([]) # result[:context][:stages][:state_id] expect(result_context_stages_state_id[:vendor_name]).to eq('aamva:state_id') @@ -199,13 +199,13 @@ expect(result[:timed_out]).to be false # result[:context][:stages][:resolution] - expect(result_context_stages_resolution[:vendor_name]). - to eq('lexisnexis:instant_verify') + expect(result_context_stages_resolution[:vendor_name]) + .to eq('lexisnexis:instant_verify') expect(result_context_stages_resolution[:success]).to eq(false) - expect(result_context_stages_resolution[:can_pass_with_additional_verification]). - to eq(true) - expect(result_context_stages_resolution[:attributes_requiring_additional_verification]). - to eq(['address']) + expect(result_context_stages_resolution[:can_pass_with_additional_verification]) + .to eq(true) + expect(result_context_stages_resolution[:attributes_requiring_additional_verification]) + .to eq(['address']) # result[:context][:stages][:state_id] expect(result_context_stages_state_id[:vendor_name]).to eq('aamva:state_id') @@ -252,13 +252,13 @@ expect(result[:timed_out]).to be false # result[:context][:stages][:resolution] - expect(result_context_stages_resolution[:vendor_name]). - to eq('lexisnexis:instant_verify') + expect(result_context_stages_resolution[:vendor_name]) + .to eq('lexisnexis:instant_verify') expect(result_context_stages_resolution[:success]).to eq(false) - expect(result_context_stages_resolution[:can_pass_with_additional_verification]). - to eq(true) - expect(result_context_stages_resolution[:attributes_requiring_additional_verification]). - to match(['address', 'dead', 'dob', 'ssn']) + expect(result_context_stages_resolution[:can_pass_with_additional_verification]) + .to eq(true) + expect(result_context_stages_resolution[:attributes_requiring_additional_verification]) + .to match(['address', 'dead', 'dob', 'ssn']) # result[:context][:stages][:state_id] expect(result_context_stages_state_id[:vendor_name]).to eq('UnsupportedJurisdiction') @@ -413,18 +413,18 @@ expect(result_context[:should_proof_state_id]) # result[:context][:stages][:resolution] - expect(result_context_stages_resolution[:vendor_name]). - to eq('lexisnexis:instant_verify') + expect(result_context_stages_resolution[:vendor_name]) + .to eq('lexisnexis:instant_verify') expect(result_context_stages_resolution[:errors]).to include(:"Execute Instant Verify") expect(result_context_stages_resolution[:exception]).to eq(nil) expect(result_context_stages_resolution[:success]).to eq(true) expect(result_context_stages_resolution[:timed_out]).to eq(false) expect(result_context_stages_resolution[:transaction_id]).to eq('123456') expect(result_context_stages_resolution[:reference]).to eq('Reference1') - expect(result_context_stages_resolution[:can_pass_with_additional_verification]). - to eq(false) - expect(result_context_stages_resolution[:attributes_requiring_additional_verification]). - to eq([]) + expect(result_context_stages_resolution[:can_pass_with_additional_verification]) + .to eq(false) + expect(result_context_stages_resolution[:attributes_requiring_additional_verification]) + .to eq([]) # result[:context][:stages][:residential_address] expect(result_context_residential_address[:vendor_name]).to eq('lexisnexis:instant_verify') @@ -434,10 +434,10 @@ expect(result_context_residential_address[:timed_out]).to eq(false) expect(result_context_residential_address[:transaction_id]).to eq('123456') expect(result_context_residential_address[:reference]).to eq('Reference1') - expect(result_context_residential_address[:can_pass_with_additional_verification]). - to eq(false) - expect(result_context_residential_address[:attributes_requiring_additional_verification]). - to eq([]) + expect(result_context_residential_address[:can_pass_with_additional_verification]) + .to eq(false) + expect(result_context_residential_address[:attributes_requiring_additional_verification]) + .to eq([]) # result[:context][:stages][:state_id] expect(result_context_stages_state_id[:vendor_name]).to eq('aamva:state_id') @@ -619,8 +619,8 @@ stub_vendor_requests - expect_any_instance_of(Proofing::LexisNexis::InstantVerify::Proofer).to receive(:proof). - with(hash_including(uuid_info)).and_call_original + expect_any_instance_of(Proofing::LexisNexis::InstantVerify::Proofer).to receive(:proof) + .with(hash_including(uuid_info)).and_call_original expect_any_instance_of(Proofing::Aamva::Proofer).to receive(:proof).with( hash_including(uuid_info), @@ -662,17 +662,17 @@ def stub_threatmetrix_request(threatmetrix_response) end def stub_aamva_request(aamva_response) - allow(IdentityConfig.store).to receive(:aamva_private_key). - and_return(AamvaFixtures.example_config.private_key) - allow(IdentityConfig.store).to receive(:aamva_public_key). - and_return(AamvaFixtures.example_config.public_key) - stub_request(:post, IdentityConfig.store.aamva_auth_url). - to_return( + allow(IdentityConfig.store).to receive(:aamva_private_key) + .and_return(AamvaFixtures.example_config.private_key) + allow(IdentityConfig.store).to receive(:aamva_public_key) + .and_return(AamvaFixtures.example_config.public_key) + stub_request(:post, IdentityConfig.store.aamva_auth_url) + .to_return( { body: AamvaFixtures.security_token_response }, { body: AamvaFixtures.authentication_token_response }, ) - stub_request(:post, IdentityConfig.store.aamva_verification_url). - to_return(body: aamva_response) + stub_request(:post, IdentityConfig.store.aamva_verification_url) + .to_return(body: aamva_response) end end end diff --git a/spec/jobs/risc_delivery_job_spec.rb b/spec/jobs/risc_delivery_job_spec.rb index faae3b8bbda..2341109e0a7 100644 --- a/spec/jobs/risc_delivery_job_spec.rb +++ b/spec/jobs/risc_delivery_job_spec.rb @@ -41,8 +41,8 @@ end it 'POSTs the jwt to the given URL' do - req = stub_request(:post, push_notification_url). - with( + req = stub_request(:post, push_notification_url) + .with( body: jwt, headers: { 'Content-Type' => 'application/secevent+jwt', @@ -276,8 +276,8 @@ context 'when the rate limit is overridden' do before do - allow(IdentityConfig.store).to receive(:risc_notifications_rate_limit_overrides). - and_return({ push_notification_url => { 'max_requests' => 1e6, 'interval' => 500 } }) + allow(IdentityConfig.store).to receive(:risc_notifications_rate_limit_overrides) + .and_return({ push_notification_url => { 'max_requests' => 1e6, 'interval' => 500 } }) end it 'allows the request' do diff --git a/spec/jobs/socure_docv_results_job_spec.rb b/spec/jobs/socure_docv_results_job_spec.rb index 92bfa049db3..99aadd2ffdc 100644 --- a/spec/jobs/socure_docv_results_job_spec.rb +++ b/spec/jobs/socure_docv_results_job_spec.rb @@ -17,8 +17,8 @@ let(:expiration_date) { "#{1.year.from_now.year}-01-01" } before do - allow(IdentityConfig.store).to receive(:socure_idplus_base_url). - and_return(socure_idplus_base_url) + allow(IdentityConfig.store).to receive(:socure_idplus_base_url) + .and_return(socure_idplus_base_url) allow(Analytics).to receive(:new).and_return(fake_analytics) end @@ -91,8 +91,8 @@ end before do - stub_request(:post, 'https://example.com/api/3.0/EmailAuthScore'). - to_return( + stub_request(:post, 'https://example.com/api/3.0/EmailAuthScore') + .to_return( headers: { 'Content-Type' => 'application/json', }, diff --git a/spec/jobs/socure_reason_code_download_job_spec.rb b/spec/jobs/socure_reason_code_download_job_spec.rb index 61beb823f80..446f1798a41 100644 --- a/spec/jobs/socure_reason_code_download_job_spec.rb +++ b/spec/jobs/socure_reason_code_download_job_spec.rb @@ -23,10 +23,10 @@ end before do - allow(IdentityConfig.store).to receive(:idv_socure_reason_code_download_enabled). - and_return(idv_socure_reason_code_download_enabled) - allow(IdentityConfig.store).to receive(:socure_reason_code_base_url). - and_return('https://example.org') + allow(IdentityConfig.store).to receive(:idv_socure_reason_code_download_enabled) + .and_return(idv_socure_reason_code_download_enabled) + allow(IdentityConfig.store).to receive(:socure_reason_code_base_url) + .and_return('https://example.org') end describe '#perform' do diff --git a/spec/jobs/socure_shadow_mode_proofing_job_spec.rb b/spec/jobs/socure_shadow_mode_proofing_job_spec.rb index 92e93072894..95d0b473dac 100644 --- a/spec/jobs/socure_shadow_mode_proofing_job_spec.rb +++ b/spec/jobs/socure_shadow_mode_proofing_job_spec.rb @@ -123,8 +123,8 @@ before do document_capture_session.store_proofing_result(proofing_result.to_h) - allow(IdentityConfig.store).to receive(:socure_idplus_base_url). - and_return(socure_idplus_base_url) + allow(IdentityConfig.store).to receive(:socure_idplus_base_url) + .and_return(socure_idplus_base_url) end describe '#perform' do @@ -184,8 +184,8 @@ SocureReasonCode.create(code:, description:) end - stub_request(:post, 'https://example.org/api/3.0/EmailAuthScore'). - to_return( + stub_request(:post, 'https://example.org/api/3.0/EmailAuthScore') + .to_return( headers: { 'Content-Type' => 'application/json', }, diff --git a/spec/jobs/threat_metrix_js_verification_job_spec.rb b/spec/jobs/threat_metrix_js_verification_job_spec.rb index 5390285ef46..79b808b212c 100644 --- a/spec/jobs/threat_metrix_js_verification_job_spec.rb +++ b/spec/jobs/threat_metrix_js_verification_job_spec.rb @@ -64,15 +64,15 @@ end before do - allow(IdentityConfig.store).to receive(:lexisnexis_threatmetrix_org_id). - and_return(threatmetrix_org_id) - allow(IdentityConfig.store).to receive(:lexisnexis_threatmetrix_js_signing_cert). - and_return(threatmetrix_signing_certificate) - allow(IdentityConfig.store).to receive(:proofing_device_profiling). - and_return(threatmetrix_enabled ? :collect_only : :disabled) - - stub_request(:get, "https://h.online-metrix.net/fp/tags.js?org_id=#{threatmetrix_org_id}&session_id=#{threatmetrix_session_id}"). - to_return( + allow(IdentityConfig.store).to receive(:lexisnexis_threatmetrix_org_id) + .and_return(threatmetrix_org_id) + allow(IdentityConfig.store).to receive(:lexisnexis_threatmetrix_js_signing_cert) + .and_return(threatmetrix_signing_certificate) + allow(IdentityConfig.store).to receive(:proofing_device_profiling) + .and_return(threatmetrix_enabled ? :collect_only : :disabled) + + stub_request(:get, "https://h.online-metrix.net/fp/tags.js?org_id=#{threatmetrix_org_id}&session_id=#{threatmetrix_session_id}") + .to_return( status: http_response_status, body: http_response_body, ) @@ -110,8 +110,8 @@ context 'error that is not a configuration error' do before do - stub_request(:get, "https://h.online-metrix.net/fp/tags.js?org_id=#{threatmetrix_org_id}&session_id=#{threatmetrix_session_id}"). - to_timeout + stub_request(:get, "https://h.online-metrix.net/fp/tags.js?org_id=#{threatmetrix_org_id}&session_id=#{threatmetrix_session_id}") + .to_timeout end it 'logs an error_message, and raises' do diff --git a/spec/lib/aamva_test_spec.rb b/spec/lib/aamva_test_spec.rb index 4a6e5e399ba..d67343739fe 100644 --- a/spec/lib/aamva_test_spec.rb +++ b/spec/lib/aamva_test_spec.rb @@ -4,19 +4,19 @@ RSpec.describe AamvaTest do before do allow(IdentityConfig.store).to receive(:proofer_mock_fallback).and_return(false) - allow(IdentityConfig.store).to receive(:aamva_private_key). - and_return(Base64.strict_encode64(AamvaFixtures.aamva_private_key.to_der)) - allow(IdentityConfig.store).to receive(:aamva_public_key). - and_return(Base64.strict_encode64(AamvaFixtures.aamva_public_key.to_der)) - - stub_request(:post, auth_url). - with(body: %r{http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT}). - to_return(body: AamvaFixtures.security_token_response, status: 200) - stub_request(:post, auth_url). - with(body: %r{http://aamva.org/authentication/3.1.0/IAuthenticationService/Authenticate}). - to_return(body: AamvaFixtures.authentication_token_response, status: 200) - stub_request(:post, verification_url). - to_return(body: AamvaFixtures.verification_response_namespaced_success) + allow(IdentityConfig.store).to receive(:aamva_private_key) + .and_return(Base64.strict_encode64(AamvaFixtures.aamva_private_key.to_der)) + allow(IdentityConfig.store).to receive(:aamva_public_key) + .and_return(Base64.strict_encode64(AamvaFixtures.aamva_public_key.to_der)) + + stub_request(:post, auth_url) + .with(body: %r{http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT}) + .to_return(body: AamvaFixtures.security_token_response, status: 200) + stub_request(:post, auth_url) + .with(body: %r{http://aamva.org/authentication/3.1.0/IAuthenticationService/Authenticate}) + .to_return(body: AamvaFixtures.authentication_token_response, status: 200) + stub_request(:post, verification_url) + .to_return(body: AamvaFixtures.verification_response_namespaced_success) end subject(:tester) { AamvaTest.new } @@ -43,8 +43,8 @@ expect(WebMock).to( have_requested(:post, verification_url).with do |req| - expect(Nokogiri::XML(req.body).at_xpath('//aa:MessageDestinationId').text). - to eq('P6'), 'it sends a request with the designated fake state' + expect(Nokogiri::XML(req.body).at_xpath('//aa:MessageDestinationId').text) + .to eq('P6'), 'it sends a request with the designated fake state' end, ) end @@ -54,8 +54,8 @@ tester.test_cert(auth_url:, verification_url:) - expect(Rails.cache.read(Proofing::Aamva::AuthenticationClient::AUTH_TOKEN_CACHE_KEY)). - to be_nil + expect(Rails.cache.read(Proofing::Aamva::AuthenticationClient::AUTH_TOKEN_CACHE_KEY)) + .to be_nil end end end diff --git a/spec/lib/ab_test_spec.rb b/spec/lib/ab_test_spec.rb index b6df14a9009..9e147fe574c 100644 --- a/spec/lib/ab_test_spec.rb +++ b/spec/lib/ab_test_spec.rb @@ -65,9 +65,9 @@ } end it 'passes arguments to discriminator' do - expect(discriminator).to receive(:call). - once. - with( + expect(discriminator).to receive(:call) + .once + .with( request:, service_provider:, session:, diff --git a/spec/lib/action_account_spec.rb b/spec/lib/action_account_spec.rb index 7af09938bd4..30382fdf9e6 100644 --- a/spec/lib/action_account_spec.rb +++ b/spec/lib/action_account_spec.rb @@ -193,9 +193,9 @@ end it 'attributes analytics events to the SP' do - expect(Analytics).to receive(:new). - with(hash_including(sp: 'test-issuer')). - and_return(analytics) + expect(Analytics).to receive(:new) + .with(hash_including(sp: 'test-issuer')) + .and_return(analytics) subtask.run(args:, config:) @@ -272,9 +272,9 @@ end it 'attributes analytics events to the SP' do - expect(Analytics).to receive(:new). - with(hash_including(sp: 'test-issuer')). - and_return(analytics) + expect(Analytics).to receive(:new) + .with(hash_including(sp: 'test-issuer')) + .and_return(analytics) subtask.run(args:, config:) diff --git a/spec/lib/analytics_events_documenter_spec.rb b/spec/lib/analytics_events_documenter_spec.rb index 29e231ce0de..81c2c24ef78 100644 --- a/spec/lib/analytics_events_documenter_spec.rb +++ b/spec/lib/analytics_events_documenter_spec.rb @@ -99,8 +99,8 @@ def some_event; end RUBY it 'reports the missing tag' do - expect(documenter.missing_documentation.first). - to include('some_event event name not detected') + expect(documenter.missing_documentation.first) + .to include('some_event event name not detected') end end @@ -114,8 +114,8 @@ def some_event(success:) RUBY it 'reports the missing tag' do - expect(documenter.missing_documentation.first). - to include('some_event success (undocumented)') + expect(documenter.missing_documentation.first) + .to include('some_event success (undocumented)') end end @@ -129,8 +129,8 @@ def some_event(success) RUBY it 'reports the invalid param' do - expect(documenter.missing_documentation.first). - to include('some_event unexpected positional parameters ["success"]') + expect(documenter.missing_documentation.first) + .to include('some_event unexpected positional parameters ["success"]') end end @@ -159,8 +159,8 @@ def some_event(success:, **extra) RUBY it 'has an error documentation to be missing' do - expect(documenter.missing_documentation.first). - to include('some_event success missing types') + expect(documenter.missing_documentation.first) + .to include('some_event success missing types') end end @@ -310,8 +310,8 @@ def idv_enter_password_submitted( RUBY it 'parses the name correctly' do - expect(documenter.as_json[:events].first[:event_name]). - to eq('idv_enter_password_submitted') + expect(documenter.as_json[:events].first[:event_name]) + .to eq('idv_enter_password_submitted') end end end diff --git a/spec/lib/data_requests/local/write_cloudwatch_logs_spec.rb b/spec/lib/data_requests/local/write_cloudwatch_logs_spec.rb index 732cb464bb6..1540a1e9d75 100644 --- a/spec/lib/data_requests/local/write_cloudwatch_logs_spec.rb +++ b/spec/lib/data_requests/local/write_cloudwatch_logs_spec.rb @@ -90,8 +90,8 @@ def build_result_row(event_properties = {}) csv = CSV.parse(io.string, headers: true) - expect(csv.map { |row| [row['multi_factor_auth_method'], row['multi_factor_id']] }). - to eq( + expect(csv.map { |row| [row['multi_factor_auth_method'], row['multi_factor_id']] }) + .to eq( [%w[sms phone_configuration_id:1111], %w[voice phone_configuration_id:2222], %w[piv_cac piv_cac_configuration_id:3333], diff --git a/spec/lib/deploy/activate_spec.rb b/spec/lib/deploy/activate_spec.rb index 4a7a8ad244b..004f0b36d19 100644 --- a/spec/lib/deploy/activate_spec.rb +++ b/spec/lib/deploy/activate_spec.rb @@ -46,12 +46,12 @@ ec2_api_token = SecureRandom.hex - stub_request(:put, 'http://169.254.169.254/latest/api/token'). - to_return(body: ec2_api_token) + stub_request(:put, 'http://169.254.169.254/latest/api/token') + .to_return(body: ec2_api_token) - stub_request(:get, 'http://169.254.169.254/2016-09-02/dynamic/instance-identity/document'). - with(headers: { 'X-aws-ec2-metadata-token' => ec2_api_token }). - to_return(body: { + stub_request(:get, 'http://169.254.169.254/2016-09-02/dynamic/instance-identity/document') + .with(headers: { 'X-aws-ec2-metadata-token' => ec2_api_token }) + .to_return(body: { 'region' => 'us-west-1', 'accountId' => '12345', }.to_json) @@ -125,8 +125,8 @@ context 'outside a deployed production environment' do before do - stub_request(:put, 'http://169.254.169.254/latest/api/token'). - to_timeout + stub_request(:put, 'http://169.254.169.254/latest/api/token') + .to_timeout # for now, stub cloning identity-idp-config allow(subject).to receive(:clone_idp_config) diff --git a/spec/lib/env_irb_prompt_spec.rb b/spec/lib/env_irb_prompt_spec.rb index 08ce2aa8a97..f6ade78b625 100644 --- a/spec/lib/env_irb_prompt_spec.rb +++ b/spec/lib/env_irb_prompt_spec.rb @@ -32,8 +32,8 @@ it 'sets the prompt with the environment name' do configure - expect(irb_conf[:PROMPT][:ENV_PROMPT][:PROMPT_I]). - to include(prompt.bold(prompt.color_green('dev'))) + expect(irb_conf[:PROMPT][:ENV_PROMPT][:PROMPT_I]) + .to include(prompt.bold(prompt.color_green('dev'))) end end @@ -52,8 +52,8 @@ it 'sets the prompt with local' do configure - expect(irb_conf[:PROMPT][:ENV_PROMPT][:PROMPT_I]). - to include(prompt.bold(prompt.color_blue('local'))) + expect(irb_conf[:PROMPT][:ENV_PROMPT][:PROMPT_I]) + .to include(prompt.bold(prompt.color_blue('local'))) end end end diff --git a/spec/lib/feature_management_spec.rb b/spec/lib/feature_management_spec.rb index a1f35529f9c..f5c88b2fe6c 100644 --- a/spec/lib/feature_management_spec.rb +++ b/spec/lib/feature_management_spec.rb @@ -351,8 +351,8 @@ end it 'raises for invalid value' do expect(IdentityConfig.store).to receive(:proofing_device_profiling).and_return(:emnabled) - expect { FeatureManagement.proofing_device_profiling_collecting_enabled? }. - to raise_error + expect { FeatureManagement.proofing_device_profiling_collecting_enabled? } + .to raise_error end end @@ -371,8 +371,8 @@ end it 'raises for invalid value' do expect(IdentityConfig.store).to receive(:proofing_device_profiling).and_return(:dissabled) - expect { FeatureManagement.proofing_device_profiling_decisioning_enabled? }. - to raise_error + expect { FeatureManagement.proofing_device_profiling_decisioning_enabled? } + .to raise_error end end @@ -385,14 +385,14 @@ subject(:recaptcha_enabled) { FeatureManagement.recaptcha_enabled? } before do - allow(IdentityConfig.store).to receive(:recaptcha_site_key). - and_return(recaptcha_site_key) - allow(IdentityConfig.store).to receive(:recaptcha_secret_key). - and_return(recaptcha_secret_key) - allow(IdentityConfig.store).to receive(:recaptcha_enterprise_api_key). - and_return(recaptcha_enterprise_api_key) - allow(IdentityConfig.store).to receive(:recaptcha_enterprise_project_id). - and_return(recaptcha_enterprise_project_id) + allow(IdentityConfig.store).to receive(:recaptcha_site_key) + .and_return(recaptcha_site_key) + allow(IdentityConfig.store).to receive(:recaptcha_secret_key) + .and_return(recaptcha_secret_key) + allow(IdentityConfig.store).to receive(:recaptcha_enterprise_api_key) + .and_return(recaptcha_enterprise_api_key) + allow(IdentityConfig.store).to receive(:recaptcha_enterprise_project_id) + .and_return(recaptcha_enterprise_project_id) end it { is_expected.to eq(false) } @@ -430,8 +430,8 @@ before do allow(FeatureManagement).to receive(:recaptcha_enabled?).and_return(recaptcha_enabled) - allow(IdentityConfig.store).to receive(:phone_recaptcha_score_threshold). - and_return(phone_recaptcha_score_threshold) + allow(IdentityConfig.store).to receive(:phone_recaptcha_score_threshold) + .and_return(phone_recaptcha_score_threshold) end it { is_expected.to eq(false) } @@ -457,8 +457,8 @@ before do allow(FeatureManagement).to receive(:recaptcha_enabled?).and_return(recaptcha_enabled) - allow(IdentityConfig.store).to receive(:sign_in_recaptcha_score_threshold). - and_return(sign_in_recaptcha_score_threshold) + allow(IdentityConfig.store).to receive(:sign_in_recaptcha_score_threshold) + .and_return(sign_in_recaptcha_score_threshold) end it { is_expected.to eq(false) } @@ -483,10 +483,10 @@ subject(:recaptcha_enterprise) { FeatureManagement.recaptcha_enterprise? } before do - allow(IdentityConfig.store).to receive(:recaptcha_enterprise_api_key). - and_return(recaptcha_enterprise_api_key) - allow(IdentityConfig.store).to receive(:recaptcha_enterprise_project_id). - and_return(recaptcha_enterprise_project_id) + allow(IdentityConfig.store).to receive(:recaptcha_enterprise_api_key) + .and_return(recaptcha_enterprise_api_key) + allow(IdentityConfig.store).to receive(:recaptcha_enterprise_project_id) + .and_return(recaptcha_enterprise_project_id) end it { expect(recaptcha_enterprise).to eq(false) } @@ -511,10 +511,10 @@ before do allow(IdentityConfig.store).to receive(:idv_available).and_return(idv_available) - allow(IdentityConfig.store).to receive(:vendor_status_lexisnexis_instant_verify). - and_return(vendor_status_lexisnexis_instant_verify) - allow(IdentityConfig.store).to receive(:vendor_status_lexisnexis_trueid). - and_return(vendor_status_lexisnexis_trueid) + allow(IdentityConfig.store).to receive(:vendor_status_lexisnexis_instant_verify) + .and_return(vendor_status_lexisnexis_instant_verify) + allow(IdentityConfig.store).to receive(:vendor_status_lexisnexis_trueid) + .and_return(vendor_status_lexisnexis_trueid) end it 'returns true by default' do diff --git a/spec/lib/identity_config_spec.rb b/spec/lib/identity_config_spec.rb index 2610aaf78ca..f8a2ffd60cd 100644 --- a/spec/lib/identity_config_spec.rb +++ b/spec/lib/identity_config_spec.rb @@ -11,16 +11,16 @@ it 'has defaults defined for all keys in default configuration' do aggregate_failures do key_types.keys.each do |key| - expect(default_yaml_config). - to have_key(key.to_s), "expected default configuration to include value for #{key}" + expect(default_yaml_config) + .to have_key(key.to_s), "expected default configuration to include value for #{key}" end end end it 'has all _enabled keys as booleans' do aggregate_failures do - key_types.select { |key, _type| key.to_s.end_with?('_enabled') }. - each do |key, type| + key_types.select { |key, _type| key.to_s.end_with?('_enabled') } + .each do |key, type| expect(type).to eq(:boolean), "expected #{key} to be a boolean" end end @@ -28,8 +28,8 @@ it 'has all _at keys as timestamps' do aggregate_failures do - key_types.select { |key, _type| key.to_s.end_with?('_at') }. - each do |key, type| + key_types.select { |key, _type| key.to_s.end_with?('_at') } + .each do |key, type| expect(type).to eq(:timestamp), "expected #{key} to be a timestamp" end end @@ -37,8 +37,8 @@ it 'has all _timeout keys as numbers' do aggregate_failures do - key_types.select { |key, _type| key.to_s.end_with?('_timeout') }. - each do |key, type| + key_types.select { |key, _type| key.to_s.end_with?('_timeout') } + .each do |key, type| expect(type).to eq(:float).or(eq(:integer)), "expected #{key} to be a number" end end diff --git a/spec/lib/otp_code_generator_spec.rb b/spec/lib/otp_code_generator_spec.rb index 02a5129a50b..83f5ee8ab4f 100644 --- a/spec/lib/otp_code_generator_spec.rb +++ b/spec/lib/otp_code_generator_spec.rb @@ -19,13 +19,13 @@ end it 'generates crockford-32 encoded words' do - expect(generate_alphanumeric_digits). - to match(/\A[a-z0-9]{#{TwoFactorAuthenticatable::DIRECT_OTP_LENGTH}}\Z/io) + expect(generate_alphanumeric_digits) + .to match(/\A[a-z0-9]{#{TwoFactorAuthenticatable::DIRECT_OTP_LENGTH}}\Z/io) end it 'filters out profanity' do - expect(SecureRandom).to receive(:random_number). - and_return( + expect(SecureRandom).to receive(:random_number) + .and_return( Base32::Crockford.decode('FART1'), Base32::Crockford.decode('FART2'), Base32::Crockford.decode('ABCDE'), diff --git a/spec/lib/pinpoint_supported_countries_spec.rb b/spec/lib/pinpoint_supported_countries_spec.rb index 1a3a84b0ee9..55f39294e9a 100644 --- a/spec/lib/pinpoint_supported_countries_spec.rb +++ b/spec/lib/pinpoint_supported_countries_spec.rb @@ -3,10 +3,10 @@ RSpec.describe PinpointSupportedCountries do before do - stub_request(:get, PinpointSupportedCountries::PINPOINT_SMS_URL). - to_return(body: sms_table) - stub_request(:get, PinpointSupportedCountries::PINPOINT_VOICE_URL). - to_return(body: voice_table) + stub_request(:get, PinpointSupportedCountries::PINPOINT_SMS_URL) + .to_return(body: sms_table) + stub_request(:get, PinpointSupportedCountries::PINPOINT_VOICE_URL) + .to_return(body: voice_table) stub_const('STDERR', StringIO.new) end diff --git a/spec/lib/pwned_password_downloader_spec.rb b/spec/lib/pwned_password_downloader_spec.rb index ff220254e8f..2b1c15c7c8e 100644 --- a/spec/lib/pwned_password_downloader_spec.rb +++ b/spec/lib/pwned_password_downloader_spec.rb @@ -26,8 +26,8 @@ 03643C928B2BCD37475C574E6F31B4650AD:22 BODY ) - stub_request(:get, URI.join(PwnedPasswordDownloader::RANGE_API_ROOT, '00001').to_s). - to_return(body: '00C271B56ABE9E5C137217BF2DE657C7B2F:5') + stub_request(:get, URI.join(PwnedPasswordDownloader::RANGE_API_ROOT, '00001').to_s) + .to_return(body: '00C271B56ABE9E5C137217BF2DE657C7B2F:5') allow(downloader).to receive(:wait_for_progress) end @@ -52,9 +52,9 @@ context 'when server connection fails once' do before do already_called = false - expect(downloader).to receive(:download_one). - exactly(3).times. - and_wrap_original do |original, **kwargs| + expect(downloader).to receive(:download_one) + .exactly(3).times + .and_wrap_original do |original, **kwargs| if already_called original.call(**kwargs) else @@ -73,9 +73,9 @@ context 'when server connection fails repeatedly' do before do - expect(downloader).to receive(:download_one). - at_least(9).times. - and_raise(Socket::ResolutionError) + expect(downloader).to receive(:download_one) + .at_least(9).times + .and_raise(Socket::ResolutionError) end it 'eventually raises an error that the download failed' do diff --git a/spec/lib/reporting/cloudwatch_client_spec.rb b/spec/lib/reporting/cloudwatch_client_spec.rb index 984910a52e3..4d9e42d6386 100644 --- a/spec/lib/reporting/cloudwatch_client_spec.rb +++ b/spec/lib/reporting/cloudwatch_client_spec.rb @@ -100,12 +100,12 @@ def stub_single_page let(:time_slices) { [1..2, 3..4, 5..6] } it 'uses the slices directly' do - expect(client).to receive(:fetch_one). - with(hash_including(start_time: 1, end_time: 2)).and_call_original - expect(client).to receive(:fetch_one). - with(hash_including(start_time: 3, end_time: 4)).and_call_original - expect(client).to receive(:fetch_one). - with(hash_including(start_time: 5, end_time: 6)).and_call_original + expect(client).to receive(:fetch_one) + .with(hash_including(start_time: 1, end_time: 2)).and_call_original + expect(client).to receive(:fetch_one) + .with(hash_including(start_time: 3, end_time: 4)).and_call_original + expect(client).to receive(:fetch_one) + .with(hash_including(start_time: 5, end_time: 6)).and_call_original fetch end diff --git a/spec/lib/reporting/fraud_metrics_lg99_report_spec.rb b/spec/lib/reporting/fraud_metrics_lg99_report_spec.rb index 51164dde294..82c8aa2cefa 100644 --- a/spec/lib/reporting/fraud_metrics_lg99_report_spec.rb +++ b/spec/lib/reporting/fraud_metrics_lg99_report_spec.rb @@ -81,8 +81,8 @@ describe '#suspended_metrics_table' do it 'renders a suspended metrics table' do aggregate_failures do - report.suspended_metrics_table.zip(expected_suspended_metrics_table). - each do |actual, expected| + report.suspended_metrics_table.zip(expected_suspended_metrics_table) + .each do |actual, expected| expect(actual).to eq(expected) end end @@ -92,8 +92,8 @@ describe '#reinstated_metrics_table' do it 'renders a reinstated metrics table' do aggregate_failures do - report.reinstated_metrics_table.zip(expected_reinstated_metrics_table). - each do |actual, expected| + report.reinstated_metrics_table.zip(expected_reinstated_metrics_table) + .each do |actual, expected| expect(actual).to eq(expected) end end diff --git a/spec/lib/reporting/monthly_idv_report_spec.rb b/spec/lib/reporting/monthly_idv_report_spec.rb index b9433c566ca..6e0b6ba6595 100644 --- a/spec/lib/reporting/monthly_idv_report_spec.rb +++ b/spec/lib/reporting/monthly_idv_report_spec.rb @@ -102,8 +102,8 @@ it 'returns IdV reports for the expected months' do [june, july, august].each do |month| - expect(Reporting::IdentityVerificationReport).to receive(:new). - with(issuers: nil, time_range: month, cloudwatch_client: anything) + expect(Reporting::IdentityVerificationReport).to receive(:new) + .with(issuers: nil, time_range: month, cloudwatch_client: anything) end subject.monthly_subreports diff --git a/spec/lib/tasks/dev_rake_spec.rb b/spec/lib/tasks/dev_rake_spec.rb index 84a6e474e72..78dc1c86ea1 100644 --- a/spec/lib/tasks/dev_rake_spec.rb +++ b/spec/lib/tasks/dev_rake_spec.rb @@ -346,17 +346,17 @@ stub_request( :post, %r{/ivs-ippaas-api/IPPRest/resources/rest/optInIPPApplicant}, - ).to_raise(Faraday::TimeoutError).times(2).then. - to_return( + ).to_raise(Faraday::TimeoutError).times(2).then + .to_return( status: 200, body: UspsInPersonProofing::Mock::Fixtures.request_enroll_response, headers: { 'content-type' => 'application/json' }, ).times(1) - expect(UspsInPersonProofing::EnrollmentHelper). - to receive(:schedule_in_person_enrollment).and_call_original.exactly(3).times - expect(Rails.logger).to receive(:error). - with('Exception raised while enrolling user: Exception from WebMock').exactly(2).times + expect(UspsInPersonProofing::EnrollmentHelper) + .to receive(:schedule_in_person_enrollment).and_call_original.exactly(3).times + expect(Rails.logger).to receive(:error) + .with('Exception raised while enrolling user: Exception from WebMock').exactly(2).times Rake::Task['dev:random_in_person_users'].invoke @@ -374,18 +374,18 @@ stub_request( :post, %r{/ivs-ippaas-api/IPPRest/resources/rest/optInIPPApplicant}, - ). - to_return( + ) + .to_return( status: 200, body: UspsInPersonProofing::Mock::Fixtures.request_enroll_response, headers: { 'content-type' => 'application/json' }, - ). - then.to_raise(Faraday::TimeoutError).times(5) + ) + .then.to_raise(Faraday::TimeoutError).times(5) - expect(UspsInPersonProofing::EnrollmentHelper). - to receive(:schedule_in_person_enrollment).and_call_original.exactly(6).times - expect(Rails.logger).to receive(:error). - with('Exception raised while enrolling user: Exception from WebMock').exactly(5).times + expect(UspsInPersonProofing::EnrollmentHelper) + .to receive(:schedule_in_person_enrollment).and_call_original.exactly(6).times + expect(Rails.logger).to receive(:error) + .with('Exception raised while enrolling user: Exception from WebMock').exactly(5).times expect do Rake::Task['dev:random_in_person_users'].invoke @@ -404,18 +404,18 @@ stub_request( :post, %r{/ivs-ippaas-api/IPPRest/resources/rest/optInIPPApplicant}, - ). - to_return( + ) + .to_return( status: 200, body: UspsInPersonProofing::Mock::Fixtures.request_enroll_response, headers: { 'content-type' => 'application/json' }, - ). - then.to_raise(Faraday::TimeoutError).times(3) + ) + .then.to_raise(Faraday::TimeoutError).times(3) - expect(UspsInPersonProofing::EnrollmentHelper). - to receive(:schedule_in_person_enrollment).and_call_original.exactly(4).times - expect(Rails.logger).to receive(:error). - with('Exception raised while enrolling user: Exception from WebMock').exactly(3).times + expect(UspsInPersonProofing::EnrollmentHelper) + .to receive(:schedule_in_person_enrollment).and_call_original.exactly(4).times + expect(Rails.logger).to receive(:error) + .with('Exception raised while enrolling user: Exception from WebMock').exactly(3).times expect do Rake::Task['dev:random_in_person_users'].invoke @@ -431,14 +431,14 @@ stub_request( :post, %r{/ivs-ippaas-api/IPPRest/resources/rest/optInIPPApplicant}, - ).to_raise(Faraday::TimeoutError).times(2).then. - to_return( + ).to_raise(Faraday::TimeoutError).times(2).then + .to_return( status: 200, body: UspsInPersonProofing::Mock::Fixtures.request_enroll_response, headers: { 'content-type' => 'application/json' }, ).times(1) - expect(UspsInPersonProofing::EnrollmentHelper). - to receive(:schedule_in_person_enrollment).and_call_original.exactly(3).times + expect(UspsInPersonProofing::EnrollmentHelper) + .to receive(:schedule_in_person_enrollment).and_call_original.exactly(3).times expect(Kernel).to receive(:sleep).exactly(3).times.with(0.2) Rake::Task['dev:random_in_person_users'].invoke diff --git a/spec/lib/tasks/partners_rake_spec.rb b/spec/lib/tasks/partners_rake_spec.rb index 972901cfe87..5cec95da44e 100644 --- a/spec/lib/tasks/partners_rake_spec.rb +++ b/spec/lib/tasks/partners_rake_spec.rb @@ -113,8 +113,8 @@ it 'displays an error message' do expect { Rake::Task[task].invoke }.to \ - output("You must define the environment variables EMAIL_FILE, SP_FILE, and OUTPUT\n"). - to_stdout + output("You must define the environment variables EMAIL_FILE, SP_FILE, and OUTPUT\n") + .to_stdout end it 'exits' do @@ -132,8 +132,8 @@ it 'displays an error message' do expect { Rake::Task[task].invoke }.to \ - output("You must define the environment variables EMAIL_FILE, SP_FILE, and OUTPUT\n"). - to_stdout + output("You must define the environment variables EMAIL_FILE, SP_FILE, and OUTPUT\n") + .to_stdout end it 'exits' do @@ -151,8 +151,8 @@ it 'displays an error message' do expect { Rake::Task[task].invoke }.to \ - output("You must define the environment variables EMAIL_FILE, SP_FILE, and OUTPUT\n"). - to_stdout + output("You must define the environment variables EMAIL_FILE, SP_FILE, and OUTPUT\n") + .to_stdout end it 'exits' do diff --git a/spec/lib/telephony/otp_sender_spec.rb b/spec/lib/telephony/otp_sender_spec.rb index ae5f58f30ce..02e271d30ea 100644 --- a/spec/lib/telephony/otp_sender_spec.rb +++ b/spec/lib/telephony/otp_sender_spec.rb @@ -269,8 +269,8 @@ let(:otp) { '123456' } it 'is the code separated by commas' do - expect(otp_transformed_for_channel). - to eq( + expect(otp_transformed_for_channel) + .to eq( "1 2 3 4 "\ " 5 6 ", ) @@ -281,8 +281,8 @@ let(:otp) { 'ABC123' } it 'is the code separated by commas' do - expect(otp_transformed_for_channel). - to eq( + expect(otp_transformed_for_channel) + .to eq( "A B C 1 "\ " 2 3 ", ) diff --git a/spec/lib/telephony/pinpoint/opt_out_manager_spec.rb b/spec/lib/telephony/pinpoint/opt_out_manager_spec.rb index e95b6fda5d3..1884138c9ee 100644 --- a/spec/lib/telephony/pinpoint/opt_out_manager_spec.rb +++ b/spec/lib/telephony/pinpoint/opt_out_manager_spec.rb @@ -8,8 +8,8 @@ let(:phone_number) { Faker::PhoneNumber.cell_phone } before do - allow(opt_out_manager).to receive(:build_client). - and_return(first_client, second_client) + allow(opt_out_manager).to receive(:build_client) + .and_return(first_client, second_client) end let(:first_client) { Aws::SNS::Client.new(stub_responses: true) } @@ -123,8 +123,8 @@ def add_second_region_config end it 'iterates phone numbers across regions' do - expect(opt_out_manager.opted_out_numbers.to_a). - to eq([phone1, phone2, phone3, phone4, phone5, phone6]) + expect(opt_out_manager.opted_out_numbers.to_a) + .to eq([phone1, phone2, phone3, phone4, phone5, phone6]) end end end diff --git a/spec/lib/telephony/pinpoint/voice_sender_spec.rb b/spec/lib/telephony/pinpoint/voice_sender_spec.rb index f82bfc378cd..438e352ed8d 100644 --- a/spec/lib/telephony/pinpoint/voice_sender_spec.rb +++ b/spec/lib/telephony/pinpoint/voice_sender_spec.rb @@ -62,9 +62,9 @@ def mock_build_clients(client: pinpoint_client, backup_client: backup_pinpoint_c end it 'initializes a pinpoint sms and voice client and uses that to send a message' do - expect(pinpoint_client).to receive(:send_voice_message). - with(expected_message). - and_return(pinpoint_response) + expect(pinpoint_client).to receive(:send_voice_message) + .with(expected_message) + .and_return(pinpoint_response) response = voice_sender.deliver(message: message, to: recipient_phone, country_code: 'US') @@ -81,9 +81,9 @@ def mock_build_clients(client: pinpoint_client, backup_client: backup_pinpoint_c it 'calls the user with a spanish voice' do expected_message[:content][:ssml_message][:language_code] = 'es-US' expected_message[:content][:ssml_message][:voice_id] = 'Miguel' - expect(pinpoint_client).to receive(:send_voice_message). - with(expected_message). - and_return(pinpoint_response) + expect(pinpoint_client).to receive(:send_voice_message) + .with(expected_message) + .and_return(pinpoint_response) response = voice_sender.deliver(message: message, to: recipient_phone, country_code: 'US') @@ -100,9 +100,9 @@ def mock_build_clients(client: pinpoint_client, backup_client: backup_pinpoint_c it 'calls the user with a french voice' do expected_message[:content][:ssml_message][:language_code] = 'fr-FR' expected_message[:content][:ssml_message][:voice_id] = 'Mathieu' - expect(pinpoint_client).to receive(:send_voice_message). - with(expected_message). - and_return(pinpoint_response) + expect(pinpoint_client).to receive(:send_voice_message) + .with(expected_message) + .and_return(pinpoint_response) response = voice_sender.deliver(message: message, to: recipient_phone, country_code: 'US') @@ -189,8 +189,8 @@ def mock_build_clients(client: pinpoint_client, backup_client: backup_pinpoint_c context 'when pinpoint raises a timeout exception' do it 'rescues the exception and returns an error' do exception = Seahorse::Client::NetworkingError.new(Net::ReadTimeout.new) - expect(pinpoint_client). - to receive(:send_voice_message).and_raise(exception) + expect(pinpoint_client) + .to receive(:send_voice_message).and_raise(exception) response = voice_sender.deliver(message: message, to: recipient_phone, country_code: 'US') @@ -217,9 +217,9 @@ def mock_build_clients(client: pinpoint_client, backup_client: backup_pinpoint_c context 'when the first config succeeds' do before do - expect(pinpoint_client).to receive(:send_voice_message). - with(expected_message). - and_return(pinpoint_response) + expect(pinpoint_client).to receive(:send_voice_message) + .with(expected_message) + .and_return(pinpoint_response) expect(backup_pinpoint_client).to_not receive(:send_voice_message) end @@ -242,9 +242,9 @@ def mock_build_clients(client: pinpoint_client, backup_client: backup_pinpoint_c # second config succeeds expected_message[:origination_phone_number] = backup_longcode - expect(backup_pinpoint_client).to receive(:send_voice_message). - with(expected_message). - and_return(pinpoint_response) + expect(backup_pinpoint_client).to receive(:send_voice_message) + .with(expected_message) + .and_return(pinpoint_response) end it 'logs a warning and tries the other configs' do diff --git a/spec/lib/telephony/telephony_spec.rb b/spec/lib/telephony/telephony_spec.rb index 1c71c6005ac..723d2263cb5 100644 --- a/spec/lib/telephony/telephony_spec.rb +++ b/spec/lib/telephony/telephony_spec.rb @@ -52,8 +52,8 @@ ).to eq 124 # The double-length characters should count as twice their length - expect(Telephony.sms_character_length(Telephony::GSM_DOUBLE_CHARACTERS.join(''))). - to eq(Telephony::GSM_DOUBLE_CHARACTERS.length * 2) + expect(Telephony.sms_character_length(Telephony::GSM_DOUBLE_CHARACTERS.join(''))) + .to eq(Telephony::GSM_DOUBLE_CHARACTERS.length * 2) # Space, new line, and carriage return all count as 1 character expect(Telephony.sms_character_length("\n\r ")).to eq 3 @@ -61,8 +61,8 @@ expect(Telephony.sms_character_length("Login.gov\nParty")).to eq 15 random_double_character = Telephony::GSM_DOUBLE_CHARACTERS.to_a.sample - expect(Telephony.sms_character_length("abc\n¥ΔΦΓΛΩΠΨΣΘΞ#{random_double_character}")). - to eq 17 + expect(Telephony.sms_character_length("abc\n¥ΔΦΓΛΩΠΨΣΘΞ#{random_double_character}")) + .to eq 17 end it 'calculates correct length of messages containing non-GSM characters' do diff --git a/spec/mailers/previews/user_mailer_preview.rb b/spec/mailers/previews/user_mailer_preview.rb index 4bf1af6242b..297b4c5a7f9 100644 --- a/spec/mailers/previews/user_mailer_preview.rb +++ b/spec/mailers/previews/user_mailer_preview.rb @@ -1,15 +1,15 @@ class UserMailerPreview < ActionMailer::Preview def email_confirmation_instructions - UserMailer.with(user: user, email_address: email_address_record). - email_confirmation_instructions( + UserMailer.with(user: user, email_address: email_address_record) + .email_confirmation_instructions( SecureRandom.hex, request_id: SecureRandom.uuid, ) end def signup_with_your_email - UserMailer.with(user: user, email_address: email_address_record). - signup_with_your_email(request_id: SecureRandom.uuid) + UserMailer.with(user: user, email_address: email_address_record) + .signup_with_your_email(request_id: SecureRandom.uuid) end def reset_password_instructions @@ -35,18 +35,18 @@ def reset_password_instructions_with_pending_in_person_warning end def password_changed - UserMailer.with(user: user, email_address: email_address_record). - password_changed(disavowal_token: SecureRandom.hex) + UserMailer.with(user: user, email_address: email_address_record) + .password_changed(disavowal_token: SecureRandom.hex) end def phone_added - UserMailer.with(user: user, email_address: email_address_record). - phone_added(disavowal_token: SecureRandom.hex) + UserMailer.with(user: user, email_address: email_address_record) + .phone_added(disavowal_token: SecureRandom.hex) end def personal_key_sign_in - UserMailer.with(user: user, email_address: email_address_record). - personal_key_sign_in(disavowal_token: SecureRandom.hex) + UserMailer.with(user: user, email_address: email_address_record) + .personal_key_sign_in(disavowal_token: SecureRandom.hex) end def new_device_sign_in_after_2fa @@ -144,8 +144,8 @@ def verify_by_mail_letter_requested end def add_email - UserMailer.with(user: user, email_address: email_address_record). - add_email(token: SecureRandom.hex, request_id: nil) + UserMailer.with(user: user, email_address: email_address_record) + .add_email(token: SecureRandom.hex, request_id: nil) end def email_added @@ -157,8 +157,8 @@ def email_deleted end def add_email_associated_with_another_account - UserMailer.with(user: user, email_address: email_address_record). - add_email_associated_with_another_account + UserMailer.with(user: user, email_address: email_address_record) + .add_email_associated_with_another_account end def account_verified diff --git a/spec/mailers/report_mailer_spec.rb b/spec/mailers/report_mailer_spec.rb index de7988e5d81..414f62a9ec7 100644 --- a/spec/mailers/report_mailer_spec.rb +++ b/spec/mailers/report_mailer_spec.rb @@ -112,8 +112,8 @@ it 'renders the tables in HTML', aggregate_failures: true do doc = Nokogiri::HTML(mail.html_part.body.to_s) - expect(doc.css('h2').map(&:text)). - to eq(['Table 1', 'Custom Table 2', 'Custom Table 3 With Very Long Name']) + expect(doc.css('h2').map(&:text)) + .to eq(['Table 1', 'Custom Table 2', 'Custom Table 3 With Very Long Name']) _first_table, percent_table, float_table = doc.css('table') @@ -144,8 +144,8 @@ tables = mail.attachments.map { |a| CSV.parse(a.read) } expect(tables).to eq( - [first_table, second_table, third_table]. - map { |table| table.map { |row| row.map(&:to_s) } }, + [first_table, second_table, third_table] + .map { |table| table.map { |row| row.map(&:to_s) } }, ) end end diff --git a/spec/mailers/user_mailer_spec.rb b/spec/mailers/user_mailer_spec.rb index 8155d26713a..8e273ac41ef 100644 --- a/spec/mailers/user_mailer_spec.rb +++ b/spec/mailers/user_mailer_spec.rb @@ -12,8 +12,8 @@ describe '#validate_user_and_email_address' do let(:request_id) { '1234-abcd' } let(:mail) do - UserMailer.with(user: user, email_address: email_address). - signup_with_your_email(request_id: request_id) + UserMailer.with(user: user, email_address: email_address) + .signup_with_your_email(request_id: request_id) end context 'with user and email address match' do @@ -35,8 +35,8 @@ describe '#add_email' do let(:token) { SecureRandom.hex } let(:mail) do - UserMailer.with(user: user, email_address: email_address). - add_email(token: token, request_id: nil, from_select_email_flow: nil) + UserMailer.with(user: user, email_address: email_address) + .add_email(token: token, request_id: nil, from_select_email_flow: nil) end it_behaves_like 'a system email' @@ -52,8 +52,8 @@ context 'when user adds email from select email flow' do let(:token) { SecureRandom.hex } let(:mail) do - UserMailer.with(user: user, email_address: email_address). - add_email(token: token, request_id: nil, from_select_email_flow: true) + UserMailer.with(user: user, email_address: email_address) + .add_email(token: token, request_id: nil, from_select_email_flow: true) end it 'renders the add_email_confirmation_url' do @@ -93,8 +93,8 @@ describe '#add_email_associated_with_another_account' do let(:mail) do - UserMailer.with(user: user, email_address: email_address). - add_email_associated_with_another_account + UserMailer.with(user: user, email_address: email_address) + .add_email_associated_with_another_account end it_behaves_like 'a system email' @@ -291,8 +291,8 @@ describe '#personal_key_sign_in' do let(:mail) do - UserMailer.with(user: user, email_address: user.email_addresses.first). - personal_key_sign_in(disavowal_token: 'asdf1234') + UserMailer.with(user: user, email_address: user.email_addresses.first) + .personal_key_sign_in(disavowal_token: 'asdf1234') end it_behaves_like 'a system email' @@ -321,8 +321,8 @@ let(:token) { 'asdf123' } let(:mail) do - UserMailer.with(user: user, email_address: user.email_addresses.first). - email_confirmation_instructions( + UserMailer.with(user: user, email_address: user.email_addresses.first) + .email_confirmation_instructions( token, request_id: request_id, ) @@ -386,8 +386,8 @@ describe '#signup_with_your_email' do let(:request_id) { '1234-abcd' } let(:mail) do - UserMailer.with(user: user, email_address: user.email_addresses.first). - signup_with_your_email(request_id: request_id) + UserMailer.with(user: user, email_address: user.email_addresses.first) + .signup_with_your_email(request_id: request_id) end it_behaves_like 'a system email' @@ -423,8 +423,8 @@ describe '#phone_added' do disavowal_token = 'i_am_disavowal_token' let(:mail) do - UserMailer.with(user: user, email_address: email_address). - phone_added(disavowal_token: disavowal_token) + UserMailer.with(user: user, email_address: email_address) + .phone_added(disavowal_token: disavowal_token) end it_behaves_like 'a system email' @@ -509,8 +509,8 @@ def expect_email_body_to_have_help_and_contact_links describe '#account_reset_granted' do let(:mail) do - UserMailer.with(user: user, email_address: email_address). - account_reset_granted(user.account_reset_request) + UserMailer.with(user: user, email_address: email_address) + .account_reset_granted(user.account_reset_request) end let(:account_reset_deletion_period_hours) { '24 hours' } let(:token_expiration_interval) { '24 hours' } @@ -556,8 +556,8 @@ def expect_email_body_to_have_help_and_contact_links describe '#account_reset_complete' do let(:mail) do - UserMailer.with(user: user, email_address: email_address). - account_reset_complete + UserMailer.with(user: user, email_address: email_address) + .account_reset_complete end it_behaves_like 'a system email' @@ -572,8 +572,8 @@ def expect_email_body_to_have_help_and_contact_links end it 'renders the body' do - expect(mail.html_part.body). - to have_content( + expect(mail.html_part.body) + .to have_content( strip_tags(t('user_mailer.account_reset_complete.intro_html', app_name_html: APP_NAME)), ) end @@ -581,8 +581,8 @@ def expect_email_body_to_have_help_and_contact_links describe '#account_delete_submitted' do let(:mail) do - UserMailer.with(user: user, email_address: email_address). - account_delete_submitted + UserMailer.with(user: user, email_address: email_address) + .account_delete_submitted end it_behaves_like 'a system email' @@ -597,8 +597,8 @@ def expect_email_body_to_have_help_and_contact_links end it 'renders the body' do - expect(mail.html_part.body). - to have_content( + expect(mail.html_part.body) + .to have_content( strip_tags(t('user_mailer.account_reset_complete.intro_html', app_name_html: APP_NAME)), ) end @@ -606,8 +606,8 @@ def expect_email_body_to_have_help_and_contact_links describe '#account_reset_cancel' do let(:mail) do - UserMailer.with(user: user, email_address: email_address). - account_reset_cancel + UserMailer.with(user: user, email_address: email_address) + .account_reset_cancel end it_behaves_like 'a system email' @@ -622,8 +622,8 @@ def expect_email_body_to_have_help_and_contact_links end it 'renders the body' do - expect(mail.html_part.body). - to have_content( + expect(mail.html_part.body) + .to have_content( strip_tags(t('user_mailer.account_reset_cancel.intro_html', app_name_html: APP_NAME)), ) end @@ -644,13 +644,13 @@ def expect_email_body_to_have_help_and_contact_links end it 'renders the body' do - expect(mail.html_part.body). - to have_content( + expect(mail.html_part.body) + .to have_content( strip_tags(t('user_mailer.please_reset_password.intro', app_name: APP_NAME)), ) - expect(mail.html_part.body). - to have_content(strip_tags(t('user_mailer.please_reset_password.call_to_action'))) + expect(mail.html_part.body) + .to have_content(strip_tags(t('user_mailer.please_reset_password.call_to_action'))) end it 'logs email metadata to analytics' do @@ -779,8 +779,8 @@ def expect_email_body_to_have_help_and_contact_links let(:date_time) { Time.zone.now } let(:profile) { create(:profile, :active) } let(:mail) do - UserMailer.with(user: user, email_address: email_address). - account_verified(profile: profile) + UserMailer.with(user: user, email_address: email_address) + .account_verified(profile: profile) end it_behaves_like 'a system email' @@ -867,15 +867,15 @@ def expect_email_body_to_have_help_and_contact_links let(:in_person_outage_expected_update_date) { 'October 31, 2023' } it 'renders a warning when the flag is enabled' do - allow(IdentityConfig.store).to receive(:in_person_outage_message_enabled). - and_return(true) - allow(IdentityConfig.store).to receive(:in_person_outage_emailed_by_date). - and_return(in_person_outage_emailed_by_date) - allow(IdentityConfig.store).to receive(:in_person_outage_expected_update_date). - and_return(in_person_outage_expected_update_date) - - expect(mail.html_part.body). - to have_content( + allow(IdentityConfig.store).to receive(:in_person_outage_message_enabled) + .and_return(true) + allow(IdentityConfig.store).to receive(:in_person_outage_emailed_by_date) + .and_return(in_person_outage_emailed_by_date) + allow(IdentityConfig.store).to receive(:in_person_outage_expected_update_date) + .and_return(in_person_outage_expected_update_date) + + expect(mail.html_part.body) + .to have_content( t( 'idv.failure.exceptions.in_person_outage_error_message.ready_to_verify.title', date: formatted_date, @@ -884,12 +884,12 @@ def expect_email_body_to_have_help_and_contact_links end it 'does not render a warning when outage dates are not included' do - allow(IdentityConfig.store).to receive(:in_person_outage_message_enabled). - and_return(true) - allow(IdentityConfig.store).to receive(:in_person_outage_emailed_by_date). - and_return('') - allow(IdentityConfig.store).to receive(:in_person_outage_expected_update_date). - and_return('') + allow(IdentityConfig.store).to receive(:in_person_outage_message_enabled) + .and_return(true) + allow(IdentityConfig.store).to receive(:in_person_outage_emailed_by_date) + .and_return('') + allow(IdentityConfig.store).to receive(:in_person_outage_expected_update_date) + .and_return('') expect(mail.html_part.body).to_not have_content( t( @@ -900,11 +900,11 @@ def expect_email_body_to_have_help_and_contact_links end it 'does not render a warning when the flag is disabled' do - allow(IdentityConfig.store).to receive(:in_person_outage_message_enabled). - and_return(false) + allow(IdentityConfig.store).to receive(:in_person_outage_message_enabled) + .and_return(false) - expect(mail.html_part.body). - to_not have_content( + expect(mail.html_part.body) + .to_not have_content( t('idv.failure.exceptions.in_person_outage_error_message.ready_to_verify.title'), ) end @@ -1100,8 +1100,8 @@ def expect_email_body_to_have_help_and_contact_links expect(mail.html_part.body).to have_content(part) end - t('in_person_proofing.process.eipp_state_id_supporting_docs.info_list'). - each do |item| + t('in_person_proofing.process.eipp_state_id_supporting_docs.info_list') + .each do |item| expect(mail.html_part.body).to have_content(strip_tags(item)) end end @@ -1124,8 +1124,8 @@ def expect_email_body_to_have_help_and_contact_links expect(mail.html_part.body).to have_content(part) end - t('in_person_proofing.process.eipp_state_id_supporting_docs.info_list'). - each do |item| + t('in_person_proofing.process.eipp_state_id_supporting_docs.info_list') + .each do |item| expect(mail.html_part.body).to have_content(strip_tags(item)) end end @@ -1338,15 +1338,15 @@ def expect_email_body_to_have_help_and_contact_links end it 'renders the body' do - expect(mail.html_part.body). - to have_content( + expect(mail.html_part.body) + .to have_content( t( 'user_mailer.in_person_completion_survey.body.thanks', app_name: APP_NAME, ), ) - expect(mail.html_part.body). - to have_selector( + expect(mail.html_part.body) + .to have_selector( "a[href='#{MarketingSite.security_and_privacy_practices_url}']", ) end @@ -1358,8 +1358,8 @@ def expect_email_body_to_have_help_and_contact_links end it 'renders the post opt-in in person completion survey url' do - expect(mail.html_part.body). - to have_selector( + expect(mail.html_part.body) + .to have_selector( "a[href='#{IdentityConfig.store.in_person_opt_in_available_completion_survey_url}']", ) end @@ -1372,8 +1372,8 @@ def expect_email_body_to_have_help_and_contact_links end it 'renders the pre opt-in in person completion survey url' do - expect(mail.html_part.body). - to have_selector( + expect(mail.html_part.body) + .to have_selector( "a[href='#{IdentityConfig.store.in_person_completion_survey_url}']", ) end @@ -1383,8 +1383,8 @@ def expect_email_body_to_have_help_and_contact_links describe '#suspended_reset_password' do let(:mail) do - UserMailer.with(user: user, email_address: email_address). - suspended_reset_password + UserMailer.with(user: user, email_address: email_address) + .suspended_reset_password end it_behaves_like 'a system email' @@ -1399,8 +1399,8 @@ def expect_email_body_to_have_help_and_contact_links end it 'renders the body' do - expect(mail.html_part.body). - to have_content( + expect(mail.html_part.body) + .to have_content( t( 'user_mailer.suspended_reset_password.message', support_code: IdentityConfig.store.account_suspended_support_code, @@ -1427,8 +1427,8 @@ def expect_email_body_to_have_help_and_contact_links end it 'renders the body' do - expect(mail.html_part.body). - to have_content( + expect(mail.html_part.body) + .to have_content( t( 'user_mailer.suspended_create_account.message', app_name: APP_NAME, @@ -1555,10 +1555,10 @@ def expect_email_body_to_have_help_and_contact_links let(:user) { build(:user, email_language: :es) } it 'translates the footer help text correctly' do - expect(mail.html_part.body). - to include(t('user_mailer.suspension_confirmed.contact_agency', locale: :es)) - expect(mail.html_part.body). - to_not include(t('user_mailer.suspension_confirmed.contact_agency', locale: :en)) + expect(mail.html_part.body) + .to include(t('user_mailer.suspension_confirmed.contact_agency', locale: :es)) + expect(mail.html_part.body) + .to_not include(t('user_mailer.suspension_confirmed.contact_agency', locale: :en)) end end end diff --git a/spec/models/agreements/iaa_gtc_spec.rb b/spec/models/agreements/iaa_gtc_spec.rb index 394fa9ed94a..c7bcecbecee 100644 --- a/spec/models/agreements/iaa_gtc_spec.rb +++ b/spec/models/agreements/iaa_gtc_spec.rb @@ -8,15 +8,15 @@ it { is_expected.to validate_uniqueness_of(:gtc_number) } it { is_expected.to validate_presence_of(:mod_number) } it do - is_expected.to validate_numericality_of(:mod_number). - only_integer. - is_greater_than_or_equal_to(0) + is_expected.to validate_numericality_of(:mod_number) + .only_integer + .is_greater_than_or_equal_to(0) end it do - is_expected.to validate_numericality_of(:estimated_amount). - is_less_than(10_000_000_000). - is_greater_than_or_equal_to(0). - allow_nil + is_expected.to validate_numericality_of(:estimated_amount) + .is_less_than(10_000_000_000) + .is_greater_than_or_equal_to(0) + .allow_nil end it { is_expected.to validate_presence_of(:start_date) } it { is_expected.to validate_presence_of(:end_date) } diff --git a/spec/models/agreements/iaa_order_spec.rb b/spec/models/agreements/iaa_order_spec.rb index f5a3cf44a92..dfd5d099c11 100644 --- a/spec/models/agreements/iaa_order_spec.rb +++ b/spec/models/agreements/iaa_order_spec.rb @@ -7,27 +7,27 @@ it { is_expected.to validate_presence_of(:order_number) } it { is_expected.to validate_uniqueness_of(:order_number).scoped_to(:iaa_gtc_id) } it do - is_expected.to validate_numericality_of(:order_number). - only_integer. - is_greater_than_or_equal_to(0) + is_expected.to validate_numericality_of(:order_number) + .only_integer + .is_greater_than_or_equal_to(0) end it { is_expected.to validate_presence_of(:mod_number) } it do - is_expected.to validate_numericality_of(:mod_number). - only_integer. - is_greater_than_or_equal_to(0) + is_expected.to validate_numericality_of(:mod_number) + .only_integer + .is_greater_than_or_equal_to(0) end it { is_expected.to validate_presence_of(:pricing_model) } it do - is_expected.to validate_numericality_of(:pricing_model). - only_integer. - is_greater_than_or_equal_to(0) + is_expected.to validate_numericality_of(:pricing_model) + .only_integer + .is_greater_than_or_equal_to(0) end it do - is_expected.to validate_numericality_of(:estimated_amount). - is_less_than(10_000_000_000). - is_greater_than_or_equal_to(0). - allow_nil + is_expected.to validate_numericality_of(:estimated_amount) + .is_less_than(10_000_000_000) + .is_greater_than_or_equal_to(0) + .allow_nil end it { is_expected.to validate_presence_of(:start_date) } it { is_expected.to validate_presence_of(:end_date) } diff --git a/spec/models/agreements/integration_spec.rb b/spec/models/agreements/integration_spec.rb index 81ad9da74ca..dbeb2245066 100644 --- a/spec/models/agreements/integration_spec.rb +++ b/spec/models/agreements/integration_spec.rb @@ -9,9 +9,9 @@ it { is_expected.to validate_presence_of(:name) } it { is_expected.to validate_uniqueness_of(:dashboard_identifier).allow_nil } it do - is_expected.to validate_numericality_of(:dashboard_identifier). - only_integer. - is_greater_than(0) + is_expected.to validate_numericality_of(:dashboard_identifier) + .only_integer + .is_greater_than(0) end it { is_expected.to belong_to(:partner_account) } diff --git a/spec/models/in_person_enrollment_spec.rb b/spec/models/in_person_enrollment_spec.rb index 0a6e70ac233..290abe0d61b 100644 --- a/spec/models/in_person_enrollment_spec.rb +++ b/spec/models/in_person_enrollment_spec.rb @@ -10,8 +10,8 @@ describe 'Status' do it 'defines enum correctly' do - should define_enum_for(:status). - with_values([:establishing, :pending, :passed, :failed, :expired, :cancelled]) + should define_enum_for(:status) + .with_values([:establishing, :pending, :passed, :failed, :expired, :cancelled]) end end @@ -20,8 +20,8 @@ user1 = create(:user) user2 = create(:user) profile2 = create(:profile, gpo_verification_pending_at: 1.day.ago, user: user2) - expect { create(:in_person_enrollment, user: user1, profile: profile2) }. - to raise_error ActiveRecord::RecordInvalid + expect { create(:in_person_enrollment, user: user1, profile: profile2) } + .to raise_error ActiveRecord::RecordInvalid expect(InPersonEnrollment.count).to eq 0 end @@ -31,8 +31,8 @@ profile2 = create(:profile, gpo_verification_pending_at: 1.day.ago, user: user) create(:in_person_enrollment, user: user, profile: profile, status: :pending) expect(InPersonEnrollment.pending.count).to eq 1 - expect { create(:in_person_enrollment, user: user, profile: profile2, status: :pending) }. - to raise_error ActiveRecord::RecordNotUnique + expect { create(:in_person_enrollment, user: user, profile: profile2, status: :pending) } + .to raise_error ActiveRecord::RecordNotUnique expect(InPersonEnrollment.pending.count).to eq 1 end @@ -41,8 +41,8 @@ profile = create(:profile, gpo_verification_pending_at: 1.day.ago, user: user) unique_id = InPersonEnrollment.generate_unique_id create(:in_person_enrollment, user: user, profile: profile, unique_id: unique_id) - expect { create(:in_person_enrollment, user: user, profile: profile, unique_id: unique_id) }. - to raise_error ActiveRecord::RecordNotUnique + expect { create(:in_person_enrollment, user: user, profile: profile, unique_id: unique_id) } + .to raise_error ActiveRecord::RecordNotUnique expect(InPersonEnrollment.count).to eq 1 end @@ -388,10 +388,10 @@ let(:validity_in_days) { 10 } before do - allow(IdentityConfig.store). - to( - receive(:in_person_enrollment_validity_in_days). - and_return(validity_in_days), + allow(IdentityConfig.store) + .to( + receive(:in_person_enrollment_validity_in_days) + .and_return(validity_in_days), ) end @@ -461,10 +461,10 @@ context 'eipp enrollment' do let(:eipp_validity_in_days) { 7 } before do - allow(IdentityConfig.store). - to( - receive(:in_person_eipp_enrollment_validity_in_days). - and_return(eipp_validity_in_days), + allow(IdentityConfig.store) + .to( + receive(:in_person_eipp_enrollment_validity_in_days) + .and_return(eipp_validity_in_days), ) end it 'days_to_due_date returns the number of days left until the due date' do diff --git a/spec/models/phone_number_opt_out_spec.rb b/spec/models/phone_number_opt_out_spec.rb index 942681208af..18d4a964366 100644 --- a/spec/models/phone_number_opt_out_spec.rb +++ b/spec/models/phone_number_opt_out_spec.rb @@ -29,8 +29,8 @@ spaces = '+1 888 867 5309' dashes = '+1-888-867-5309' - expect(PhoneNumberOptOut.create_or_find_with_phone(spaces).id). - to eq(PhoneNumberOptOut.create_or_find_with_phone(dashes).id) + expect(PhoneNumberOptOut.create_or_find_with_phone(spaces).id) + .to eq(PhoneNumberOptOut.create_or_find_with_phone(dashes).id) end end @@ -51,8 +51,8 @@ it 'formats the phone internationally' do unformatted = '1 (888) 867-5309' - expect(PhoneNumberOptOut.create_or_find_with_phone(unformatted).formatted_phone). - to eq('+1 888-867-5309') + expect(PhoneNumberOptOut.create_or_find_with_phone(unformatted).formatted_phone) + .to eq('+1 888-867-5309') end end diff --git a/spec/models/profile_spec.rb b/spec/models/profile_spec.rb index 10a5cc1aa64..1e7f1ffeec1 100644 --- a/spec/models/profile_spec.rb +++ b/spec/models/profile_spec.rb @@ -112,24 +112,24 @@ encrypt_pii - expect(user.reload.encrypted_recovery_code_digest_generated_at.to_i). - to be_within(1).of(Time.zone.now.to_i) + expect(user.reload.encrypted_recovery_code_digest_generated_at.to_i) + .to be_within(1).of(Time.zone.now.to_i) end context 'ssn fingerprinting' do it 'fingerprints the ssn' do - expect { encrypt_pii }. - to change { profile.ssn_signature }. - from(nil).to(Pii::Fingerprinter.fingerprint(ssn)) + expect { encrypt_pii } + .to change { profile.ssn_signature } + .from(nil).to(Pii::Fingerprinter.fingerprint(ssn)) end context 'ssn is blank' do let(:ssn) { nil } it 'does not fingerprint the SSN' do - expect { encrypt_pii }. - to_not change { profile.ssn_signature }. - from(nil) + expect { encrypt_pii } + .to_not change { profile.ssn_signature } + .from(nil) end end end @@ -144,18 +144,18 @@ ].join(':'), ) - expect { encrypt_pii }. - to change { profile.name_zip_birth_year_signature }. - from(nil).to(fingerprint) + expect { encrypt_pii } + .to change { profile.name_zip_birth_year_signature } + .from(nil).to(fingerprint) end context 'when a part of the compound PII key is missing' do let(:dob) { nil } it 'does not write a fingerprint' do - expect { encrypt_pii }. - to_not change { profile.name_zip_birth_year_signature }. - from(nil) + expect { encrypt_pii } + .to_not change { profile.name_zip_birth_year_signature } + .from(nil) end end end @@ -265,8 +265,8 @@ expect(profile.verified_at).to be_present # changed # TODO: call activate on the new profile instead - expect { user.profiles.create!(active: true) }. - to raise_error(ActiveRecord::RecordInvalid) + expect { user.profiles.create!(active: true) } + .to raise_error(ActiveRecord::RecordInvalid) end it 'prevents save! via psql unique partial index' do @@ -393,8 +393,8 @@ it 'sends a reproof completed push event' do profile = create(:profile, :active, user: user) - expect(PushNotification::HttpPush).to receive(:deliver). - with(PushNotification::ReproofCompletedEvent.new(user: user)) + expect(PushNotification::HttpPush).to receive(:deliver) + .with(PushNotification::ReproofCompletedEvent.new(user: user)) expect(profile.activated_at).to be_present expect(profile.active).to eq(true) @@ -1164,8 +1164,8 @@ profile.fraud_pending_reason = 'threatmetrix_review' expect { profile.deactivate_for_fraud_review }.to( - change { profile.fraud_review_pending? }.from(false).to(true). - and(change { profile.in_person_verification_pending_at }.to(nil)), + change { profile.fraud_review_pending? }.from(false).to(true) + .and(change { profile.in_person_verification_pending_at }.to(nil)), ) expect(profile).to_not be_active diff --git a/spec/models/service_provider_identity_spec.rb b/spec/models/service_provider_identity_spec.rb index 4d21613b5ac..6b1fcb95a63 100644 --- a/spec/models/service_provider_identity_spec.rb +++ b/spec/models/service_provider_identity_spec.rb @@ -28,8 +28,8 @@ identity = create(:service_provider_identity) identity.uuid = nil - expect { identity.save }. - to raise_error( + expect { identity.save } + .to raise_error( ActiveRecord::NotNullViolation, /null value in column "uuid".*violates not-null constraint/, ) @@ -41,8 +41,8 @@ identity2 = create(:service_provider_identity) identity2.uuid = identity1.uuid - expect { identity2.save }. - to raise_error( + expect { identity2.save } + .to raise_error( ActiveRecord::StatementInvalid, /duplicate key value violates unique constraint/, ) @@ -71,8 +71,8 @@ it 'generates it via SecureRandom.uuid' do identity = build(:service_provider_identity) - expect(identity.generate_uuid). - to match(/[a-f0-9]{8}-[a-f0-9]{4}-4[a-f0-9]{3}-[89aAbB][a-f0-9]{3}-[a-f0-9]{12}/) + expect(identity.generate_uuid) + .to match(/[a-f0-9]{8}-[a-f0-9]{4}-4[a-f0-9]{3}-[89aAbB][a-f0-9]{3}-[a-f0-9]{12}/) end end end @@ -123,14 +123,14 @@ describe 'uniqueness validation for service provider per user' do it 'raises an error when uniqueness constraint is broken' do ServiceProviderIdentity.create(user_id: user.id, service_provider: 'externalapp') - expect { ServiceProviderIdentity.create(user_id: user.id, service_provider: 'externalapp') }. - to raise_error(ActiveRecord::RecordNotUnique) + expect { ServiceProviderIdentity.create(user_id: user.id, service_provider: 'externalapp') } + .to raise_error(ActiveRecord::RecordNotUnique) end it 'does not raise an error for a different service provider' do ServiceProviderIdentity.create(user_id: user.id, service_provider: 'externalapp') - expect { ServiceProviderIdentity.create(user_id: user.id, service_provider: 'externalapp2') }. - to_not raise_error + expect { ServiceProviderIdentity.create(user_id: user.id, service_provider: 'externalapp2') } + .to_not raise_error end end diff --git a/spec/models/service_provider_spec.rb b/spec/models/service_provider_spec.rb index 387a17e1dbb..bc52f9ea8b9 100644 --- a/spec/models/service_provider_spec.rb +++ b/spec/models/service_provider_spec.rb @@ -9,10 +9,10 @@ it { is_expected.to belong_to(:agency) } it do - is_expected.to have_many(:identities). - inverse_of(:service_provider_record). - with_foreign_key('service_provider'). - with_primary_key('issuer') + is_expected.to have_many(:identities) + .inverse_of(:service_provider_record) + .with_foreign_key('service_provider') + .with_primary_key('issuer') end end @@ -65,8 +65,8 @@ describe '#skip_encryption_allowed' do context 'SP in allowed list' do before do - allow(IdentityConfig.store).to receive(:skip_encryption_allowed_list). - and_return(['http://localhost:3000']) + allow(IdentityConfig.store).to receive(:skip_encryption_allowed_list) + .and_return(['http://localhost:3000']) end it 'allows the SP to optionally skip encrypting the SAML response' do @@ -84,8 +84,8 @@ describe '#facial_match_ial_allowed?' do context 'when facial match general availability is enabled' do before do - allow(IdentityConfig.store).to receive(:facial_match_general_availability_enabled). - and_return(true) + allow(IdentityConfig.store).to receive(:facial_match_general_availability_enabled) + .and_return(true) end it 'allows the service provider to use facial match IALs' do @@ -95,8 +95,8 @@ context 'when the facial match general availability is disabled' do before do - allow(IdentityConfig.store).to receive(:facial_match_general_availability_enabled). - and_return(false) + allow(IdentityConfig.store).to receive(:facial_match_general_availability_enabled) + .and_return(false) end it 'does not allow the service provider to use facial match IALs' do diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb index 288f591a368..38353bf3e52 100644 --- a/spec/models/user_spec.rb +++ b/spec/models/user_spec.rb @@ -12,13 +12,13 @@ it { is_expected.to have_many(:webauthn_configurations) } it { is_expected.to have_many(:in_person_enrollments).dependent(:destroy) } it { - is_expected.to have_one(:pending_in_person_enrollment). - conditions(status: :pending). - order(created_at: :desc). - class_name('InPersonEnrollment'). - with_foreign_key(:user_id). - inverse_of(:user). - dependent(:destroy) + is_expected.to have_one(:pending_in_person_enrollment) + .conditions(status: :pending) + .order(created_at: :desc) + .class_name('InPersonEnrollment') + .with_foreign_key(:user_id) + .inverse_of(:user) + .dependent(:destroy) } end @@ -49,8 +49,8 @@ user = create(:user) user.uuid = nil - expect { user.save }. - to raise_error( + expect { user.save } + .to raise_error( ActiveRecord::NotNullViolation, /null value in column "uuid".*violates not-null constraint/, ) @@ -62,8 +62,8 @@ user2 = create(:user, email: "mkuniqu.#{user1.email}") user2.uuid = user1.uuid - expect { user2.save }. - to raise_error( + expect { user2.save } + .to raise_error( ActiveRecord::StatementInvalid, /duplicate key value violates unique constraint/, ) @@ -92,8 +92,8 @@ it 'generates it via SecureRandom.uuid' do user = build(:user) - expect(user.generate_uuid). - to match(/[a-f0-9]{8}-[a-f0-9]{4}-4[a-f0-9]{3}-[89aAbB][a-f0-9]{3}-[a-f0-9]{12}/) + expect(user.generate_uuid) + .to match(/[a-f0-9]{8}-[a-f0-9]{4}-4[a-f0-9]{3}-[89aAbB][a-f0-9]{3}-[a-f0-9]{12}/) end end end @@ -586,10 +586,10 @@ let(:accepted_terms_at) { nil } let(:user) { create(:user, :fully_registered, accepted_terms_at: accepted_terms_at) } before do - allow(IdentityConfig.store).to receive(:rules_of_use_horizon_years). - and_return(rules_of_use_horizon_years) - allow(IdentityConfig.store).to receive(:rules_of_use_updated_at). - and_return(rules_of_use_updated_at) + allow(IdentityConfig.store).to receive(:rules_of_use_horizon_years) + .and_return(rules_of_use_horizon_years) + allow(IdentityConfig.store).to receive(:rules_of_use_updated_at) + .and_return(rules_of_use_updated_at) end context 'when a user has not accepted rules of use yet' do @@ -1002,8 +1002,8 @@ end it 'send account disabled push event' do - expect(PushNotification::HttpPush).to receive(:deliver).once. - with(PushNotification::AccountDisabledEvent.new( + expect(PushNotification::HttpPush).to receive(:deliver).once + .with(PushNotification::AccountDisabledEvent.new( user: user, )) user.suspend! @@ -1055,8 +1055,8 @@ email_addresses = user.email_addresses email_address = email_addresses.last expect(email_addresses.count).to eq 1 - expect { user.reinstate! }. - to(change { SuspendedEmail.find_with_email(email_address.email) }.to(nil)) + expect { user.reinstate! } + .to(change { SuspendedEmail.find_with_email(email_address.email) }.to(nil)) expect(user.email_addresses.reload.last).to be_present end @@ -1072,8 +1072,8 @@ end it 'send account enabled push event' do - expect(PushNotification::HttpPush).to receive(:deliver).once. - with(PushNotification::AccountEnabledEvent.new( + expect(PushNotification::HttpPush).to receive(:deliver).once + .with(PushNotification::AccountEnabledEvent.new( user: user, )) user.reinstate! @@ -1098,8 +1098,8 @@ let(:issuer) { service_provider.issuer } before do - allow(Idv::InPersonConfig).to receive(:enabled_for_issuer?). - and_return(true) + allow(Idv::InPersonConfig).to receive(:enabled_for_issuer?) + .and_return(true) end def test_send_survey(should_send) @@ -1182,8 +1182,8 @@ def it_should_not_send_survey end before do - allow(Idv::InPersonConfig).to receive(:enabled_for_issuer?). - and_return(false) + allow(Idv::InPersonConfig).to receive(:enabled_for_issuer?) + .and_return(false) end it 'should not send survey' do @@ -1206,10 +1206,10 @@ def it_should_not_send_survey describe '#broken_personal_key?' do before do - allow(IdentityConfig.store).to receive(:broken_personal_key_window_start). - and_return(3.days.ago) - allow(IdentityConfig.store).to receive(:broken_personal_key_window_finish). - and_return(1.day.ago) + allow(IdentityConfig.store).to receive(:broken_personal_key_window_start) + .and_return(3.days.ago) + allow(IdentityConfig.store).to receive(:broken_personal_key_window_finish) + .and_return(1.day.ago) end let(:user) { build(:user) } @@ -1532,8 +1532,8 @@ def it_should_not_send_survey end it 'interleaves identities and events, decorates events, and sorts them in descending order' do - expect(user.recent_events). - to eq [another_event.decorate, identity, event.decorate] + expect(user.recent_events) + .to eq [another_event.decorate, identity, event.decorate] end end @@ -1640,14 +1640,14 @@ def it_should_not_send_survey it 'returns ial1 if identity is not verified' do allow(user).to receive(:identity_verified?).and_return(false) - expect(user.delete_account_bullet_key). - to eq t('users.delete.bullet_2_basic', app_name: APP_NAME) + expect(user.delete_account_bullet_key) + .to eq t('users.delete.bullet_2_basic', app_name: APP_NAME) end it 'returns ial2 if identity is verified' do allow(user).to receive(:identity_verified?).and_return(true) - expect(user.delete_account_bullet_key). - to eq t('users.delete.bullet_2_verified', app_name: APP_NAME) + expect(user.delete_account_bullet_key) + .to eq t('users.delete.bullet_2_verified', app_name: APP_NAME) end end diff --git a/spec/policies/idv/flow_policy_spec.rb b/spec/policies/idv/flow_policy_spec.rb index 8561f382d84..246cb8ddf1b 100644 --- a/spec/policies/idv/flow_policy_spec.rb +++ b/spec/policies/idv/flow_policy_spec.rb @@ -146,8 +146,8 @@ context 'each step in the flow' do before do - allow(Idv::PhoneConfirmationSession).to receive(:from_h). - with(user_phone_confirmation_session).and_return(user_phone_confirmation_session) + allow(Idv::PhoneConfirmationSession).to receive(:from_h) + .with(user_phone_confirmation_session).and_return(user_phone_confirmation_session) allow(user).to receive(:gpo_pending_profile?).and_return(has_gpo_pending_profile) end context 'empty session' do @@ -227,8 +227,8 @@ it 'returns ipp_ssn' do expect(subject.info_for_latest_step.key).to eq(:ipp_ssn) expect(subject.controller_allowed?(controller: Idv::InPerson::SsnController)).to be - expect(subject.controller_allowed?(controller: Idv::InPerson::VerifyInfoController)). - not_to be + expect(subject.controller_allowed?(controller: Idv::InPerson::VerifyInfoController)) + .not_to be end end diff --git a/spec/policies/idv/gpo_verify_by_mail_policy_spec.rb b/spec/policies/idv/gpo_verify_by_mail_policy_spec.rb index 99f3eeeeed6..e941d2dbe0a 100644 --- a/spec/policies/idv/gpo_verify_by_mail_policy_spec.rb +++ b/spec/policies/idv/gpo_verify_by_mail_policy_spec.rb @@ -15,8 +15,8 @@ describe '#resend_letter_available?' do context 'when the feature flag is off' do before do - allow(IdentityConfig.store).to receive(:enable_usps_verification). - and_return false + allow(IdentityConfig.store).to receive(:enable_usps_verification) + .and_return false end it 'returns false' do @@ -26,8 +26,8 @@ context 'when the feature flag is on' do before do - allow(IdentityConfig.store).to receive(:enable_usps_verification). - and_return true + allow(IdentityConfig.store).to receive(:enable_usps_verification) + .and_return true end it 'returns false when the user is rate-limited' do @@ -55,8 +55,8 @@ describe '#send_letter_available?' do context 'when the feature flag is off' do before do - allow(IdentityConfig.store).to receive(:enable_usps_verification). - and_return false + allow(IdentityConfig.store).to receive(:enable_usps_verification) + .and_return false end it 'returns false' do @@ -66,8 +66,8 @@ context 'when the feature flag is on' do before do - allow(IdentityConfig.store).to receive(:enable_usps_verification). - and_return true + allow(IdentityConfig.store).to receive(:enable_usps_verification) + .and_return true end it 'returns true when the user is not rate-limited' do @@ -119,12 +119,12 @@ let(:minimum_wait_before_another_usps_letter_in_hours) { 24 } before do - allow(IdentityConfig.store).to receive(:max_mail_events). - and_return(max_letter_request_events) - allow(IdentityConfig.store).to receive(:max_mail_events_window_in_days). - and_return(letter_request_events_window_days) - allow(IdentityConfig.store).to receive(:minimum_wait_before_another_usps_letter_in_hours). - and_return(minimum_wait_before_another_usps_letter_in_hours) + allow(IdentityConfig.store).to receive(:max_mail_events) + .and_return(max_letter_request_events) + allow(IdentityConfig.store).to receive(:max_mail_events_window_in_days) + .and_return(letter_request_events_window_days) + allow(IdentityConfig.store).to receive(:minimum_wait_before_another_usps_letter_in_hours) + .and_return(minimum_wait_before_another_usps_letter_in_hours) end context 'when no letters have been requested' do diff --git a/spec/policies/idv/step_info_spec.rb b/spec/policies/idv/step_info_spec.rb index e89f3867b41..e8f59aeaa00 100644 --- a/spec/policies/idv/step_info_spec.rb +++ b/spec/policies/idv/step_info_spec.rb @@ -57,8 +57,8 @@ def self.name end it 'returns an absolute "path" for the controller name' do - expect(Idv::StepInfo.full_controller_name(idv_step_controller_class)). - to eq('/idv/lets/go/deeper/anonymous') + expect(Idv::StepInfo.full_controller_name(idv_step_controller_class)) + .to eq('/idv/lets/go/deeper/anonymous') end end end diff --git a/spec/presenters/account_reset/pending_presenter_spec.rb b/spec/presenters/account_reset/pending_presenter_spec.rb index 631d6976dcc..6be67106fda 100644 --- a/spec/presenters/account_reset/pending_presenter_spec.rb +++ b/spec/presenters/account_reset/pending_presenter_spec.rb @@ -21,8 +21,8 @@ describe '#time_remaining_until_granted' do before { I18n.locale = :en } before do - allow(IdentityConfig.store).to receive(:account_reset_fraud_user_wait_period_days). - and_return(10) + allow(IdentityConfig.store).to receive(:account_reset_fraud_user_wait_period_days) + .and_return(10) end context 'fraud user' do diff --git a/spec/presenters/account_show_presenter_spec.rb b/spec/presenters/account_show_presenter_spec.rb index 8c909b36dd3..f06774f5557 100644 --- a/spec/presenters/account_show_presenter_spec.rb +++ b/spec/presenters/account_show_presenter_spec.rb @@ -526,9 +526,9 @@ subject(:connected_apps) { presenter.connected_apps } it 'delegates to user, eager-loading view-specific relations' do - expect(connected_apps).to be_present. - and eq(user.connected_apps). - and all( + expect(connected_apps).to be_present + .and eq(user.connected_apps) + .and all( satisfy do |app| app.association(:service_provider_record).loaded? && app.association(:email_address).loaded? diff --git a/spec/presenters/confirm_delete_email_presenter_spec.rb b/spec/presenters/confirm_delete_email_presenter_spec.rb index cc225532c01..8276fef88ed 100644 --- a/spec/presenters/confirm_delete_email_presenter_spec.rb +++ b/spec/presenters/confirm_delete_email_presenter_spec.rb @@ -7,8 +7,8 @@ describe '#confirm_delete_message' do it 'supplies a message for confirm delete page' do - expect(presenter.confirm_delete_message). - to eq(t('email_addresses.delete.confirm', email: email_address.email)) + expect(presenter.confirm_delete_message) + .to eq(t('email_addresses.delete.confirm', email: email_address.email)) end end end diff --git a/spec/presenters/idv/account_verified_email_presenter_spec.rb b/spec/presenters/idv/account_verified_email_presenter_spec.rb index 27d34501786..a422e1cf0db 100644 --- a/spec/presenters/idv/account_verified_email_presenter_spec.rb +++ b/spec/presenters/idv/account_verified_email_presenter_spec.rb @@ -15,8 +15,8 @@ subject(:presenter) { described_class.new(profile:, url_options: {}) } before do - allow(IdentityConfig.store).to receive(:idv_account_verified_email_campaign_id). - and_return('20241030') + allow(IdentityConfig.store).to receive(:idv_account_verified_email_campaign_id) + .and_return('20241030') end context 'when there is no associated service provider' do diff --git a/spec/presenters/idv/in_person/ready_to_verify_presenter_spec.rb b/spec/presenters/idv/in_person/ready_to_verify_presenter_spec.rb index aae5df981fb..5d0252ef6e5 100644 --- a/spec/presenters/idv/in_person/ready_to_verify_presenter_spec.rb +++ b/spec/presenters/idv/in_person/ready_to_verify_presenter_spec.rb @@ -173,8 +173,8 @@ subject(:update_date) { presenter.formatted_outage_expected_update_date } it 'returns a formatted date for expected update after an outage' do - allow(IdentityConfig.store).to receive(:in_person_outage_expected_update_date). - and_return(in_person_outage_expected_update_date) + allow(IdentityConfig.store).to receive(:in_person_outage_expected_update_date) + .and_return(in_person_outage_expected_update_date) update_day, update_month = update_date.remove(',').split(' ') expect(Date::DAYNAMES.include?(update_day && update_day.capitalize)).to be_truthy @@ -188,8 +188,8 @@ subject(:email_date) { presenter.formatted_outage_emailed_by_date } it 'returns a formatted email date' do - allow(IdentityConfig.store).to receive(:in_person_outage_emailed_by_date). - and_return(in_person_outage_emailed_by_date) + allow(IdentityConfig.store).to receive(:in_person_outage_emailed_by_date) + .and_return(in_person_outage_emailed_by_date) email_day, email_month = email_date.remove(',').split(' ') expect(Date::DAYNAMES.include?(email_day && email_day.capitalize)).to be_truthy @@ -202,14 +202,14 @@ subject(:outage_message_enabled) { presenter.outage_message_enabled? } it 'returns true when the flag is enabled' do - allow(IdentityConfig.store).to receive(:in_person_outage_message_enabled). - and_return(true).once + allow(IdentityConfig.store).to receive(:in_person_outage_message_enabled) + .and_return(true).once expect(outage_message_enabled).to be(true) end it 'returns false when the flag is disabled' do - allow(IdentityConfig.store).to receive(:in_person_outage_message_enabled). - and_return(false).once + allow(IdentityConfig.store).to receive(:in_person_outage_message_enabled) + .and_return(false).once expect(outage_message_enabled).to be(false) end end diff --git a/spec/presenters/mfa_confirmation_presenter_spec.rb b/spec/presenters/mfa_confirmation_presenter_spec.rb index 6ccecac9b7a..275eca6f4d9 100644 --- a/spec/presenters/mfa_confirmation_presenter_spec.rb +++ b/spec/presenters/mfa_confirmation_presenter_spec.rb @@ -8,8 +8,8 @@ describe '#heading?' do it 'supplies a message for successful MFA setup' do - expect(presenter.heading). - to eq(t('titles.mfa_setup.suggest_second_mfa')) + expect(presenter.heading) + .to eq(t('titles.mfa_setup.suggest_second_mfa')) end context 'after successful face or touch unlock setup' do @@ -21,16 +21,16 @@ end it 'shows the correct heading' do - expect(presenter.heading). - to eq(t('titles.mfa_setup.face_touch_unlock_confirmation')) + expect(presenter.heading) + .to eq(t('titles.mfa_setup.face_touch_unlock_confirmation')) end end end describe '#info?' do it 'supplies a message for successful MFA setup' do - expect(presenter.info). - to eq( + expect(presenter.info) + .to eq( t('mfa.account_info'), ) end @@ -44,16 +44,16 @@ end it 'shows the correct information' do - expect(presenter.info). - to eq(t('mfa.webauthn_platform_message')) + expect(presenter.info) + .to eq(t('mfa.webauthn_platform_message')) end end end describe '#button?' do it 'supplies a message' do - expect(presenter.button). - to eq(t('mfa.add')) + expect(presenter.button) + .to eq(t('mfa.add')) end end diff --git a/spec/presenters/openid_connect_configuration_presenter_spec.rb b/spec/presenters/openid_connect_configuration_presenter_spec.rb index 878623ce2ff..e3d094633fe 100644 --- a/spec/presenters/openid_connect_configuration_presenter_spec.rb +++ b/spec/presenters/openid_connect_configuration_presenter_spec.rb @@ -19,8 +19,8 @@ expect(configuration[:service_documentation]).to eq('https://developers.login.gov/') expect(configuration[:response_types_supported]).to eq(%w[code]) expect(configuration[:grant_types_supported]).to eq(%w[authorization_code]) - expect(configuration[:acr_values_supported]). - to match_array(Saml::Idp::Constants::VALID_AUTHN_CONTEXTS) + expect(configuration[:acr_values_supported]) + .to match_array(Saml::Idp::Constants::VALID_AUTHN_CONTEXTS) expect(configuration[:subject_types_supported]).to eq(%w[pairwise]) expect(configuration[:id_token_signing_alg_values_supported]).to eq(%w[RS256]) expect(configuration[:token_endpoint_auth_methods_supported]).to eq(%w[private_key_jwt]) diff --git a/spec/presenters/openid_connect_user_info_presenter_spec.rb b/spec/presenters/openid_connect_user_info_presenter_spec.rb index b0f5d213e2c..2af4dc32ab0 100644 --- a/spec/presenters/openid_connect_user_info_presenter_spec.rb +++ b/spec/presenters/openid_connect_user_info_presenter_spec.rb @@ -385,8 +385,8 @@ end it 'defers to user alternate email' do - expect(identity.user.reload.email_addresses.first.id). - to_not eq(identity.email_address_id) + expect(identity.user.reload.email_addresses.first.id) + .to_not eq(identity.email_address_id) expect(identity.user.reload.email_addresses.count).to be 1 expect(user_info[:email]).to eq(identity.user.email_addresses.last.email) end diff --git a/spec/presenters/risc_configuration_presenter_spec.rb b/spec/presenters/risc_configuration_presenter_spec.rb index 6822b830c6e..100eb80b08f 100644 --- a/spec/presenters/risc_configuration_presenter_spec.rb +++ b/spec/presenters/risc_configuration_presenter_spec.rb @@ -12,8 +12,8 @@ aggregate_failures do expect(configuration[:issuer]).to eq(root_url) expect(configuration[:jwks_uri]).to eq(api_openid_connect_certs_url) - expect(configuration[:delivery_methods_supported]). - to eq([RiscConfigurationPresenter::DELIVERY_METHOD_PUSH]) + expect(configuration[:delivery_methods_supported]) + .to eq([RiscConfigurationPresenter::DELIVERY_METHOD_PUSH]) expect(configuration[:delivery].first).to eq( delivery_method: RiscConfigurationPresenter::DELIVERY_METHOD_PUSH, diff --git a/spec/presenters/two_factor_auth_code/authenticator_delivery_presenter_spec.rb b/spec/presenters/two_factor_auth_code/authenticator_delivery_presenter_spec.rb index fae72c6853d..591cb36dd60 100644 --- a/spec/presenters/two_factor_auth_code/authenticator_delivery_presenter_spec.rb +++ b/spec/presenters/two_factor_auth_code/authenticator_delivery_presenter_spec.rb @@ -3,8 +3,8 @@ RSpec.describe TwoFactorAuthCode::AuthenticatorDeliveryPresenter do let(:view) { ActionController::Base.new.view_context } let(:presenter) do - TwoFactorAuthCode::AuthenticatorDeliveryPresenter. - new(data: {}, view: view, service_provider: nil) + TwoFactorAuthCode::AuthenticatorDeliveryPresenter + .new(data: {}, view: view, service_provider: nil) end describe '#header' do diff --git a/spec/presenters/two_factor_authentication/piv_cac_edit_presenter_spec.rb b/spec/presenters/two_factor_authentication/piv_cac_edit_presenter_spec.rb index 23aa801617c..d485a394fcc 100644 --- a/spec/presenters/two_factor_authentication/piv_cac_edit_presenter_spec.rb +++ b/spec/presenters/two_factor_authentication/piv_cac_edit_presenter_spec.rb @@ -17,8 +17,8 @@ describe '#rename_button_label' do it 'returns rename button label' do - expect(presenter.rename_button_label). - to eq(t('two_factor_authentication.piv_cac.change_nickname')) + expect(presenter.rename_button_label) + .to eq(t('two_factor_authentication.piv_cac.change_nickname')) end end @@ -30,15 +30,15 @@ describe '#rename_success_alert_text' do it 'returns rename success alert text' do - expect(presenter.rename_success_alert_text). - to eq(t('two_factor_authentication.piv_cac.renamed')) + expect(presenter.rename_success_alert_text) + .to eq(t('two_factor_authentication.piv_cac.renamed')) end end describe '#delete_success_alert_text' do it 'returns delete success alert text' do - expect(presenter.delete_success_alert_text). - to eq(t('two_factor_authentication.piv_cac.deleted')) + expect(presenter.delete_success_alert_text) + .to eq(t('two_factor_authentication.piv_cac.deleted')) end end end diff --git a/spec/presenters/two_factor_authentication/sign_in_phone_selection_presenter_spec.rb b/spec/presenters/two_factor_authentication/sign_in_phone_selection_presenter_spec.rb index 5de1906cb8b..e7c0e22bfc5 100644 --- a/spec/presenters/two_factor_authentication/sign_in_phone_selection_presenter_spec.rb +++ b/spec/presenters/two_factor_authentication/sign_in_phone_selection_presenter_spec.rb @@ -99,8 +99,8 @@ context 'sms vendor outage' do before do - allow_any_instance_of(OutageStatus).to receive(:vendor_outage?).with(:sms). - and_return(true) + allow_any_instance_of(OutageStatus).to receive(:vendor_outage?).with(:sms) + .and_return(true) end it { expect(presenter.disabled?).to eq(true) } @@ -114,8 +114,8 @@ context 'voice vendor outage' do before do - allow_any_instance_of(OutageStatus).to receive(:vendor_outage?).with(:voice). - and_return(true) + allow_any_instance_of(OutageStatus).to receive(:vendor_outage?).with(:voice) + .and_return(true) end it { expect(presenter.disabled?).to eq(true) } diff --git a/spec/presenters/two_factor_options_presenter_spec.rb b/spec/presenters/two_factor_options_presenter_spec.rb index a86ec05b8d3..7ff35b9d368 100644 --- a/spec/presenters/two_factor_options_presenter_spec.rb +++ b/spec/presenters/two_factor_options_presenter_spec.rb @@ -132,8 +132,8 @@ context 'when a presenter which is recommended' do before do - allow_any_instance_of(TwoFactorAuthentication::SetUpPivCacSelectionPresenter). - to receive(:recommended?).and_return(true) + allow_any_instance_of(TwoFactorAuthentication::SetUpPivCacSelectionPresenter) + .to receive(:recommended?).and_return(true) end it 'orders options by recommended' do diff --git a/spec/requests/csp_spec.rb b/spec/requests/csp_spec.rb index 0a07ae9668f..a120cd872ce 100644 --- a/spec/requests/csp_spec.rb +++ b/spec/requests/csp_spec.rb @@ -4,8 +4,8 @@ context 'on endpoints that will redirect to an SP' do context 'when using client side OIDC redirect' do before do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('client_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('client_side') end context 'when openid_connect_content_security_form_action_enabled is enabled' do @@ -95,8 +95,8 @@ context 'when using server side OIDC redirect' do before do - allow(IdentityConfig.store).to receive(:openid_connect_redirect). - and_return('server_side') + allow(IdentityConfig.store).to receive(:openid_connect_redirect) + .and_return('server_side') end context 'when openid_connect_content_security_form_action_enabled is enabled' do diff --git a/spec/requests/openid_connect_authorize_spec.rb b/spec/requests/openid_connect_authorize_spec.rb index 051b1061602..2bcc0929033 100644 --- a/spec/requests/openid_connect_authorize_spec.rb +++ b/spec/requests/openid_connect_authorize_spec.rb @@ -6,8 +6,8 @@ it 'prompts the user to 2FA' do openid_test('select_account') follow_redirect! - expect(response). - to redirect_to login_two_factor_path(otp_delivery_preference: 'sms') + expect(response) + .to redirect_to login_two_factor_path(otp_delivery_preference: 'sms') end it 'prompts the user to 2FA if prompt is login' do @@ -20,8 +20,8 @@ it 'prompts the user to 2FA if prompt is not given' do openid_test follow_redirect! - expect(response). - to redirect_to login_two_factor_path(otp_delivery_preference: 'sms') + expect(response) + .to redirect_to login_two_factor_path(otp_delivery_preference: 'sms') end def openid_test(prompt = nil) diff --git a/spec/requests/rack_attack_spec.rb b/spec/requests/rack_attack_spec.rb index c14757e68cd..027403285fa 100644 --- a/spec/requests/rack_attack_spec.rb +++ b/spec/requests/rack_attack_spec.rb @@ -98,15 +98,15 @@ end expect(response.status).to eq(429) - expect(response.body). - to include('Please wait a few minutes before you try again.') + expect(response.body) + .to include('Please wait a few minutes before you try again.') expect(response.header['Content-type']).to include('text/html') expect(analytics).to have_logged_event('Rate Limit Triggered', type: 'req/ip') end it 'does not throttle if the path is in the allowlist' do - allow(IdentityConfig.store).to receive(:requests_per_ip_path_prefixes_allowlist). - and_return(['/account']) + allow(IdentityConfig.store).to receive(:requests_per_ip_path_prefixes_allowlist) + .and_return(['/account']) analytics = FakeAnalytics.new allow(Analytics).to receive(:new).and_return(analytics) @@ -115,8 +115,8 @@ end expect(response.status).to eq(302) - expect(response.body). - to_not include('Please wait a few minutes before you try again.') + expect(response.body) + .to_not include('Please wait a few minutes before you try again.') expect(analytics).to_not have_logged_event('Rate Limit Triggered') end @@ -129,8 +129,8 @@ end expect(response.status).to eq(200) - expect(response.body). - to_not include('Please wait a few minutes before you try again.') + expect(response.body) + .to_not include('Please wait a few minutes before you try again.') expect(analytics).to_not have_logged_event('Rate Limit Triggered') end end @@ -257,8 +257,8 @@ expect(analytics).to have_logged_event('Rate Limit Triggered', type: 'logins/ip') expect(response.status).to eq(429) - expect(response.body). - to include('Please wait a few minutes before you try again.') + expect(response.body) + .to include('Please wait a few minutes before you try again.') expect(response.header['Content-type']).to include('text/html') Rack::Attack.cache.store.clear end @@ -316,8 +316,8 @@ expect(analytics).to have_logged_event('Rate Limit Triggered', type: 'logins/email+ip') expect(response.status).to eq(429) - expect(response.body). - to include('Please wait a few minutes before you try again.') + expect(response.body) + .to include('Please wait a few minutes before you try again.') expect(response.header['Content-type']).to include('text/html') Rack::Attack.cache.store.clear @@ -385,8 +385,8 @@ type: 'email_registrations/ip', ) expect(response.status).to eq(429) - expect(response.body). - to include('Please wait a few minutes before you try again.') + expect(response.body) + .to include('Please wait a few minutes before you try again.') expect(response.header['Content-type']).to include('text/html') Rack::Attack.cache.store.clear end @@ -418,8 +418,8 @@ end expect(response.status).to eq(429) - expect(response.body). - to include('Please wait a few minutes before you try again.') + expect(response.body) + .to include('Please wait a few minutes before you try again.') expect(response.header['Content-type']).to include('text/html') end end @@ -449,8 +449,8 @@ end expect(response.status).to eq(429) - expect(response.body). - to include('Please wait a few minutes before you try again.') + expect(response.body) + .to include('Please wait a few minutes before you try again.') expect(response.header['Content-type']).to include('text/html') end end diff --git a/spec/routing/gpo_verification_routing_spec.rb b/spec/routing/gpo_verification_routing_spec.rb index 3db19402e49..3c0579b6b60 100644 --- a/spec/routing/gpo_verification_routing_spec.rb +++ b/spec/routing/gpo_verification_routing_spec.rb @@ -14,8 +14,8 @@ end before do - allow(FeatureManagement).to receive(:gpo_verification_enabled?). - and_return(enable_gpo_verification) + allow(FeatureManagement).to receive(:gpo_verification_enabled?) + .and_return(enable_gpo_verification) Rails.application.reload_routes! end @@ -28,13 +28,13 @@ it 'does not route to endpoints controlled by feature flag' do get_routes.each do |route| - expect(get: route). - to route_to(controller: 'pages', action: 'page_not_found', path: route) + expect(get: route) + .to route_to(controller: 'pages', action: 'page_not_found', path: route) end put_routes.each do |route| - expect(put: route). - to route_to(controller: 'pages', action: 'page_not_found', path: route) + expect(put: route) + .to route_to(controller: 'pages', action: 'page_not_found', path: route) end end end diff --git a/spec/services/access_token_verifier_spec.rb b/spec/services/access_token_verifier_spec.rb index d264ff59412..003336f6b40 100644 --- a/spec/services/access_token_verifier_spec.rb +++ b/spec/services/access_token_verifier_spec.rb @@ -25,8 +25,8 @@ response, result_identity = result expect(response.success?).to eq(false) - expect(response.errors[:access_token]). - to include(t('openid_connect.user_info.errors.no_authorization')) + expect(response.errors[:access_token]) + .to include(t('openid_connect.user_info.errors.no_authorization')) expect(result_identity).to be_nil end end @@ -38,8 +38,8 @@ response, result_identity = result expect(response.success?).to eq(false) - expect(response.errors[:access_token]). - to include(t('openid_connect.user_info.errors.malformed_authorization')) + expect(response.errors[:access_token]) + .to include(t('openid_connect.user_info.errors.malformed_authorization')) expect(result_identity).to be_nil end end diff --git a/spec/services/account_creation/device_profiling_spec.rb b/spec/services/account_creation/device_profiling_spec.rb index 03f3c69bfec..bccaa768172 100644 --- a/spec/services/account_creation/device_profiling_spec.rb +++ b/spec/services/account_creation/device_profiling_spec.rb @@ -31,10 +31,10 @@ context 'ThreatMetrix is enabled' do before do - allow(IdentityConfig.store).to receive(:account_creation_device_profiling). - and_return(:collect_only) - allow(IdentityConfig.store).to receive(:lexisnexis_threatmetrix_mock_enabled). - and_return(false) + allow(IdentityConfig.store).to receive(:account_creation_device_profiling) + .and_return(:collect_only) + allow(IdentityConfig.store).to receive(:lexisnexis_threatmetrix_mock_enabled) + .and_return(false) end context 'session id is missing' do diff --git a/spec/services/account_reset/grant_request_spec.rb b/spec/services/account_reset/grant_request_spec.rb index f87bd5803ea..3f96a4295eb 100644 --- a/spec/services/account_reset/grant_request_spec.rb +++ b/spec/services/account_reset/grant_request_spec.rb @@ -35,8 +35,8 @@ let(:user2) { create(:user, :fraud_rejection) } context 'with nil being set for fraud time' do before do - allow(IdentityConfig.store).to receive(:account_reset_fraud_user_wait_period_days). - and_return(nil) + allow(IdentityConfig.store).to receive(:account_reset_fraud_user_wait_period_days) + .and_return(nil) end it 'grants request for all users' do diff --git a/spec/services/account_reset/grant_requests_and_send_emails_spec.rb b/spec/services/account_reset/grant_requests_and_send_emails_spec.rb index 5311dc5e3c3..a2f19b6facd 100644 --- a/spec/services/account_reset/grant_requests_and_send_emails_spec.rb +++ b/spec/services/account_reset/grant_requests_and_send_emails_spec.rb @@ -57,8 +57,8 @@ let(:user) { create(:user, :fraud_review_pending) } let(:user2) { create(:user, :fraud_rejection) } before do - allow(IdentityConfig.store).to receive(:account_reset_fraud_user_wait_period_days). - and_return(10) + allow(IdentityConfig.store).to receive(:account_reset_fraud_user_wait_period_days) + .and_return(10) end it 'does not send notifications when the notifications were already sent' do before_waiting_the_full_fraud_wait_period(now) do @@ -154,8 +154,8 @@ context 'with fraud wait period not set' do before do - allow(IdentityConfig.store).to receive(:account_reset_fraud_user_wait_period_days). - and_return(nil) + allow(IdentityConfig.store).to receive(:account_reset_fraud_user_wait_period_days) + .and_return(nil) end it 'does not send notifications before a request wait period is done' do create_account_reset_request_for(user) diff --git a/spec/services/account_reset/pending_request_for_user_spec.rb b/spec/services/account_reset/pending_request_for_user_spec.rb index 764e23e13b9..ebe9080c8f9 100644 --- a/spec/services/account_reset/pending_request_for_user_spec.rb +++ b/spec/services/account_reset/pending_request_for_user_spec.rb @@ -116,10 +116,10 @@ phone_config1 = create(:phone_configuration, user: user) phone_config2 = create(:phone_configuration, user: user) - expect(Telephony).to receive(:send_account_reset_cancellation_notice). - with(to: phone_config1.phone, country_code: 'US') - expect(Telephony).to receive(:send_account_reset_cancellation_notice). - with(to: phone_config2.phone, country_code: 'US') + expect(Telephony).to receive(:send_account_reset_cancellation_notice) + .with(to: phone_config1.phone, country_code: 'US') + expect(Telephony).to receive(:send_account_reset_cancellation_notice) + .with(to: phone_config2.phone, country_code: 'US') subject.notify_user! end diff --git a/spec/services/agency_identity_linker_spec.rb b/spec/services/agency_identity_linker_spec.rb index 991a90291ea..7a087817cd2 100644 --- a/spec/services/agency_identity_linker_spec.rb +++ b/spec/services/agency_identity_linker_spec.rb @@ -20,10 +20,10 @@ user.destroy! expect(User.where(id: user.id).count).to eq(0) user2 = create(:user) - expect { create_service_provider_identity(user2, 'sp3', 'UUID1') }. - to raise_error ActiveRecord::RecordNotUnique - expect { create_service_provider_identity(user2, 'sp4', 'UUID2') }. - to raise_error ActiveRecord::RecordNotUnique + expect { create_service_provider_identity(user2, 'sp3', 'UUID1') } + .to raise_error ActiveRecord::RecordNotUnique + expect { create_service_provider_identity(user2, 'sp4', 'UUID2') } + .to raise_error ActiveRecord::RecordNotUnique end it 'does not allow agency_identity uuid to be reused after user deletes account' do @@ -37,10 +37,10 @@ expect(AgencyIdentity.where(user_id: user.id).count).to eq(0) expect(AgencyIdentity.where(uuid: 'UUID1').count).to eq(0) user2 = create(:user) - expect { create_service_provider_identity(user2, 'sp3', 'UUID1') }. - to raise_error ActiveRecord::RecordNotUnique - expect { create_service_provider_identity(user2, 'sp4', 'UUID2') }. - to raise_error ActiveRecord::RecordNotUnique + expect { create_service_provider_identity(user2, 'sp3', 'UUID1') } + .to raise_error ActiveRecord::RecordNotUnique + expect { create_service_provider_identity(user2, 'sp4', 'UUID2') } + .to raise_error ActiveRecord::RecordNotUnique end it 'links identity with 1 sp' do diff --git a/spec/services/agreements/integration_seeder_spec.rb b/spec/services/agreements/integration_seeder_spec.rb index bc0dd91e41c..6e939c09d92 100644 --- a/spec/services/agreements/integration_seeder_spec.rb +++ b/spec/services/agreements/integration_seeder_spec.rb @@ -13,9 +13,9 @@ integration = create(:integration, issuer: 'new_issuer', name: 'Old Name') expect { seeder.run }.to \ - change { integration.reload.name }. - from('Old Name'). - to('Test Agency App') + change { integration.reload.name } + .from('Old Name') + .to('Test Agency App') end end end diff --git a/spec/services/analytics_spec.rb b/spec/services/analytics_spec.rb index 05de32b266b..872ae64c5ee 100644 --- a/spec/services/analytics_spec.rb +++ b/spec/services/analytics_spec.rb @@ -97,8 +97,8 @@ end it 'includes the tracing header as trace_id' do - expect(ahoy).to receive(:track). - with('Trackable Event', hash_including(trace_id: amazon_trace_id)) + expect(ahoy).to receive(:track) + .with('Trackable Event', hash_including(trace_id: amazon_trace_id)) analytics.track_event('Trackable Event') end @@ -246,8 +246,8 @@ end it 'includes the sp_request' do - expect(ahoy).to receive(:track). - with('Trackable Event', hash_including(expected_attributes)) + expect(ahoy).to receive(:track) + .with('Trackable Event', hash_including(expected_attributes)) analytics.track_event('Trackable Event') end @@ -274,8 +274,8 @@ end it 'includes the sp_request' do - expect(ahoy).to receive(:track). - with('Trackable Event', hash_including(expected_attributes)) + expect(ahoy).to receive(:track) + .with('Trackable Event', hash_including(expected_attributes)) analytics.track_event('Trackable Event') end @@ -311,8 +311,8 @@ end it 'then includes :sp_request in the event' do - expect(ahoy).to receive(:track). - with('Trackable Event', hash_including(expected_attributes)) + expect(ahoy).to receive(:track) + .with('Trackable Event', hash_including(expected_attributes)) analytics.track_event('Trackable Event') end diff --git a/spec/services/attribute_asserter_spec.rb b/spec/services/attribute_asserter_spec.rb index 9f3595897f6..13a0934adbb 100644 --- a/spec/services/attribute_asserter_spec.rb +++ b/spec/services/attribute_asserter_spec.rb @@ -79,8 +79,8 @@ [ Saml::Idp::Constants::IAL2_AUTHN_CONTEXT_CLASSREF, Saml::Idp::Constants::IAL_VERIFIED_ACR, - ]. - each do |ial_value| + ] + .each do |ial_value| let(:authn_context) do [ ial_value, @@ -92,8 +92,8 @@ let(:attribute_bundle) { %w[email phone first_name] } it 'includes all requested attributes + uuid' do - expect(user.asserted_attributes.keys). - to eq(%i[uuid email phone first_name verified_at aal ial]) + expect(user.asserted_attributes.keys) + .to eq(%i[uuid email phone first_name verified_at aal ial]) end it 'creates getter function' do @@ -117,8 +117,8 @@ end it 'includes all requested attributes + uuid' do - expect(user.asserted_attributes.keys). - to eq(%i[uuid email phone first_name verified_at aal ial]) + expect(user.asserted_attributes.keys) + .to eq(%i[uuid email phone first_name verified_at aal ial]) end end end @@ -143,8 +143,8 @@ let(:attribute_bundle) { %w[email phone first_name ascii] } it 'skips ascii as an attribute' do - expect(user.asserted_attributes.keys). - to eq(%i[uuid email phone first_name verified_at aal ial]) + expect(user.asserted_attributes.keys) + .to eq(%i[uuid email phone first_name verified_at aal ial]) end it 'transliterates attributes to ASCII' do @@ -171,8 +171,8 @@ # rubocop:enable Layout/LineLength it 'uses authn request bundle' do - expect(user.asserted_attributes.keys). - to eq(%i[uuid email first_name last_name ssn phone verified_at aal ial]) + expect(user.asserted_attributes.keys) + .to eq(%i[uuid email first_name last_name ssn phone verified_at aal ial]) end end end @@ -679,8 +679,8 @@ end it 'defers to user alternate email' do - expect(get_asserted_attribute(user, :email)). - to eq 'email@example.com' + expect(get_asserted_attribute(user, :email)) + .to eq 'email@example.com' end end @@ -707,8 +707,8 @@ end it 'defers to user alternate email' do - expect(get_asserted_attribute(user, :email)). - to eq user.email_addresses.last.email + expect(get_asserted_attribute(user, :email)) + .to eq user.email_addresses.last.email end end @@ -747,8 +747,8 @@ end it 'defers to user alternate email' do - expect(get_asserted_attribute(user, :email)). - to eq 'email@example.com' + expect(get_asserted_attribute(user, :email)) + .to eq 'email@example.com' end end @@ -775,8 +775,8 @@ end it 'defers to user alternate email' do - expect(get_asserted_attribute(user, :email)). - to eq user.email_addresses.last.email + expect(get_asserted_attribute(user, :email)) + .to eq user.email_addresses.last.email end end end diff --git a/spec/services/auth_methods_session_spec.rb b/spec/services/auth_methods_session_spec.rb index eca84837bcf..a9532a9fe20 100644 --- a/spec/services/auth_methods_session_spec.rb +++ b/spec/services/auth_methods_session_spec.rb @@ -14,9 +14,9 @@ context 'no auth events' do it 'modifies auth events to include the new event' do - expect { result }.to change { auth_methods_session.auth_events }. - from([]). - to([{ auth_method:, at: Time.zone.now }]) + expect { result }.to change { auth_methods_session.auth_events } + .from([]) + .to([{ auth_method:, at: Time.zone.now }]) end it 'returns the new array of auth events' do @@ -29,9 +29,9 @@ let(:user_session) { { auth_events: [first_auth_event] } } it 'appends the new event to the existing set' do - expect { result }.to change { auth_methods_session.auth_events }. - from([first_auth_event]). - to([first_auth_event, { auth_method:, at: Time.zone.now }]) + expect { result }.to change { auth_methods_session.auth_events } + .from([first_auth_event]) + .to([first_auth_event, { auth_method:, at: Time.zone.now }]) end it 'returns the new array of auth events' do @@ -49,9 +49,9 @@ let(:user_session) { { auth_events: [first_auth_event, second_auth_event] } } it 'ejects the oldest' do - expect { result }.to change { auth_methods_session.auth_events }. - from([first_auth_event, second_auth_event]). - to([second_auth_event, { auth_method:, at: Time.zone.now }]) + expect { result }.to change { auth_methods_session.auth_events } + .from([first_auth_event, second_auth_event]) + .to([second_auth_event, { auth_method:, at: Time.zone.now }]) end end end diff --git a/spec/services/authn_context_resolver_spec.rb b/spec/services/authn_context_resolver_spec.rb index 2f2b34b9572..8d29ecd95cd 100644 --- a/spec/services/authn_context_resolver_spec.rb +++ b/spec/services/authn_context_resolver_spec.rb @@ -629,8 +629,8 @@ let(:user) { build(:user, :fully_registered) } it "asserts #{Saml::Idp::Constants::IAL1_AUTHN_CONTEXT_CLASSREF}" do - expect(subject.asserted_ial_acr). - to eq(Saml::Idp::Constants::IAL1_AUTHN_CONTEXT_CLASSREF) + expect(subject.asserted_ial_acr) + .to eq(Saml::Idp::Constants::IAL1_AUTHN_CONTEXT_CLASSREF) expect(result.identity_proofing?).to be true expect(result.aal2?).to be true end @@ -640,8 +640,8 @@ let(:user) { build(:user, :proofed) } it "asserts #{Saml::Idp::Constants::IAL2_AUTHN_CONTEXT_CLASSREF}" do - expect(subject.asserted_ial_acr). - to eq(Saml::Idp::Constants::IAL2_AUTHN_CONTEXT_CLASSREF) + expect(subject.asserted_ial_acr) + .to eq(Saml::Idp::Constants::IAL2_AUTHN_CONTEXT_CLASSREF) end end end @@ -659,16 +659,16 @@ end before do - allow_any_instance_of(ServiceProvider). - to receive(:facial_match_ial_allowed?). - and_return(true) + allow_any_instance_of(ServiceProvider) + .to receive(:facial_match_ial_allowed?) + .and_return(true) end context 'with facial match comparison is required' do context 'when user is not verified' do it "asserts the resolved IAL as #{Saml::Idp::Constants::IAL_AUTH_ONLY_ACR}" do - expect(subject.asserted_ial_acr). - to eq(Saml::Idp::Constants::IAL_AUTH_ONLY_ACR) + expect(subject.asserted_ial_acr) + .to eq(Saml::Idp::Constants::IAL_AUTH_ONLY_ACR) end it 'sets facial_match to true' do diff --git a/spec/services/backup_code_generator_spec.rb b/spec/services/backup_code_generator_spec.rb index 24e6ac14dc2..8bbbbbe6334 100644 --- a/spec/services/backup_code_generator_spec.rb +++ b/spec/services/backup_code_generator_spec.rb @@ -9,15 +9,15 @@ subject(:codes) { generator.delete_and_regenerate } it 'generates backup codes' do - expect { codes }. - to change { user.reload.backup_code_configurations.count }. - from(0). - to(BackupCodeGenerator::NUMBER_OF_CODES) + expect { codes } + .to change { user.reload.backup_code_configurations.count } + .from(0) + .to(BackupCodeGenerator::NUMBER_OF_CODES) end it 'returns valid 12-character codes via base32 crockford' do - expect(Base32::Crockford).to receive(:encode). - and_call_original.at_least(BackupCodeGenerator::NUMBER_OF_CODES).times + expect(Base32::Crockford).to receive(:encode) + .and_call_original.at_least(BackupCodeGenerator::NUMBER_OF_CODES).times expect(codes).to be_present codes.each do |code| @@ -60,8 +60,8 @@ profane = Base32::Crockford.decode('FART') not_profane = Base32::Crockford.decode('ABCD') - expect(SecureRandom).to receive(:random_number). - and_return(profane, not_profane) + expect(SecureRandom).to receive(:random_number) + .and_return(profane, not_profane) code = generator.send(:backup_code) diff --git a/spec/services/browser_support_spec.rb b/spec/services/browser_support_spec.rb index 5fb5f0bf541..20757db7be4 100644 --- a/spec/services/browser_support_spec.rb +++ b/spec/services/browser_support_spec.rb @@ -14,8 +14,8 @@ context 'with browser support config file missing' do before do - expect(File).to receive(:read).once.with(Rails.root.join('browsers.json')). - and_raise(Errno::ENOENT.new) + expect(File).to receive(:read).once.with(Rails.root.join('browsers.json')) + .and_raise(Errno::ENOENT.new) end it { expect(supported).to eq(true) } @@ -28,8 +28,8 @@ context 'with invalid support config' do before do - expect(File).to receive(:read).once.with(Rails.root.join('browsers.json')). - and_return('invalid') + expect(File).to receive(:read).once.with(Rails.root.join('browsers.json')) + .and_return('invalid') end it { expect(supported).to eq(true) } diff --git a/spec/services/database_health_checker_spec.rb b/spec/services/database_health_checker_spec.rb index c10fe76fdaf..ffcd239573a 100644 --- a/spec/services/database_health_checker_spec.rb +++ b/spec/services/database_health_checker_spec.rb @@ -13,8 +13,8 @@ context 'when the database is unhealthy' do before do - expect(DatabaseHealthChecker).to receive(:simple_query). - and_raise(RuntimeError.new('canceling statement due to statement timeout')) + expect(DatabaseHealthChecker).to receive(:simple_query) + .and_raise(RuntimeError.new('canceling statement due to statement timeout')) end it 'returns an unhealthy check' do diff --git a/spec/services/doc_auth/error_generator_spec.rb b/spec/services/doc_auth/error_generator_spec.rb index 96b3a344bfa..6133c9b7730 100644 --- a/spec/services/doc_auth/error_generator_spec.rb +++ b/spec/services/doc_auth/error_generator_spec.rb @@ -107,8 +107,8 @@ def build_error_info( failed: [{ name: 'Unknown Alert', result: 'Attention' }], ) - expect(warn_notifier).to receive(:call). - with(hash_including(:response_info, :message)).twice + expect(warn_notifier).to receive(:call) + .with(hash_including(:response_info, :message)).twice output = described_class.new(config).generate_doc_auth_errors(error_info) @@ -243,8 +243,8 @@ def build_error_info( failed: [{ name: 'Not a known alert', result: 'Failed' }], ) - expect(warn_notifier).to receive(:call). - with(hash_including(:response_info, :message)).twice + expect(warn_notifier).to receive(:call) + .with(hash_including(:response_info, :message)).twice output = described_class.new(config).generate_doc_auth_errors(error_info) @@ -264,8 +264,8 @@ def build_error_info( ], ) - expect(warn_notifier).to receive(:call). - with(hash_including(:response_info, :message, :unknown_alerts)).once + expect(warn_notifier).to receive(:call) + .with(hash_including(:response_info, :message, :unknown_alerts)).once output = described_class.new(config).generate_doc_auth_errors(error_info) @@ -283,8 +283,8 @@ def build_error_info( failed: [{ name: 'Birth Date Crosscheck', result: 'Failed' }], ) - expect(warn_notifier).to receive(:call). - with(hash_including(:response_info, :message, :unknown_alerts)).once + expect(warn_notifier).to receive(:call) + .with(hash_including(:response_info, :message, :unknown_alerts)).once output = described_class.new(config).generate_doc_auth_errors(error_info) @@ -304,8 +304,8 @@ def build_error_info( Front: passport_classification_details }, ) - expect(warn_notifier).to receive(:call). - with(hash_including(:response_info, :message, :unknown_alerts)).once + expect(warn_notifier).to receive(:call) + .with(hash_including(:response_info, :message, :unknown_alerts)).once output = described_class.new(config).generate_doc_auth_errors(error_info) @@ -326,8 +326,8 @@ def build_error_info( FaceMatchResult: 'Fail', FaceErrorMessage: 'Successful. Liveness: Live', } - expect(warn_notifier).to receive(:call). - with(hash_including(:response_info, :message)).twice + expect(warn_notifier).to receive(:call) + .with(hash_including(:response_info, :message)).twice output = described_class.new(config).generate_doc_auth_errors(error_info) expect(output.keys).to contain_exactly(:general, :front, :back, :hints) expect(output[:general]).to contain_exactly(DocAuth::Errors::GENERAL_ERROR) @@ -364,8 +364,8 @@ def build_error_info( Front: passport_classification_details }, ) - expect(warn_notifier).to receive(:call). - with(hash_including(:response_info, :message, :unknown_alerts)).once + expect(warn_notifier).to receive(:call) + .with(hash_including(:response_info, :message, :unknown_alerts)).once output = described_class.new(config).generate_doc_auth_errors(error_info) @@ -384,8 +384,8 @@ def build_error_info( Front: vhic_classification_details }, ) - expect(warn_notifier).to receive(:call). - with(hash_including(:response_info, :message, :unknown_alerts)).once + expect(warn_notifier).to receive(:call) + .with(hash_including(:response_info, :message, :unknown_alerts)).once output = described_class.new(config).generate_doc_auth_errors(error_info) @@ -405,8 +405,8 @@ def build_error_info( classification_info: { Front: unknown_classification_details }, ) - expect(warn_notifier).to receive(:call). - with(hash_including(:response_info, :message)).twice + expect(warn_notifier).to receive(:call) + .with(hash_including(:response_info, :message)).twice output = described_class.new(config).generate_doc_auth_errors(error_info) @@ -422,8 +422,8 @@ def build_error_info( doc_result: 'Passed', failed: [{ name: 'Not a known alert', result: 'Failed' }], ) - expect(warn_notifier).to receive(:call). - with(hash_including(:response_info, :message)).twice + expect(warn_notifier).to receive(:call) + .with(hash_including(:response_info, :message)).twice # this is a fall back result, we cannot generate error but the generator is called # which should not happen @@ -527,8 +527,8 @@ def build_error_info( FaceMatchResult: 'Fail', FaceErrorMessage: 'Successful. Liveness: Live', } - expect(warn_notifier).to receive(:call). - with(hash_including(:response_info, :message)).once + expect(warn_notifier).to receive(:call) + .with(hash_including(:response_info, :message)).once output = described_class.new(config).generate_doc_auth_errors(error_info) expect(output.keys).to contain_exactly(:general, :front, :back, :hints, :selfie) expect(output[:general]).to contain_exactly(DocAuth::Errors::SELFIE_FAILURE) diff --git a/spec/services/doc_auth/lexis_nexis/lexis_nexis_client_spec.rb b/spec/services/doc_auth/lexis_nexis/lexis_nexis_client_spec.rb index e12ad421aaf..bffcfe8046c 100644 --- a/spec/services/doc_auth/lexis_nexis/lexis_nexis_client_spec.rb +++ b/spec/services/doc_auth/lexis_nexis/lexis_nexis_client_spec.rb @@ -170,8 +170,8 @@ let(:status_code) { 1002 } let(:status_message) { 'The request sent by the client was syntactically incorrect.' } it 'return failed response with correct statuses' do - stub_request(:post, image_upload_url). - to_return( + stub_request(:post, image_upload_url) + .to_return( body: { status: { code: status_code, @@ -206,8 +206,8 @@ context 'when json is not returned in the body' do it 'return failed response with correct statuses' do - stub_request(:post, image_upload_url). - to_return( + stub_request(:post, image_upload_url) + .to_return( body: 'not json', status: 401, ) diff --git a/spec/services/doc_auth/lexis_nexis/responses/true_id_response_spec.rb b/spec/services/doc_auth/lexis_nexis/responses/true_id_response_spec.rb index 2d3584ce73d..16cf8f0af3a 100644 --- a/spec/services/doc_auth/lexis_nexis/responses/true_id_response_spec.rb +++ b/spec/services/doc_auth/lexis_nexis/responses/true_id_response_spec.rb @@ -235,11 +235,11 @@ context 'when identification card issued by a country' do let(:success_response) do body = JSON.parse(LexisNexisFixtures.true_id_response_success_3).tap do |json| - doc_class_node = json['Products'].first['ParameterDetails']. - select { |f| f['Name'] == 'DocClassName' && f['Group'] == 'AUTHENTICATION_RESULT' } + doc_class_node = json['Products'].first['ParameterDetails'] + .select { |f| f['Name'] == 'DocClassName' && f['Group'] == 'AUTHENTICATION_RESULT' } doc_class_node.first['Values'].first['Value'] = 'Identification Card' - doc_issuer_type = json['Products'].first['ParameterDetails']. - select { |f| f['Name'] == 'DocIssuerType' && f['Group'] == 'AUTHENTICATION_RESULT' } + doc_issuer_type = json['Products'].first['ParameterDetails'] + .select { |f| f['Name'] == 'DocIssuerType' && f['Group'] == 'AUTHENTICATION_RESULT' } doc_issuer_type.first['Values'].first['Value'] = 'Country' end.to_json instance_double(Faraday::Response, status: 200, body: body) @@ -254,8 +254,8 @@ let(:success_response_body) { LexisNexisFixtures.true_id_response_success } it 'reads the additional PII attributes' do - allow(IdentityConfig.store).to receive(:doc_auth_read_additional_pii_attributes_enabled). - and_return(true) + allow(IdentityConfig.store).to receive(:doc_auth_read_additional_pii_attributes_enabled) + .and_return(true) pii_from_doc = response.pii_from_doc @@ -270,8 +270,8 @@ context 'when there is no address line 2' do let(:success_response_no_line2) do body_no_line2 = JSON.parse(LexisNexisFixtures.true_id_response_success_3).tap do |json| - json['Products'].first['ParameterDetails'] = json['Products'].first['ParameterDetails']. - select { |f| f['Name'] != 'Fields_AddressLine2' } + json['Products'].first['ParameterDetails'] = json['Products'].first['ParameterDetails'] + .select { |f| f['Name'] != 'Fields_AddressLine2' } end.to_json instance_double(Faraday::Response, status: 200, body: body_no_line2) end @@ -410,8 +410,8 @@ def get_decision_product(resp) failure_response_no_liveness, config, liveness_checking_enabled ).to_h - expect(output.to_h[:log_alert_results]). - to match(a_hash_including(visible_pattern: { no_side: 'Failed' })) + expect(output.to_h[:log_alert_results]) + .to match(a_hash_including(visible_pattern: { no_side: 'Failed' })) end it 'returns Failed for liveness failure' do @@ -638,9 +638,9 @@ def get_decision_product(resp) let(:success_response_body) do body = JSON.parse(super(), symbolize_names: true) - parameter = body[:Products]. - first[:ParameterDetails]. - find { |h| h[:Name] == 'DocAuthResult' } + parameter = body[:Products] + .first[:ParameterDetails] + .find { |h| h[:Name] == 'DocAuthResult' } parameter[:Values] = [{ Value: doc_auth_result }] @@ -672,8 +672,8 @@ def get_decision_product(resp) let(:doc_class_name) { 'Drivers License' } let(:success_response) do response = JSON.parse(LexisNexisFixtures.true_id_response_success_3).tap do |json| - doc_class_node = json['Products'].first['ParameterDetails']. - select { |f| f['Name'] == 'DocClassName' } + doc_class_node = json['Products'].first['ParameterDetails'] + .select { |f| f['Name'] == 'DocClassName' } doc_class_node.first['Values'].first['Value'] = doc_class_name end.to_json instance_double(Faraday::Response, status: 200, body: response) @@ -701,8 +701,8 @@ def get_decision_product(resp) context 'when country code is not supported' do let(:success_response) do body = JSON.parse(LexisNexisFixtures.true_id_response_success_3).tap do |json| - doc_country_node = json['Products'].first['ParameterDetails']. - select { |f| f['Name'] == 'Fields_CountryCode' && f['Group'] == 'IDAUTH_FIELD_DATA' } + doc_country_node = json['Products'].first['ParameterDetails'] + .select { |f| f['Name'] == 'Fields_CountryCode' && f['Group'] == 'IDAUTH_FIELD_DATA' } doc_country_node.first['Values'].first['Value'] = 'CAN' end.to_json instance_double(Faraday::Response, status: 200, body: body) @@ -715,11 +715,11 @@ def get_decision_product(resp) context 'when id is federal identification card' do let(:success_response) do body = JSON.parse(LexisNexisFixtures.true_id_response_success_3).tap do |json| - doc_class_node = json['Products'].first['ParameterDetails']. - select { |f| f['Name'] == 'DocClassName' && f['Group'] == 'AUTHENTICATION_RESULT' } + doc_class_node = json['Products'].first['ParameterDetails'] + .select { |f| f['Name'] == 'DocClassName' && f['Group'] == 'AUTHENTICATION_RESULT' } doc_class_node.first['Values'].first['Value'] = 'Identification Card' - doc_issuer_type = json['Products'].first['ParameterDetails']. - select { |f| f['Name'] == 'DocIssuerType' && f['Group'] == 'AUTHENTICATION_RESULT' } + doc_issuer_type = json['Products'].first['ParameterDetails'] + .select { |f| f['Name'] == 'DocIssuerType' && f['Group'] == 'AUTHENTICATION_RESULT' } doc_issuer_type.first['Values'].first['Value'] = 'Country' end.to_json instance_double(Faraday::Response, status: 200, body: body) @@ -732,15 +732,15 @@ def get_decision_product(resp) context 'when id is federal ID and image dpi is low' do let(:error_response) do body = JSON.parse(LexisNexisFixtures.true_id_response_success_3).tap do |json| - doc_class_node = json['Products'].first['ParameterDetails']. - select { |f| f['Name'] == 'DocClassName' && f['Group'] == 'AUTHENTICATION_RESULT' } + doc_class_node = json['Products'].first['ParameterDetails'] + .select { |f| f['Name'] == 'DocClassName' && f['Group'] == 'AUTHENTICATION_RESULT' } doc_class_node.first['Values'].first['Value'] = 'Identification Card' - doc_issuer_type = json['Products'].first['ParameterDetails']. - select { |f| f['Name'] == 'DocIssuerType' && f['Group'] == 'AUTHENTICATION_RESULT' } + doc_issuer_type = json['Products'].first['ParameterDetails'] + .select { |f| f['Name'] == 'DocIssuerType' && f['Group'] == 'AUTHENTICATION_RESULT' } doc_issuer_type.first['Values'].first['Value'] = 'Country' - image_metric_resolution = json['Products'].first['ParameterDetails']. - select do |f| + image_metric_resolution = json['Products'].first['ParameterDetails'] + .select do |f| f['Group'] == 'IMAGE_METRICS_RESULT' && f['Name'] == 'HorizontalResolution' end diff --git a/spec/services/doc_auth/mock/result_response_spec.rb b/spec/services/doc_auth/mock/result_response_spec.rb index f79c503e1fb..2abe9c95262 100644 --- a/spec/services/doc_auth/mock/result_response_spec.rb +++ b/spec/services/doc_auth/mock/result_response_spec.rb @@ -20,8 +20,8 @@ expect(response.success?).to eq(true) expect(response.errors).to eq({}) expect(response.exception).to eq(nil) - expect(response.pii_from_doc.to_h). - to eq(Idp::Constants::MOCK_IDV_APPLICANT) + expect(response.pii_from_doc.to_h) + .to eq(Idp::Constants::MOCK_IDV_APPLICANT) expect(response.attention_with_barcode?).to eq(false) expect(response.selfie_status).to eq(:success) end @@ -210,8 +210,8 @@ expect(response.success?).to eq(true) expect(response.errors).to eq({}) expect(response.exception).to eq(nil) - expect(response.pii_from_doc.to_h). - to eq(Idp::Constants::MOCK_IDV_APPLICANT) + expect(response.pii_from_doc.to_h) + .to eq(Idp::Constants::MOCK_IDV_APPLICANT) expect(response.attention_with_barcode?).to eq(false) end end diff --git a/spec/services/doc_auth/socure/request_spec.rb b/spec/services/doc_auth/socure/request_spec.rb index bab8c1901f9..29423171da3 100644 --- a/spec/services/doc_auth/socure/request_spec.rb +++ b/spec/services/doc_auth/socure/request_spec.rb @@ -14,8 +14,8 @@ let(:fake_metric_name) { 'fake metric' } before do - allow(IdentityConfig.store).to receive(:socure_docv_document_request_endpoint). - and_return(fake_socure_endpoint) + allow(IdentityConfig.store).to receive(:socure_docv_document_request_endpoint) + .and_return(fake_socure_endpoint) allow(request).to receive(:endpoint).and_return(fake_socure_endpoint) allow(request).to receive(:metric_name).and_return(fake_metric_name) diff --git a/spec/services/doc_auth/socure/requests/document_request_spec.rb b/spec/services/doc_auth/socure/requests/document_request_spec.rb index 8eeafaced02..fb1c06197e3 100644 --- a/spec/services/doc_auth/socure/requests/document_request_spec.rb +++ b/spec/services/doc_auth/socure/requests/document_request_spec.rb @@ -47,10 +47,10 @@ let(:fake_socure_status) { 200 } before do - allow(IdentityConfig.store).to receive(:socure_docv_document_request_endpoint). - and_return(fake_socure_endpoint) - stub_request(:post, fake_socure_endpoint). - to_return( + allow(IdentityConfig.store).to receive(:socure_docv_document_request_endpoint) + .and_return(fake_socure_endpoint) + stub_request(:post, fake_socure_endpoint) + .to_return( status: fake_socure_status, body: JSON.generate(fake_socure_response), ) @@ -59,8 +59,8 @@ it 'fetches from the correct url' do document_request.fetch - expect(WebMock).to have_requested(:post, fake_socure_endpoint). - with(body: JSON.generate(expected_request_body)) + expect(WebMock).to have_requested(:post, fake_socure_endpoint) + .with(body: JSON.generate(expected_request_body)) end it 'passes the response through' do @@ -75,8 +75,8 @@ it 'includes the correct language in the request_body' do document_request.fetch - expect(WebMock).to have_requested(:post, fake_socure_endpoint). - with(body: JSON.generate(expected_request_body)) + expect(WebMock).to have_requested(:post, fake_socure_endpoint) + .with(body: JSON.generate(expected_request_body)) end end diff --git a/spec/services/doc_auth/socure/requests/docv_result_request_spec.rb b/spec/services/doc_auth/socure/requests/docv_result_request_spec.rb index ae7a67a63c7..dc9e19cc6cc 100644 --- a/spec/services/doc_auth/socure/requests/docv_result_request_spec.rb +++ b/spec/services/doc_auth/socure/requests/docv_result_request_spec.rb @@ -24,8 +24,8 @@ end before do - allow(IdentityConfig.store).to receive(:socure_idplus_base_url). - and_return(fake_socure_endpoint) + allow(IdentityConfig.store).to receive(:socure_idplus_base_url) + .and_return(fake_socure_endpoint) allow(DocumentCaptureSession).to receive(:find_by).and_return(document_capture_session) end @@ -43,8 +43,8 @@ end it 'expect correct doc auth response for a socure fail response' do - stub_request(:post, fake_socure_api_endpoint). - to_return( + stub_request(:post, fake_socure_api_endpoint) + .to_return( status: fake_socure_status, body: JSON.generate(fake_socure_response), ) diff --git a/spec/services/encrypted_attribute_spec.rb b/spec/services/encrypted_attribute_spec.rb index 0685d6e8cd5..a52b2ac26cb 100644 --- a/spec/services/encrypted_attribute_spec.rb +++ b/spec/services/encrypted_attribute_spec.rb @@ -28,8 +28,8 @@ encrypted_with_old_key = encrypted_email rotate_attribute_encryption_key_with_invalid_queue - expect { EncryptedAttribute.new(encrypted_with_old_key) }. - to raise_error Encryption::EncryptionError, 'unable to decrypt attribute with any key' + expect { EncryptedAttribute.new(encrypted_with_old_key) } + .to raise_error Encryption::EncryptionError, 'unable to decrypt attribute with any key' end end diff --git a/spec/services/encrypted_redis_struct_storage_spec.rb b/spec/services/encrypted_redis_struct_storage_spec.rb index 6f3d2d091e0..0841541d3b5 100644 --- a/spec/services/encrypted_redis_struct_storage_spec.rb +++ b/spec/services/encrypted_redis_struct_storage_spec.rb @@ -109,8 +109,8 @@ def self.redis_key_prefix let(:id) { '' } it 'errors' do - expect { EncryptedRedisStructStorage.store(struct_class.new) }. - to raise_error(ArgumentError, 'id cannot be empty') + expect { EncryptedRedisStructStorage.store(struct_class.new) } + .to raise_error(ArgumentError, 'id cannot be empty') end end diff --git a/spec/services/encryption/contextless_kms_client_spec.rb b/spec/services/encryption/contextless_kms_client_spec.rb index 1cc5858418b..1fe0da64319 100644 --- a/spec/services/encryption/contextless_kms_client_spec.rb +++ b/spec/services/encryption/contextless_kms_client_spec.rb @@ -21,12 +21,12 @@ allow(IdentityConfig.store).to receive(:password_pepper).and_return(password_pepper) encryptor = Encryption::Encryptors::AesEncryptor.new - allow(encryptor).to receive(:encrypt). - with(local_plaintext, password_pepper). - and_return(local_ciphertext) - allow(encryptor).to receive(:decrypt). - with(local_ciphertext, password_pepper). - and_return(local_plaintext) + allow(encryptor).to receive(:encrypt) + .with(local_plaintext, password_pepper) + .and_return(local_ciphertext) + allow(encryptor).to receive(:decrypt) + .with(local_ciphertext, password_pepper) + .and_return(local_plaintext) allow(Encryption::Encryptors::AesEncryptor).to receive(:new).and_return(encryptor) stub_aws_kms_client(kms_plaintext, kms_ciphertext) @@ -101,12 +101,12 @@ allow(IdentityConfig.store).to receive(:password_pepper).and_return(password_pepper) encryptor = Encryption::Encryptors::AesEncryptor.new - allow(encryptor).to receive(:encrypt). - with(local_plaintext, password_pepper). - and_return(local_ciphertext) - allow(encryptor).to receive(:decrypt). - with(local_ciphertext, password_pepper). - and_return(local_plaintext) + allow(encryptor).to receive(:encrypt) + .with(local_plaintext, password_pepper) + .and_return(local_ciphertext) + allow(encryptor).to receive(:decrypt) + .with(local_ciphertext, password_pepper) + .and_return(local_plaintext) allow(Encryption::Encryptors::AesEncryptor).to receive(:new).and_return(encryptor) stub_mapped_aws_kms_client( diff --git a/spec/services/encryption/encryptors/background_proofing_arg_encryptor_spec.rb b/spec/services/encryption/encryptors/background_proofing_arg_encryptor_spec.rb index 12cb4f27bc0..556ea6e9e7d 100644 --- a/spec/services/encryption/encryptors/background_proofing_arg_encryptor_spec.rb +++ b/spec/services/encryption/encryptors/background_proofing_arg_encryptor_spec.rb @@ -7,12 +7,12 @@ it 'returns a KMS wrapped AES encrypted ciphertext' do aes_encryptor = instance_double(Encryption::Encryptors::AesEncryptor) kms_client = instance_double(Encryption::KmsClient) - allow(aes_encryptor).to receive(:encrypt). - with(plaintext, IdentityConfig.store.session_encryption_key[0...32]). - and_return('aes output') - allow(kms_client).to receive(:encrypt). - with('aes output', 'context' => 'session-encryption'). - and_return('kms output') + allow(aes_encryptor).to receive(:encrypt) + .with(plaintext, IdentityConfig.store.session_encryption_key[0...32]) + .and_return('aes output') + allow(kms_client).to receive(:encrypt) + .with('aes output', 'context' => 'session-encryption') + .and_return('kms output') allow(Encryption::Encryptors::AesEncryptor).to receive(:new).and_return(aes_encryptor) allow(Encryption::KmsClient).to receive(:new).with( kms_key_id: IdentityConfig.store.aws_kms_session_key_id, diff --git a/spec/services/encryption/encryptors/pii_encryptor_spec.rb b/spec/services/encryption/encryptors/pii_encryptor_spec.rb index 164ad30f92a..6d9f6b3a0ef 100644 --- a/spec/services/encryption/encryptors/pii_encryptor_spec.rb +++ b/spec/services/encryption/encryptors/pii_encryptor_spec.rb @@ -39,9 +39,9 @@ expect(SCrypt::Password).to receive(:new).and_return(scrypt_password) cipher = subject.send(:aes_cipher) - expect(cipher).to receive(:encrypt). - with(plaintext, decoded_scrypt_digest). - and_return('aes_ciphertext') + expect(cipher).to receive(:encrypt) + .with(plaintext, decoded_scrypt_digest) + .and_return('aes_ciphertext') single_region_kms_client = subject.send(:single_region_kms_client) multi_region_kms_client = subject.send(:multi_region_kms_client) @@ -53,12 +53,12 @@ IdentityConfig.store.aws_kms_multi_region_key_id, ) - expect(single_region_kms_client).to receive(:encrypt). - with('aes_ciphertext', { 'context' => 'pii-encryption', 'user_uuid' => 'uuid-123-abc' }). - and_return('single_region_kms_ciphertext') - expect(multi_region_kms_client).to receive(:encrypt). - with('aes_ciphertext', { 'context' => 'pii-encryption', 'user_uuid' => 'uuid-123-abc' }). - and_return('multi_region_kms_ciphertext') + expect(single_region_kms_client).to receive(:encrypt) + .with('aes_ciphertext', { 'context' => 'pii-encryption', 'user_uuid' => 'uuid-123-abc' }) + .and_return('single_region_kms_ciphertext') + expect(multi_region_kms_client).to receive(:encrypt) + .with('aes_ciphertext', { 'context' => 'pii-encryption', 'user_uuid' => 'uuid-123-abc' }) + .and_return('multi_region_kms_ciphertext') ciphertext_single_region, ciphertext_multi_region = subject.encrypt( plaintext, user_uuid: 'uuid-123-abc' @@ -94,8 +94,8 @@ ciphertext_pair = subject.encrypt(plaintext, user_uuid: 'uuid-123-abc') new_encryptor = described_class.new('This is not the passowrd') - expect { new_encryptor.decrypt(ciphertext_pair, user_uuid: 'uuid-123-abc') }. - to raise_error Encryption::EncryptionError + expect { new_encryptor.decrypt(ciphertext_pair, user_uuid: 'uuid-123-abc') } + .to raise_error Encryption::EncryptionError end it 'uses layered AES and KMS to decrypt the contents' do @@ -109,14 +109,14 @@ expect(SCrypt::Password).to receive(:new).and_return(scrypt_password) kms_client = subject.send(:multi_region_kms_client) - expect(kms_client).to receive(:decrypt). - with('kms_ciphertext_mr', { 'context' => 'pii-encryption', 'user_uuid' => 'uuid-123-abc' }). - and_return('aes_ciphertext') + expect(kms_client).to receive(:decrypt) + .with('kms_ciphertext_mr', { 'context' => 'pii-encryption', 'user_uuid' => 'uuid-123-abc' }) + .and_return('aes_ciphertext') cipher = subject.send(:aes_cipher) - expect(cipher).to receive(:decrypt). - with('aes_ciphertext', decoded_scrypt_digest). - and_return(plaintext) + expect(cipher).to receive(:decrypt) + .with('aes_ciphertext', decoded_scrypt_digest) + .and_return(plaintext) ciphertext_pair = Encryption::RegionalCiphertextPair.new( single_region_ciphertext: { diff --git a/spec/services/encryption/kms_client_spec.rb b/spec/services/encryption/kms_client_spec.rb index 4c31b398eee..59f70b19c51 100644 --- a/spec/services/encryption/kms_client_spec.rb +++ b/spec/services/encryption/kms_client_spec.rb @@ -23,12 +23,12 @@ 'b' * 3000 => 'local2', 'c' * 3000 => 'local3', }.each do |plaintext, ciphertext| - allow(encryptor).to receive(:encrypt). - with(plaintext, local_encryption_key). - and_return(ciphertext) - allow(encryptor).to receive(:decrypt). - with(ciphertext, local_encryption_key). - and_return(plaintext) + allow(encryptor).to receive(:encrypt) + .with(plaintext, local_encryption_key) + .and_return(ciphertext) + allow(encryptor).to receive(:decrypt) + .with(ciphertext, local_encryption_key) + .and_return(plaintext) end allow(Encryption::Encryptors::AesEncryptor).to receive(:new).and_return(encryptor) allow(FeatureManagement).to receive(:use_kms?).and_return(kms_enabled) @@ -140,12 +140,12 @@ context 'with a contextless ciphertext' do before do contextless_client = Encryption::ContextlessKmsClient.new - allow(contextless_client).to receive(:decrypt). - with('KMSx123abc', log_context: encryption_context). - and_return('plaintext') - allow(contextless_client).to receive(:decrypt). - with('123abc', log_context: encryption_context). - and_return('plaintext') + allow(contextless_client).to receive(:decrypt) + .with('KMSx123abc', log_context: encryption_context) + .and_return('plaintext') + allow(contextless_client).to receive(:decrypt) + .with('123abc', log_context: encryption_context) + .and_return('plaintext') allow(Encryption::ContextlessKmsClient).to receive(:new).and_return(contextless_client) end diff --git a/spec/services/encryption/password_verifier_spec.rb b/spec/services/encryption/password_verifier_spec.rb index 1aeec5c8813..31bc2bf1162 100644 --- a/spec/services/encryption/password_verifier_spec.rb +++ b/spec/services/encryption/password_verifier_spec.rb @@ -35,9 +35,9 @@ scrypt_password = double(SCrypt::Password, digest: 'scrypted_password') encoded_scrypt_password = Base64.strict_encode64('scrypted_password') - expect(SCrypt::Engine).to receive(:hash_secret). - with(password, scrypt_salt, 32). - and_return('scrypted') + expect(SCrypt::Engine).to receive(:hash_secret) + .with(password, scrypt_salt, 32) + .and_return('scrypted') expect(SCrypt::Password).to receive(:new).with('scrypted').and_return(scrypt_password) single_region_kms_client = subject.send(:single_region_kms_client) diff --git a/spec/services/forget_all_browsers_spec.rb b/spec/services/forget_all_browsers_spec.rb index b37827e19ce..4dedb5a19de 100644 --- a/spec/services/forget_all_browsers_spec.rb +++ b/spec/services/forget_all_browsers_spec.rb @@ -11,9 +11,9 @@ describe '#call' do it 'updates the remember_device_revoked_at' do - expect { service.call }.to change { user.remember_device_revoked_at.to_i }. - from(original_revoked_at.to_i). - to(now.to_i) + expect { service.call }.to change { user.remember_device_revoked_at.to_i } + .from(original_revoked_at.to_i) + .to(now.to_i) end end end diff --git a/spec/services/frontend_error_logger_spec.rb b/spec/services/frontend_error_logger_spec.rb index 2e23ba28f1d..98ad16ffc4b 100644 --- a/spec/services/frontend_error_logger_spec.rb +++ b/spec/services/frontend_error_logger_spec.rb @@ -4,8 +4,8 @@ let(:valid) { true } before do - allow_any_instance_of(FrontendErrorForm).to receive(:submit). - and_return(FormResponse.new(success: valid)) + allow_any_instance_of(FrontendErrorForm).to receive(:submit) + .and_return(FormResponse.new(success: valid)) end describe '.track_event' do diff --git a/spec/services/funnel/registration/add_mfa_spec.rb b/spec/services/funnel/registration/add_mfa_spec.rb index d6f21fc19ed..c19760414f8 100644 --- a/spec/services/funnel/registration/add_mfa_spec.rb +++ b/spec/services/funnel/registration/add_mfa_spec.rb @@ -29,9 +29,9 @@ context 'with threat metrix for account creation enabled' do before do - allow(FeatureManagement). - to receive(:account_creation_device_profiling_collecting_enabled?). - and_return(:collect_only) + allow(FeatureManagement) + .to receive(:account_creation_device_profiling_collecting_enabled?) + .and_return(:collect_only) end it 'triggers threatmetrix job call' do expect(AccountCreationThreatMetrixJob).to receive(:perform_later) diff --git a/spec/services/gpo_confirmation_maker_spec.rb b/spec/services/gpo_confirmation_maker_spec.rb index 5e4c8d0e79d..1c3027ce847 100644 --- a/spec/services/gpo_confirmation_maker_spec.rb +++ b/spec/services/gpo_confirmation_maker_spec.rb @@ -67,8 +67,8 @@ profane = Base32::Crockford.decode('FART') not_profane = Base32::Crockford.decode('ABCD') - expect(SecureRandom).to receive(:random_number). - and_return(profane, not_profane) + expect(SecureRandom).to receive(:random_number) + .and_return(profane, not_profane) expect(subject.otp).to eq('000000ABCD') end diff --git a/spec/services/gpo_confirmation_spec.rb b/spec/services/gpo_confirmation_spec.rb index 9b5f67e1fc7..fd644bd245b 100644 --- a/spec/services/gpo_confirmation_spec.rb +++ b/spec/services/gpo_confirmation_spec.rb @@ -64,8 +64,8 @@ valid_attributes.dup.tap { |a| a[:zipcode] = '00001' } end before do - allow(IdentityConfig.store).to receive(:invalid_gpo_confirmation_zipcode). - and_return(invalid_gpo_confirmation_zipcode) + allow(IdentityConfig.store).to receive(:invalid_gpo_confirmation_zipcode) + .and_return(invalid_gpo_confirmation_zipcode) end it 'does not validate' do diff --git a/spec/services/gpo_confirmation_uploader_spec.rb b/spec/services/gpo_confirmation_uploader_spec.rb index 88dc591c5a1..9ed9768892b 100644 --- a/spec/services/gpo_confirmation_uploader_spec.rb +++ b/spec/services/gpo_confirmation_uploader_spec.rb @@ -85,13 +85,13 @@ end it 'raises after 5 unsuccessful retries' do - expect(Net::SFTP).to receive(:start). - exactly(5).times. - with(*sftp_options). - and_yield(sftp_connection) - expect(sftp_connection).to receive(:upload!). - exactly(5).times. - and_raise(Net::SSH::ConnectionTimeout) + expect(Net::SFTP).to receive(:start) + .exactly(5).times + .with(*sftp_options) + .and_yield(sftp_connection) + expect(sftp_connection).to receive(:upload!) + .exactly(5).times + .and_raise(Net::SSH::ConnectionTimeout) expect { subject }.to raise_error(Net::SSH::ConnectionTimeout) end @@ -125,8 +125,8 @@ context 'when there is an error' do it 'notifies NewRelic and does not clear confirmations if SFTP fails' do expect(uploader).to receive(:generate_export).with(confirmations).and_return(export) - expect(uploader).to receive(:upload_export).with(export). - and_raise(StandardError, 'test error') + expect(uploader).to receive(:upload_export).with(export) + .and_raise(StandardError, 'test error') expect(uploader).not_to receive(:clear_confirmations) expect(NewRelic::Agent).to receive(:notice_error) @@ -183,8 +183,8 @@ end it 'tells New Relic that there are invalid records' do - expect(NewRelic::Agent).to receive(:notice_error). - with(GpoConfirmationUploader::InvalidGpoConfirmationsPresent) + expect(NewRelic::Agent).to receive(:notice_error) + .with(GpoConfirmationUploader::InvalidGpoConfirmationsPresent) expect(uploader).to receive(:generate_export).with([valid_confirmation]).and_return(export) expect(uploader).to receive(:upload_export).with(export) diff --git a/spec/services/gpo_daily_test_sender_spec.rb b/spec/services/gpo_daily_test_sender_spec.rb index d5cfb1c834a..eabb79cbfff 100644 --- a/spec/services/gpo_daily_test_sender_spec.rb +++ b/spec/services/gpo_daily_test_sender_spec.rb @@ -15,14 +15,14 @@ end before do - allow(IdentityConfig.store).to receive(:gpo_designated_receiver_pii). - and_return(designated_receiver_pii) + allow(IdentityConfig.store).to receive(:gpo_designated_receiver_pii) + .and_return(designated_receiver_pii) end describe '#run' do it 'creates a GPO confirmation and code for the current date' do - expect { sender.run }. - to(change { GpoConfirmation.count }.by(1).and(change { GpoConfirmationCode.count }.by(1))) + expect { sender.run } + .to(change { GpoConfirmation.count }.by(1).and(change { GpoConfirmationCode.count }.by(1))) gpo_confirmation_code = GpoConfirmationCode.find_by( otp_fingerprint: Pii::Fingerprinter.fingerprint(sender.otp_from_date), @@ -35,9 +35,9 @@ let(:designated_receiver_pii) { {} } it 'does not create gpo records' do - expect { sender.run }. - to(change { GpoConfirmation.count }.by(0). - and(change { GpoConfirmationCode.count }.by(0))) + expect { sender.run } + .to(change { GpoConfirmation.count }.by(0) + .and(change { GpoConfirmationCode.count }.by(0))) end it 'warns and does not blow up (so the calling job can continue normally)' do diff --git a/spec/services/gpo_reminder_sender_spec.rb b/spec/services/gpo_reminder_sender_spec.rb index a8ce6708be2..517f85e8ede 100644 --- a/spec/services/gpo_reminder_sender_spec.rb +++ b/spec/services/gpo_reminder_sender_spec.rb @@ -2,13 +2,13 @@ RSpec.shared_examples 'sends no emails' do it 'sends no emails' do - expect { subject.send_emails(time_due_for_reminder) }. - not_to change { ActionMailer::Base.deliveries.size } + expect { subject.send_emails(time_due_for_reminder) } + .not_to change { ActionMailer::Base.deliveries.size } end it 'logs no events' do - expect { subject.send_emails(time_due_for_reminder) }. - not_to change { fake_analytics.events.count } + expect { subject.send_emails(time_due_for_reminder) } + .not_to change { fake_analytics.events.count } end end @@ -16,8 +16,8 @@ expected_number_of_analytics_events: expected_number_of_emails| it "sends that user #{expected_number_of_emails} email(s)" do - expect { subject.send_emails(time_due_for_reminder) }. - to change { ActionMailer::Base.deliveries.size }.by(expected_number_of_emails) + expect { subject.send_emails(time_due_for_reminder) } + .to change { ActionMailer::Base.deliveries.size }.by(expected_number_of_emails) end it 'logs the email events' do @@ -38,10 +38,10 @@ let!(:user) { create(:user, :with_pending_gpo_profile, code_sent_at: code_sent_at) } let(:gpo_confirmation_code) do - user. - gpo_verification_pending_profile. - gpo_confirmation_codes. - first + user + .gpo_verification_pending_profile + .gpo_confirmation_codes + .first end let(:fake_analytics) { FakeAnalytics.new } @@ -105,10 +105,10 @@ def set_reminder_sent_at(to_time) subject.send_emails(time_due_for_reminder) user.gpo_verification_pending_profile.gpo_confirmation_codes.each(&:reload) - expect(user.gpo_verification_pending_profile.gpo_confirmation_codes[0].reminder_sent_at). - to be_within(1.second).of(Time.zone.now) - expect(user.gpo_verification_pending_profile.gpo_confirmation_codes[1].reminder_sent_at). - to be_within(1.second).of(Time.zone.now) + expect(user.gpo_verification_pending_profile.gpo_confirmation_codes[0].reminder_sent_at) + .to be_within(1.second).of(Time.zone.now) + expect(user.gpo_verification_pending_profile.gpo_confirmation_codes[1].reminder_sent_at) + .to be_within(1.second).of(Time.zone.now) end end diff --git a/spec/services/id_token_builder_spec.rb b/spec/services/id_token_builder_spec.rb index 17d0dc69380..23c666383bf 100644 --- a/spec/services/id_token_builder_spec.rb +++ b/spec/services/id_token_builder_spec.rb @@ -64,10 +64,10 @@ context 'sp request includes VTR' do before do - allow(IdentityConfig.store).to receive(:use_vot_in_sp_requests). - and_return(true) - allow(IdentityConfig.store).to receive(:vtm_url). - and_return(vtm_url) + allow(IdentityConfig.store).to receive(:use_vot_in_sp_requests) + .and_return(true) + allow(IdentityConfig.store).to receive(:vtm_url) + .and_return(vtm_url) end it 'sets the vot if the sp requests it' do @@ -192,8 +192,8 @@ end it 'sets the code hash correctly' do - leftmost_128_bits = Digest::SHA256.digest(code). - byteslice(0, IdTokenBuilder::NUM_BYTES_FIRST_128_BITS) + leftmost_128_bits = Digest::SHA256.digest(code) + .byteslice(0, IdTokenBuilder::NUM_BYTES_FIRST_128_BITS) expected_hash = Base64.urlsafe_encode64(leftmost_128_bits, padding: false) expect(decoded_payload[:c_hash]).to eq(expected_hash) diff --git a/spec/services/identity_linker_spec.rb b/spec/services/identity_linker_spec.rb index 262e1746b5b..89c92186bf5 100644 --- a/spec/services/identity_linker_spec.rb +++ b/spec/services/identity_linker_spec.rb @@ -17,9 +17,9 @@ uuid: last_identity.uuid, } - identity_attributes = last_identity.attributes.symbolize_keys. - except(:created_at, :updated_at, :id, :session_uuid, - :last_authenticated_at, :nonce) + identity_attributes = last_identity.attributes.symbolize_keys + .except(:created_at, :updated_at, :id, :session_uuid, + :last_authenticated_at, :nonce) expect(last_identity.session_uuid).to match(/.{8}-.{4}-.{4}-.{4}-.{12}/) expect(last_identity.last_authenticated_at).to be_present @@ -64,8 +64,8 @@ let(:six_months_ago) { 6.months.ago } it 'does not override a previous last_consented_at by default' do - IdentityLinker.new(user, service_provider). - link_identity(last_consented_at: six_months_ago) + IdentityLinker.new(user, service_provider) + .link_identity(last_consented_at: six_months_ago) last_identity = user.reload.last_identity expect(last_identity.last_consented_at.to_i).to eq(six_months_ago.to_i) @@ -75,8 +75,8 @@ end it 'updates last_consented_at when present' do - IdentityLinker.new(user, service_provider). - link_identity(last_consented_at: now) + IdentityLinker.new(user, service_provider) + .link_identity(last_consented_at: now) last_identity = user.reload.last_identity expect(last_identity.last_consented_at.to_i).to eq(now.to_i) @@ -96,8 +96,8 @@ verified_attributes: %i[all_emails verified_at], ) end.to( - change { user.identities.last.verified_attributes }. - to(%w[address all_emails email verified_at]), + change { user.identities.last.verified_attributes } + .to(%w[address all_emails email verified_at]), ) end end @@ -112,17 +112,17 @@ end subject(:link_identity) do - IdentityLinker.new(user, service_provider). - link_identity(clear_deleted_at: clear_deleted_at) + IdentityLinker.new(user, service_provider) + .link_identity(clear_deleted_at: clear_deleted_at) end context ':clear_deleted_at is nil' do let(:clear_deleted_at) { nil } it 'nulls out deleted_at' do - expect { link_identity }. - to_not change { user.reload.last_identity.deleted_at&.to_i }. - from(yesterday.to_i) + expect { link_identity } + .to_not change { user.reload.last_identity.deleted_at&.to_i } + .from(yesterday.to_i) end end @@ -130,16 +130,16 @@ let(:clear_deleted_at) { true } it 'nulls out deleted_at' do - expect { link_identity }. - to change { user.reload.last_identity.deleted_at&.to_i }. - from(yesterday.to_i).to(nil) + expect { link_identity } + .to change { user.reload.last_identity.deleted_at&.to_i } + .from(yesterday.to_i).to(nil) end end end it 'rejects bad attributes names' do - expect { IdentityLinker.new(user, service_provider).link_identity(foobar: true) }. - to raise_error(ArgumentError) + expect { IdentityLinker.new(user, service_provider).link_identity(foobar: true) } + .to raise_error(ArgumentError) end it 'does not link to an identity record if the provider is nil' do diff --git a/spec/services/idv/in_person/completion_survey_sender_spec.rb b/spec/services/idv/in_person/completion_survey_sender_spec.rb index 0e524d763bc..846a29a41d6 100644 --- a/spec/services/idv/in_person/completion_survey_sender_spec.rb +++ b/spec/services/idv/in_person/completion_survey_sender_spec.rb @@ -6,8 +6,8 @@ let(:issuer) { 'test_issuer' } it 'does nothing if the user should not receive a survey' do - allow(user).to receive(:should_receive_in_person_completion_survey?). - with(issuer).and_return(false) + allow(user).to receive(:should_receive_in_person_completion_survey?) + .with(issuer).and_return(false) described_class.send_completion_survey(user, issuer) expect_delivered_email_count(0) @@ -15,8 +15,8 @@ context 'user should receive a survey' do before do - allow(user).to receive(:should_receive_in_person_completion_survey?). - with(issuer).and_return(true) + allow(user).to receive(:should_receive_in_person_completion_survey?) + .with(issuer).and_return(true) create(:service_provider, issuer: issuer) create(:in_person_enrollment, user: user, issuer: issuer, status: :passed) diff --git a/spec/services/idv/in_person_config_spec.rb b/spec/services/idv/in_person_config_spec.rb index 0665aa2fbb4..54d947ff840 100644 --- a/spec/services/idv/in_person_config_spec.rb +++ b/spec/services/idv/in_person_config_spec.rb @@ -5,8 +5,8 @@ let(:idv_sp_required) { false } before do - allow(IdentityConfig.store).to receive(:in_person_proofing_enabled). - and_return(in_person_proofing_enabled) + allow(IdentityConfig.store).to receive(:in_person_proofing_enabled) + .and_return(in_person_proofing_enabled) allow(IdentityConfig.store).to receive(:idv_sp_required).and_return(idv_sp_required) end diff --git a/spec/services/idv/profile_maker_spec.rb b/spec/services/idv/profile_maker_spec.rb index 987438eff83..a3037ef8cc5 100644 --- a/spec/services/idv/profile_maker_spec.rb +++ b/spec/services/idv/profile_maker_spec.rb @@ -142,10 +142,10 @@ context 'with in_person_verification_needed' do context 'when threatmetrix decisioning is disabled' do before do - allow(IdentityConfig.store).to receive(:in_person_proofing_enforce_tmx). - and_return(in_person_proofing_enforce_tmx_mock) - allow(IdentityConfig.store).to receive(:proofing_device_profiling). - and_return(:disabled) + allow(IdentityConfig.store).to receive(:in_person_proofing_enforce_tmx) + .and_return(in_person_proofing_enforce_tmx_mock) + allow(IdentityConfig.store).to receive(:proofing_device_profiling) + .and_return(:disabled) end let(:profile) do @@ -182,10 +182,10 @@ let(:in_person_proofing_enforce_tmx_mock) { true } before do - allow(IdentityConfig.store).to receive(:in_person_proofing_enforce_tmx). - and_return(in_person_proofing_enforce_tmx_mock) - allow(IdentityConfig.store).to receive(:proofing_device_profiling). - and_return(:enabled) + allow(IdentityConfig.store).to receive(:in_person_proofing_enforce_tmx) + .and_return(in_person_proofing_enforce_tmx_mock) + allow(IdentityConfig.store).to receive(:proofing_device_profiling) + .and_return(:enabled) end let(:profile) do diff --git a/spec/services/idv/proofing_components_spec.rb b/spec/services/idv/proofing_components_spec.rb index 8c871f87725..eee7a899214 100644 --- a/spec/services/idv/proofing_components_spec.rb +++ b/spec/services/idv/proofing_components_spec.rb @@ -35,8 +35,8 @@ allow(IdentityConfig.store).to receive(:doc_auth_vendor_default).and_return('test_vendor') idv_session.mark_verify_info_step_complete! idv_session.address_verification_mechanism = 'gpo' - allow(FeatureManagement).to receive(:proofing_device_profiling_collecting_enabled?). - and_return(true) + allow(FeatureManagement).to receive(:proofing_device_profiling_collecting_enabled?) + .and_return(true) idv_session.threatmetrix_review_status = 'pass' idv_session.source_check_vendor = 'aamva' end @@ -198,8 +198,8 @@ describe '#threatmetrix' do context 'device profiling collecting enabled' do before do - allow(FeatureManagement).to receive(:proofing_device_profiling_collecting_enabled?). - and_return(true) + allow(FeatureManagement).to receive(:proofing_device_profiling_collecting_enabled?) + .and_return(true) end context 'threatmetrix_review_status present' do @@ -221,8 +221,8 @@ context 'device profiling collecting disabled' do before do - allow(FeatureManagement).to receive(:proofing_device_profiling_collecting_enabled?). - and_return(false) + allow(FeatureManagement).to receive(:proofing_device_profiling_collecting_enabled?) + .and_return(false) end context 'threatmetrix_review_status present' do diff --git a/spec/services/idv/send_phone_confirmation_otp_spec.rb b/spec/services/idv/send_phone_confirmation_otp_spec.rb index 72bb15575fa..81ec1423bcc 100644 --- a/spec/services/idv/send_phone_confirmation_otp_spec.rb +++ b/spec/services/idv/send_phone_confirmation_otp_spec.rb @@ -30,10 +30,10 @@ allow(Idv::PhoneConfirmationSession).to receive(:generate_code).and_return(otp_code) # Mock OtpRateLimiter - allow(OtpRateLimiter).to receive(:new).with(user: user, phone: phone, phone_confirmed: true). - and_return(otp_rate_limiter) - allow(otp_rate_limiter).to receive(:exceeded_otp_send_limit?). - and_return(exceeded_otp_send_limit) + allow(OtpRateLimiter).to receive(:new).with(user: user, phone: phone, phone_confirmed: true) + .and_return(otp_rate_limiter) + allow(otp_rate_limiter).to receive(:exceeded_otp_send_limit?) + .and_return(exceeded_otp_send_limit) end subject { described_class.new(user: user, idv_session: idv_session) } @@ -123,8 +123,8 @@ describe '#user_locked_out?' do before do - allow(otp_rate_limiter).to receive(:exceeded_otp_send_limit?). - and_return(exceeded_otp_send_limit) + allow(otp_rate_limiter).to receive(:exceeded_otp_send_limit?) + .and_return(exceeded_otp_send_limit) end context 'the user is locked out' do diff --git a/spec/services/otp_preference_updater_spec.rb b/spec/services/otp_preference_updater_spec.rb index fa120485581..82c42219bed 100644 --- a/spec/services/otp_preference_updater_spec.rb +++ b/spec/services/otp_preference_updater_spec.rb @@ -37,8 +37,8 @@ otp_make_default_number: nil, phone_id: 1 } - expect(UpdateUserPhoneConfiguration).to receive(:update!). - with(user: user, attributes: attributes) + expect(UpdateUserPhoneConfiguration).to receive(:update!) + .with(user: user, attributes: attributes) updater.call end diff --git a/spec/services/otp_rate_limiter_spec.rb b/spec/services/otp_rate_limiter_spec.rb index 27c6187d5a8..9313404cdb7 100644 --- a/spec/services/otp_rate_limiter_spec.rb +++ b/spec/services/otp_rate_limiter_spec.rb @@ -61,8 +61,8 @@ it 'increments the otp_send_count' do otp_rate_limiter.increment - expect { otp_rate_limiter.increment }. - to change { otp_rate_limiter.rate_limiter.attempts }.from(1).to(2) + expect { otp_rate_limiter.increment } + .to change { otp_rate_limiter.rate_limiter.attempts }.from(1).to(2) end end diff --git a/spec/services/outage_status_spec.rb b/spec/services/outage_status_spec.rb index c9e5529fa61..b0121dbe531 100644 --- a/spec/services/outage_status_spec.rb +++ b/spec/services/outage_status_spec.rb @@ -12,8 +12,8 @@ context 'when all vendors are operational' do before do OutageStatus::ALL_VENDORS.each do |vendor| - allow(IdentityConfig.store).to receive(:"vendor_status_#{vendor}"). - and_return(:operational) + allow(IdentityConfig.store).to receive(:"vendor_status_#{vendor}") + .and_return(:operational) end end @@ -29,8 +29,8 @@ context 'when any vendor has an outage' do OutageStatus::ALL_VENDORS.each do |vendor| before do - allow(IdentityConfig.store).to receive(:"vendor_status_#{vendor}"). - and_return(:full_outage) + allow(IdentityConfig.store).to receive(:"vendor_status_#{vendor}") + .and_return(:full_outage) end it "correctly reports a vendor outage when #{vendor} is offline" do @@ -41,8 +41,8 @@ context 'when an idv vendor has an outage' do before do - allow(IdentityConfig.store).to receive(:vendor_status_lexisnexis_trueid). - and_return(:full_outage) + allow(IdentityConfig.store).to receive(:vendor_status_lexisnexis_trueid) + .and_return(:full_outage) end it 'correctly reports an idv vendor outage' do @@ -56,8 +56,8 @@ context 'when a non-idv vendor has an outage' do before do - allow(IdentityConfig.store).to receive(:vendor_status_sms). - and_return(:full_outage) + allow(IdentityConfig.store).to receive(:vendor_status_sms) + .and_return(:full_outage) end it 'correctly reports no idv vendor outage' do @@ -131,10 +131,10 @@ subject(:status) { vendor_status.idv_scheduled_maintenance_status } before do - allow(IdentityConfig.store).to receive(:vendor_status_idv_scheduled_maintenance_start). - and_return(start) - allow(IdentityConfig.store).to receive(:vendor_status_idv_scheduled_maintenance_finish). - and_return(finish) + allow(IdentityConfig.store).to receive(:vendor_status_idv_scheduled_maintenance_start) + .and_return(start) + allow(IdentityConfig.store).to receive(:vendor_status_idv_scheduled_maintenance_finish) + .and_return(finish) travel_to(now) end diff --git a/spec/services/outbound_health_checker_spec.rb b/spec/services/outbound_health_checker_spec.rb index a67b03a5f4e..7a269c80a38 100644 --- a/spec/services/outbound_health_checker_spec.rb +++ b/spec/services/outbound_health_checker_spec.rb @@ -21,8 +21,8 @@ context 'successful connection to endpoint' do before do - stub_request(:head, IdentityConfig.store.outbound_connection_check_url). - to_return(status: status) + stub_request(:head, IdentityConfig.store.outbound_connection_check_url) + .to_return(status: status) end context '200 response from endpoint' do @@ -80,8 +80,8 @@ context 'timeout from endpoint' do it 'retries and is healthy if the second request succeeds' do - stub_request(:head, IdentityConfig.store.outbound_connection_check_url). - to_timeout.then.to_return(status: 200) + stub_request(:head, IdentityConfig.store.outbound_connection_check_url) + .to_timeout.then.to_return(status: 200) expect(check).to be_healthy end @@ -107,22 +107,22 @@ end it 'retries and is healthy if the second request succeeds' do - stub_request(:head, IdentityConfig.store.outbound_connection_check_url). - to_raise(Faraday::ConnectionFailed).then.to_return(status: 200) + stub_request(:head, IdentityConfig.store.outbound_connection_check_url) + .to_raise(Faraday::ConnectionFailed).then.to_return(status: 200) expect(check).to be_healthy end it 'is not healthy after 2 retries' do - stub_request(:head, IdentityConfig.store.outbound_connection_check_url). - to_raise(Faraday::ConnectionFailed) + stub_request(:head, IdentityConfig.store.outbound_connection_check_url) + .to_raise(Faraday::ConnectionFailed) expect(check).to_not be_healthy end it 'notifies newrelic' do - stub_request(:head, IdentityConfig.store.outbound_connection_check_url). - to_raise(Faraday::ConnectionFailed) + stub_request(:head, IdentityConfig.store.outbound_connection_check_url) + .to_raise(Faraday::ConnectionFailed) expect(NewRelic::Agent).to receive(:notice_error) diff --git a/spec/services/piv_cac/check_config_spec.rb b/spec/services/piv_cac/check_config_spec.rb index acab30772f5..19490aba4d0 100644 --- a/spec/services/piv_cac/check_config_spec.rb +++ b/spec/services/piv_cac/check_config_spec.rb @@ -22,8 +22,8 @@ context 'non-https config' do it 'does raise an error' do - expect { PivCac::CheckConfig.call }. - to raise_error(RuntimeError, "piv_cac_verify_token_url configured without SSL: #{url}") + expect { PivCac::CheckConfig.call } + .to raise_error(RuntimeError, "piv_cac_verify_token_url configured without SSL: #{url}") end end diff --git a/spec/services/piv_cac_service_spec.rb b/spec/services/piv_cac_service_spec.rb index f6e7ae39017..e4acf4258f4 100644 --- a/spec/services/piv_cac_service_spec.rb +++ b/spec/services/piv_cac_service_spec.rb @@ -125,12 +125,12 @@ end let!(:request) do - stub_request(:post, 'localhost:8443'). - with( + stub_request(:post, 'localhost:8443') + .with( body: 'token=foo', headers: { 'Authentication' => /^hmac\s+:.+:.+$/ }, - ). - to_return( + ) + .to_return( status: [200, 'Ok'], body: '{"subject":"dn","uuid":"uuid"}', ) @@ -167,12 +167,12 @@ end let!(:request) do - stub_request(:post, 'localhost:8443'). - with( + stub_request(:post, 'localhost:8443') + .with( body: 'token=foo', headers: { 'Authentication' => /^hmac\s+:.+:.+$/ }, - ). - to_return( + ) + .to_return( status: [200, 'Ok'], body: '{"subject":"dn","uuid":"uuid"}', ) @@ -209,9 +209,9 @@ end let!(:request) do - stub_request(:post, 'localhost:8443'). - with(body: 'token=foo'). - to_return( + stub_request(:post, 'localhost:8443') + .with(body: 'token=foo') + .to_return( status: [200, 'Ok'], body: 'bad-json', ) @@ -234,8 +234,8 @@ end let!(:request) do - stub_request(:post, 'localhost:8443'). - to_raise(Faraday::ConnectionFailed) + stub_request(:post, 'localhost:8443') + .to_raise(Faraday::ConnectionFailed) end it 'returns an error' do diff --git a/spec/services/profanity_detector_spec.rb b/spec/services/profanity_detector_spec.rb index 38e4cb3560a..8f8826196fa 100644 --- a/spec/services/profanity_detector_spec.rb +++ b/spec/services/profanity_detector_spec.rb @@ -27,8 +27,8 @@ describe '.without_profanity' do it 'keeps executing a block until it does not return something profane' do - expect(SecureRandom).to receive(:random_number). - and_return( + expect(SecureRandom).to receive(:random_number) + .and_return( Base32::Crockford.decode('FART1'), Base32::Crockford.decode('FART2'), Base32::Crockford.decode('ABCDE'), diff --git a/spec/services/proofing/aamva/authentication_client_spec.rb b/spec/services/proofing/aamva/authentication_client_spec.rb index c787a754801..4de9ca522a2 100644 --- a/spec/services/proofing/aamva/authentication_client_spec.rb +++ b/spec/services/proofing/aamva/authentication_client_spec.rb @@ -3,14 +3,14 @@ RSpec.describe Proofing::Aamva::AuthenticationClient do let(:config) { AamvaFixtures.example_config } let(:security_token_request_stub) do - stub_request(:post, config.auth_url). - with(body: AamvaFixtures.security_token_request). - to_return(body: AamvaFixtures.security_token_response, status: 200) + stub_request(:post, config.auth_url) + .with(body: AamvaFixtures.security_token_request) + .to_return(body: AamvaFixtures.security_token_response, status: 200) end let(:auth_token_request_stub) do - stub_request(:post, config.auth_url). - with(body: AamvaFixtures.authentication_token_request). - to_return(body: AamvaFixtures.authentication_token_response, status: 200) + stub_request(:post, config.auth_url) + .with(body: AamvaFixtures.authentication_token_request) + .to_return(body: AamvaFixtures.authentication_token_response, status: 200) end let(:security_context_token_identifier) { 'sct-token-identifier' } @@ -21,11 +21,11 @@ describe '#fetch_token' do before do security_token_request = Proofing::Aamva::Request::SecurityTokenRequest.new(config) - allow(security_token_request).to receive(:body). - and_return(AamvaFixtures.security_token_request) + allow(security_token_request).to receive(:body) + .and_return(AamvaFixtures.security_token_request) allow(security_token_request).to receive(:nonce).and_return(client_hmac_secret) - allow(Proofing::Aamva::Request::SecurityTokenRequest).to receive(:new). - and_return(security_token_request) + allow(Proofing::Aamva::Request::SecurityTokenRequest).to receive(:new) + .and_return(security_token_request) security_token_request_stub auth_token_request = Proofing::Aamva::Request::AuthenticationTokenRequest.new( @@ -35,17 +35,17 @@ server_hmac_secret: server_hmac_secret, config: config, ) - allow(auth_token_request).to receive(:body). - and_return(AamvaFixtures.authentication_token_request) - allow(Proofing::Aamva::Request::AuthenticationTokenRequest).to receive(:new). - with( + allow(auth_token_request).to receive(:body) + .and_return(AamvaFixtures.authentication_token_request) + allow(Proofing::Aamva::Request::AuthenticationTokenRequest).to receive(:new) + .with( config: config, security_context_token_identifier: security_context_token_identifier, security_context_token_reference: security_context_token_reference, client_hmac_secret: client_hmac_secret, server_hmac_secret: server_hmac_secret, - ). - and_return(auth_token_request) + ) + .and_return(auth_token_request) auth_token_request_stub end diff --git a/spec/services/proofing/aamva/proofer_spec.rb b/spec/services/proofing/aamva/proofer_spec.rb index 33bbdfb169f..0885a98d462 100644 --- a/spec/services/proofing/aamva/proofer_spec.rb +++ b/spec/services/proofing/aamva/proofer_spec.rb @@ -34,13 +34,13 @@ let(:verification_response) { AamvaFixtures.verification_response } before do - stub_request(:post, AamvaFixtures.example_config.auth_url). - to_return( + stub_request(:post, AamvaFixtures.example_config.auth_url) + .to_return( { body: AamvaFixtures.security_token_response }, { body: AamvaFixtures.authentication_token_response }, ) - stub_request(:post, AamvaFixtures.example_config.verification_url). - to_return(body: verification_response) + stub_request(:post, AamvaFixtures.example_config.verification_url) + .to_return(body: verification_response) end describe '#proof' do @@ -645,8 +645,8 @@ def self.test_not_successful let(:exception) { RuntimeError.new } before do - allow_any_instance_of(::Proofing::Aamva::Request::VerificationRequest). - to receive(:send).and_raise(exception) + allow_any_instance_of(::Proofing::Aamva::Request::VerificationRequest) + .to receive(:send).and_raise(exception) end it 'logs to NewRelic' do @@ -742,8 +742,8 @@ def self.test_not_successful context 'when the DMV is in a defined maintenance window' do before do - expect(Idv::AamvaStateMaintenanceWindow).to receive(:in_maintenance_window?). - and_return(true) + expect(Idv::AamvaStateMaintenanceWindow).to receive(:in_maintenance_window?) + .and_return(true) end it 'sets jurisdiction_in_maintenance_window to true' do @@ -754,8 +754,8 @@ def self.test_not_successful context 'when the DMV is not in a defined maintenance window' do before do - expect(Idv::AamvaStateMaintenanceWindow).to receive(:in_maintenance_window?). - and_return(false) + expect(Idv::AamvaStateMaintenanceWindow).to receive(:in_maintenance_window?) + .and_return(false) end it 'sets jurisdiction_in_maintenance_window to false' do diff --git a/spec/services/proofing/aamva/request/authentication_token_request_spec.rb b/spec/services/proofing/aamva/request/authentication_token_request_spec.rb index 930444f2af6..63fa5728f3c 100644 --- a/spec/services/proofing/aamva/request/authentication_token_request_spec.rb +++ b/spec/services/proofing/aamva/request/authentication_token_request_spec.rb @@ -22,9 +22,9 @@ before do allow(Time).to receive(:now).and_return(Time.utc(2017)) - allow(SecureRandom).to receive(:uuid). - at_least(:once). - and_return('12345678-abcd-efgh-ijkl-1234567890ab') + allow(SecureRandom).to receive(:uuid) + .at_least(:once) + .and_return('12345678-abcd-efgh-ijkl-1234567890ab') end describe '#body' do @@ -55,8 +55,8 @@ describe '#send' do context 'when the request is successful' do it 'returns a response object' do - stub_request(:post, config.auth_url). - to_return(body: AamvaFixtures.authentication_token_response, status: 200) + stub_request(:post, config.auth_url) + .to_return(body: AamvaFixtures.authentication_token_response, status: 200) result = subject.send @@ -67,8 +67,8 @@ # rubocop:disable Layout/LineLength context 'when the request times out' do it 'raises an error' do - stub_request(:post, config.auth_url). - to_timeout + stub_request(:post, config.auth_url) + .to_timeout expect { subject.send }.to raise_error( ::Proofing::TimeoutError, @@ -80,8 +80,8 @@ context 'when the connection fails' do it 'raises an error' do - stub_request(:post, config.auth_url). - to_raise(Faraday::ConnectionFailed.new('error')) + stub_request(:post, config.auth_url) + .to_raise(Faraday::ConnectionFailed.new('error')) expect { subject.send }.to raise_error( ::Proofing::TimeoutError, diff --git a/spec/services/proofing/aamva/request/security_token_request_spec.rb b/spec/services/proofing/aamva/request/security_token_request_spec.rb index 75a8702d72c..5f86ca01e02 100644 --- a/spec/services/proofing/aamva/request/security_token_request_spec.rb +++ b/spec/services/proofing/aamva/request/security_token_request_spec.rb @@ -7,12 +7,12 @@ before do allow(Time).to receive(:now).and_return(Time.utc(2017)) - allow(SecureRandom).to receive(:base64). - with(32). - and_return('MDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDA=') - allow(SecureRandom).to receive(:uuid). - at_least(:once). - and_return('12345678-abcd-efgh-ijkl-1234567890ab') + allow(SecureRandom).to receive(:base64) + .with(32) + .and_return('MDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDA=') + allow(SecureRandom).to receive(:uuid) + .at_least(:once) + .and_return('12345678-abcd-efgh-ijkl-1234567890ab') end subject(:security_token_request) { described_class.new(config) } @@ -30,10 +30,10 @@ expect(signature.text).to_not be_nil expect(signature.text).to_not be_empty - body_without_sig = security_token_request.body. - gsub(public_key.text, ''). - gsub(signature.text, ''). - gsub(key_identifier.text, '') + body_without_sig = security_token_request.body + .gsub(public_key.text, '') + .gsub(signature.text, '') + .gsub(key_identifier.text, '') expect(body_without_sig).to eq(AamvaFixtures.security_token_request) end @@ -61,8 +61,8 @@ describe '#send' do context 'when the request is successful' do it 'returns a response object' do - stub_request(:post, config.auth_url). - to_return(body: AamvaFixtures.security_token_response, status: 200) + stub_request(:post, config.auth_url) + .to_return(body: AamvaFixtures.security_token_response, status: 200) result = security_token_request.send @@ -72,9 +72,9 @@ context 'when the request times out once' do it 'retries and tries again' do - stub_request(:post, config.auth_url). - to_timeout. - to_return(body: AamvaFixtures.security_token_response, status: 200) + stub_request(:post, config.auth_url) + .to_timeout + .to_return(body: AamvaFixtures.security_token_response, status: 200) result = security_token_request.send @@ -85,8 +85,8 @@ # rubocop:disable Layout/LineLength context 'when the request times out a second time' do it 'raises an error' do - stub_request(:post, config.auth_url). - to_timeout + stub_request(:post, config.auth_url) + .to_timeout expect { security_token_request.send }.to raise_error( ::Proofing::TimeoutError, @@ -98,8 +98,8 @@ context 'when the connection fails' do it 'raises an error' do - stub_request(:post, config.auth_url). - to_raise(Faraday::ConnectionFailed.new('error')) + stub_request(:post, config.auth_url) + .to_raise(Faraday::ConnectionFailed.new('error')) expect { security_token_request.send }.to raise_error( ::Proofing::TimeoutError, diff --git a/spec/services/proofing/aamva/request/verification_request_spec.rb b/spec/services/proofing/aamva/request/verification_request_spec.rb index 79b52ef2716..ff092966c78 100644 --- a/spec/services/proofing/aamva/request/verification_request_spec.rb +++ b/spec/services/proofing/aamva/request/verification_request_spec.rb @@ -249,8 +249,8 @@ describe '#send' do context 'when the request is successful' do it 'returns a response object' do - stub_request(:post, config.verification_url). - to_return(body: AamvaFixtures.verification_response, status: 200) + stub_request(:post, config.verification_url) + .to_return(body: AamvaFixtures.verification_response, status: 200) response = subject.send @@ -270,8 +270,8 @@ # rubocop:disable Layout/LineLength context 'when the request times out' do it 'raises an error' do - stub_request(:post, config.verification_url). - to_timeout + stub_request(:post, config.verification_url) + .to_timeout expect { subject.send }.to raise_error( ::Proofing::TimeoutError, @@ -283,8 +283,8 @@ context 'when the connection fails' do it 'raises an error' do - stub_request(:post, config.verification_url). - to_raise(Faraday::ConnectionFailed.new('error')) + stub_request(:post, config.verification_url) + .to_raise(Faraday::ConnectionFailed.new('error')) expect { subject.send }.to raise_error( ::Proofing::TimeoutError, diff --git a/spec/services/proofing/aamva/verification_client_spec.rb b/spec/services/proofing/aamva/verification_client_spec.rb index 14a765a2445..75c998b4dcc 100644 --- a/spec/services/proofing/aamva/verification_client_spec.rb +++ b/spec/services/proofing/aamva/verification_client_spec.rb @@ -17,14 +17,14 @@ describe '#send_verification_request' do before do - allow(Proofing::Aamva::AuthenticationClient).to receive(:auth_token). - and_return('ThisIsTheToken') + allow(Proofing::Aamva::AuthenticationClient).to receive(:auth_token) + .and_return('ThisIsTheToken') end it 'gets the auth token from the auth client' do - verification_stub = stub_request(:post, AamvaFixtures.example_config.verification_url). - to_return(body: AamvaFixtures.verification_response, status: 200). - with do |request| + verification_stub = stub_request(:post, AamvaFixtures.example_config.verification_url) + .to_return(body: AamvaFixtures.verification_response, status: 200) + .with do |request| xml_text_at_path(request.body, '//dldv:token').gsub(/\s/, '') == 'ThisIsTheToken' end @@ -42,11 +42,11 @@ let(:response_http_status) { 200 } before do - allow(Proofing::Aamva::AuthenticationClient).to receive(:auth_token). - and_return('ThisIsTheToken') + allow(Proofing::Aamva::AuthenticationClient).to receive(:auth_token) + .and_return('ThisIsTheToken') - stub_request(:post, AamvaFixtures.example_config.verification_url). - to_return(body: response_body, status: response_http_status) + stub_request(:post, AamvaFixtures.example_config.verification_url) + .to_return(body: response_body, status: response_http_status) end let(:response) do diff --git a/spec/services/proofing/lexis_nexis/ddp/proofing_spec.rb b/spec/services/proofing/lexis_nexis/ddp/proofing_spec.rb index 0f9485bf8b1..abd414271af 100644 --- a/spec/services/proofing/lexis_nexis/ddp/proofing_spec.rb +++ b/spec/services/proofing/lexis_nexis/ddp/proofing_spec.rb @@ -149,8 +149,8 @@ result = proofer.proof(proofing_applicant) expect(result.success?).to eq(false) - expect(result.exception.inspect). - to include(LexisNexisFixtures.ddp_unexpected_review_status) + expect(result.exception.inspect) + .to include(LexisNexisFixtures.ddp_unexpected_review_status) end end end @@ -161,8 +161,8 @@ end before do - allow(IdentityConfig.store).to receive(:lexisnexis_threatmetrix_authentication_policy). - and_return('test-authentication-policy') + allow(IdentityConfig.store).to receive(:lexisnexis_threatmetrix_authentication_policy) + .and_return('test-authentication-policy') end context 'when the response is a full match' do let(:response_body) { LexisNexisFixtures.ddp_success_response_json } diff --git a/spec/services/proofing/lexis_nexis/ddp/response_redacter_spec.rb b/spec/services/proofing/lexis_nexis/ddp/response_redacter_spec.rb index a641ff46018..645d166a14e 100644 --- a/spec/services/proofing/lexis_nexis/ddp/response_redacter_spec.rb +++ b/spec/services/proofing/lexis_nexis/ddp/response_redacter_spec.rb @@ -2,8 +2,8 @@ RSpec.describe Proofing::LexisNexis::Ddp::ResponseRedacter do let(:json) do - Proofing::LexisNexis::Ddp::ResponseRedacter. - redact(sample_hash) + Proofing::LexisNexis::Ddp::ResponseRedacter + .redact(sample_hash) end describe 'self.redact' do diff --git a/spec/services/proofing/lexis_nexis/ddp/verification_request_spec.rb b/spec/services/proofing/lexis_nexis/ddp/verification_request_spec.rb index 4e541595f69..d6b1b4ad106 100644 --- a/spec/services/proofing/lexis_nexis/ddp/verification_request_spec.rb +++ b/spec/services/proofing/lexis_nexis/ddp/verification_request_spec.rb @@ -32,10 +32,10 @@ end before do - allow(IdentityConfig.store).to receive(:lexisnexis_threatmetrix_policy). - and_return('test-policy') - allow(IdentityConfig.store).to receive(:lexisnexis_threatmetrix_authentication_policy). - and_return('test-authentication-policy') + allow(IdentityConfig.store).to receive(:lexisnexis_threatmetrix_policy) + .and_return('test-policy') + allow(IdentityConfig.store).to receive(:lexisnexis_threatmetrix_authentication_policy) + .and_return('test-authentication-policy') end describe '#body' do diff --git a/spec/services/proofing/lexis_nexis/phone_finder/proofing_spec.rb b/spec/services/proofing/lexis_nexis/phone_finder/proofing_spec.rb index 43b9225d5b5..d2dd5609fcd 100644 --- a/spec/services/proofing/lexis_nexis/phone_finder/proofing_spec.rb +++ b/spec/services/proofing/lexis_nexis/phone_finder/proofing_spec.rb @@ -29,8 +29,8 @@ describe '#proof' do context 'when the response is a success' do it 'is a successful rdp1 result' do - stub_request(:post, verification_request.url). - to_return(body: LexisNexisFixtures.phone_finder_rdp1_success_response_json, status: 200) + stub_request(:post, verification_request.url) + .to_return(body: LexisNexisFixtures.phone_finder_rdp1_success_response_json, status: 200) result = subject.proof(applicant) @@ -42,8 +42,8 @@ end it 'is a successful rdp2 result' do - stub_request(:post, verification_request.url). - to_return(body: LexisNexisFixtures.phone_finder_rdp2_success_response_json, status: 200) + stub_request(:post, verification_request.url) + .to_return(body: LexisNexisFixtures.phone_finder_rdp2_success_response_json, status: 200) result = subject.proof(applicant) @@ -83,8 +83,8 @@ context 'when the rdp2 response is a failure' do it 'is a failure result' do - stub_request(:post, verification_request.url). - to_return(body: LexisNexisFixtures.phone_finder_rdp2_fail_response_json, status: 200) + stub_request(:post, verification_request.url) + .to_return(body: LexisNexisFixtures.phone_finder_rdp2_fail_response_json, status: 200) result = subject.proof(applicant) result_json_hash = result.errors[:PhoneFinder].first diff --git a/spec/services/proofing/mock/device_profiling_backend_spec.rb b/spec/services/proofing/mock/device_profiling_backend_spec.rb index e4c64f09538..ef206058638 100644 --- a/spec/services/proofing/mock/device_profiling_backend_spec.rb +++ b/spec/services/proofing/mock/device_profiling_backend_spec.rb @@ -12,8 +12,8 @@ describe '#record_profiling_result' do it 'raises with unknown result' do - expect { backend.record_profiling_result(session_id: session_id, result: 'aaa') }. - to raise_error(ArgumentError) + expect { backend.record_profiling_result(session_id: session_id, result: 'aaa') } + .to raise_error(ArgumentError) end it 'sets the value in redis' do diff --git a/spec/services/proofing/resolution/plugins/aamva_plugin_spec.rb b/spec/services/proofing/resolution/plugins/aamva_plugin_spec.rb index f23c51056c4..5e47a42589c 100644 --- a/spec/services/proofing/resolution/plugins/aamva_plugin_spec.rb +++ b/spec/services/proofing/resolution/plugins/aamva_plugin_spec.rb @@ -74,8 +74,8 @@ def sp_cost_count_with_transaction_id it 'tracks an SP cost for AAMVA' do expect { call }.to( - change { sp_cost_count_with_transaction_id }. - to(1), + change { sp_cost_count_with_transaction_id } + .to(1), ) end @@ -111,10 +111,10 @@ def sp_cost_count_with_transaction_id end it 'tracks an SP cost for AAMVA' do - expect { call }. - to( - change { sp_cost_count_with_transaction_id }. - to(1), + expect { call } + .to( + change { sp_cost_count_with_transaction_id } + .to(1), ) end end @@ -323,8 +323,8 @@ def sp_cost_count_with_transaction_id end before do - allow(IdentityConfig.store).to receive(:aamva_supported_jurisdictions). - and_return(aamva_supported_jurisdictions) + allow(IdentityConfig.store).to receive(:aamva_supported_jurisdictions) + .and_return(aamva_supported_jurisdictions) end context 'when jurisdiction is supported' do diff --git a/spec/services/proofing/resolution/plugins/state_id_address_plugin_spec.rb b/spec/services/proofing/resolution/plugins/state_id_address_plugin_spec.rb index de3ed2161bc..0bf9f5da8ec 100644 --- a/spec/services/proofing/resolution/plugins/state_id_address_plugin_spec.rb +++ b/spec/services/proofing/resolution/plugins/state_id_address_plugin_spec.rb @@ -64,9 +64,9 @@ end it 'passes state id address to proofer' do - expect(plugin.proofer). - to receive(:proof). - with(hash_including(state_id_address)) + expect(plugin.proofer) + .to receive(:proof) + .with(hash_including(state_id_address)) call end @@ -77,13 +77,13 @@ end it 'records correct SP cost' do - expect { call }. - to change { - SpCost.where( - cost_type: :lexis_nexis_resolution, - issuer: current_sp.issuer, - ).count - }.to(1) + expect { call } + .to change { + SpCost.where( + cost_type: :lexis_nexis_resolution, + issuer: current_sp.issuer, + ).count + }.to(1) end end @@ -102,13 +102,13 @@ end it 'records a LexisNexis SP cost' do - expect { call }. - to change { - SpCost.where( - cost_type: :lexis_nexis_resolution, - issuer: current_sp.issuer, - ).count - }.to(1) + expect { call } + .to change { + SpCost.where( + cost_type: :lexis_nexis_resolution, + issuer: current_sp.issuer, + ).count + }.to(1) end end @@ -127,13 +127,13 @@ end it 'records a LexisNexis SP cost' do - expect { call }. - to change { - SpCost.where( - cost_type: :lexis_nexis_resolution, - issuer: current_sp.issuer, - ).count - }.to(1) + expect { call } + .to change { + SpCost.where( + cost_type: :lexis_nexis_resolution, + issuer: current_sp.issuer, + ).count + }.to(1) end end end @@ -147,8 +147,8 @@ end it 'does not add a new LexisNexis SP cost (since residential address result was reused)' do - expect { call }. - not_to change { + expect { call } + .not_to change { SpCost.where( cost_type: :lexis_nexis_resolution, issuer: current_sp.issuer, @@ -193,13 +193,13 @@ end it 'records a LexisNexis SP cost' do - expect { call }. - to change { - SpCost.where( - cost_type: :lexis_nexis_resolution, - issuer: current_sp.issuer, - ).count - }.to(1) + expect { call } + .to change { + SpCost.where( + cost_type: :lexis_nexis_resolution, + issuer: current_sp.issuer, + ).count + }.to(1) end end @@ -218,13 +218,13 @@ end it 'records a LexisNexis SP cost' do - expect { call }. - to change { - SpCost.where( - cost_type: :lexis_nexis_resolution, - issuer: current_sp.issuer, - ).count - }.to(1) + expect { call } + .to change { + SpCost.where( + cost_type: :lexis_nexis_resolution, + issuer: current_sp.issuer, + ).count + }.to(1) end end @@ -243,13 +243,13 @@ end it 'records a LexisNexis SP cost' do - expect { call }. - to change { - SpCost.where( - cost_type: :lexis_nexis_resolution, - issuer: current_sp.issuer, - ).count - }.to(1) + expect { call } + .to change { + SpCost.where( + cost_type: :lexis_nexis_resolution, + issuer: current_sp.issuer, + ).count + }.to(1) end end @@ -269,13 +269,13 @@ end it 'does not record an additional LexisNexis SP cost' do - expect { call }. - not_to change { - SpCost.where( - cost_type: :lexis_nexis_resolution, - issuer: current_sp.issuer, - ).count - } + expect { call } + .not_to change { + SpCost.where( + cost_type: :lexis_nexis_resolution, + issuer: current_sp.issuer, + ).count + } end it 'returns a ResolutionCannotPass result' do diff --git a/spec/services/proofing/resolution/plugins/threatmetrix_plugin_spec.rb b/spec/services/proofing/resolution/plugins/threatmetrix_plugin_spec.rb index 210a4497696..e0135620dad 100644 --- a/spec/services/proofing/resolution/plugins/threatmetrix_plugin_spec.rb +++ b/spec/services/proofing/resolution/plugins/threatmetrix_plugin_spec.rb @@ -15,8 +15,8 @@ end before do - allow(IdentityConfig.store).to receive(:lexisnexis_threatmetrix_mock_enabled). - and_return(false) + allow(IdentityConfig.store).to receive(:lexisnexis_threatmetrix_mock_enabled) + .and_return(false) allow(plugin.proofer).to receive(:proof).and_return(proofer_result) end @@ -38,8 +38,8 @@ def sp_cost_count context 'ThreatMetrix is enabled' do before do - allow(FeatureManagement).to receive(:proofing_device_profiling_collecting_enabled?). - and_return(true) + allow(FeatureManagement).to receive(:proofing_device_profiling_collecting_enabled?) + .and_return(true) end it 'calls the ThreatMetrix proofer' do @@ -93,8 +93,8 @@ def sp_cost_count context 'ThreatMetrix is disabled' do before do - allow(FeatureManagement).to receive(:proofing_device_profiling_collecting_enabled?). - and_return(false) + allow(FeatureManagement).to receive(:proofing_device_profiling_collecting_enabled?) + .and_return(false) end it 'returns a disabled result' do diff --git a/spec/services/proofing/resolution/progressive_proofer_spec.rb b/spec/services/proofing/resolution/progressive_proofer_spec.rb index 5b7eab4a20a..12b31d71a00 100644 --- a/spec/services/proofing/resolution/progressive_proofer_spec.rb +++ b/spec/services/proofing/resolution/progressive_proofer_spec.rb @@ -86,14 +86,14 @@ before do allow(resolution_proofer).to receive(:proof).and_return(*resolution_proofing_results) - allow(progressive_proofer).to receive(:create_proofer). - and_return(resolution_proofer) + allow(progressive_proofer).to receive(:create_proofer) + .and_return(resolution_proofer) - allow(progressive_proofer.threatmetrix_plugin).to receive(:proofer). - and_return(threatmetrix_proofer) + allow(progressive_proofer.threatmetrix_plugin).to receive(:proofer) + .and_return(threatmetrix_proofer) - allow(progressive_proofer.aamva_plugin).to receive(:proofer). - and_return(aamva_proofer) + allow(progressive_proofer.aamva_plugin).to receive(:proofer) + .and_return(aamva_proofer) end context 'remote unsupervised proofing' do @@ -339,12 +339,12 @@ subject(:proofing_vendor) { progressive_proofer.proofing_vendor } before do - allow(IdentityConfig.store).to receive(:idv_resolution_default_vendor). - and_return(idv_resolution_default_vendor) - allow(IdentityConfig.store).to receive(:idv_resolution_alternate_vendor). - and_return(idv_resolution_alternate_vendor) - allow(IdentityConfig.store).to receive(:idv_resolution_alternate_vendor_percent). - and_return(idv_resolution_alternate_vendor_percent) + allow(IdentityConfig.store).to receive(:idv_resolution_default_vendor) + .and_return(idv_resolution_default_vendor) + allow(IdentityConfig.store).to receive(:idv_resolution_alternate_vendor) + .and_return(idv_resolution_alternate_vendor) + allow(IdentityConfig.store).to receive(:idv_resolution_alternate_vendor_percent) + .and_return(idv_resolution_alternate_vendor_percent) end context 'when default is set to 100%' do diff --git a/spec/services/proofing/socure/id_plus/proofer_spec.rb b/spec/services/proofing/socure/id_plus/proofer_spec.rb index a95c06893e9..469610514be 100644 --- a/spec/services/proofing/socure/id_plus/proofer_spec.rb +++ b/spec/services/proofing/socure/id_plus/proofer_spec.rb @@ -58,8 +58,8 @@ before do using_json = !response_body.is_a?(String) - stub_request(:post, URI.join(base_url, '/api/3.0/EmailAuthScore').to_s). - to_return( + stub_request(:post, URI.join(base_url, '/api/3.0/EmailAuthScore').to_s) + .to_return( status: response_status, headers: { 'Content-Type' => using_json ? @@ -185,8 +185,8 @@ context 'when request times out' do before do - stub_request(:post, URI.join(base_url, '/api/3.0/EmailAuthScore').to_s). - to_timeout + stub_request(:post, URI.join(base_url, '/api/3.0/EmailAuthScore').to_s) + .to_timeout end describe 'the result' do diff --git a/spec/services/proofing/socure/id_plus/request_spec.rb b/spec/services/proofing/socure/id_plus/request_spec.rb index 333ee26285d..69b4b87032b 100644 --- a/spec/services/proofing/socure/id_plus/request_spec.rb +++ b/spec/services/proofing/socure/id_plus/request_spec.rb @@ -68,8 +68,8 @@ describe '#send_request' do before do - stub_request(:post, 'https://example.org/api/3.0/EmailAuthScore'). - to_return( + stub_request(:post, 'https://example.org/api/3.0/EmailAuthScore') + .to_return( headers: { 'Content-Type' => 'application/json', }, @@ -129,8 +129,8 @@ context 'when service returns an HTTP 400 response' do before do - stub_request(:post, 'https://example.org/api/3.0/EmailAuthScore'). - to_return( + stub_request(:post, 'https://example.org/api/3.0/EmailAuthScore') + .to_return( status: 400, headers: { 'Content-Type' => 'application/json', @@ -170,8 +170,8 @@ context 'when service returns an HTTP 401 reponse' do before do - stub_request(:post, 'https://example.org/api/3.0/EmailAuthScore'). - to_return( + stub_request(:post, 'https://example.org/api/3.0/EmailAuthScore') + .to_return( status: 401, headers: { 'Content-Type' => 'application/json', @@ -198,8 +198,8 @@ context 'when service returns weird HTTP 500 response' do before do - stub_request(:post, 'https://example.org/api/3.0/EmailAuthScore'). - to_return( + stub_request(:post, 'https://example.org/api/3.0/EmailAuthScore') + .to_return( status: 500, body: 'It works!', ) @@ -214,8 +214,8 @@ context 'when request times out' do before do - stub_request(:post, 'https://example.org/api/3.0/EmailAuthScore'). - to_timeout + stub_request(:post, 'https://example.org/api/3.0/EmailAuthScore') + .to_timeout end it 'raises a ProofingTimeoutError' do @@ -225,8 +225,8 @@ context 'when connection is reset' do before do - stub_request(:post, 'https://example.org/api/3.0/EmailAuthScore'). - to_raise(Errno::ECONNRESET) + stub_request(:post, 'https://example.org/api/3.0/EmailAuthScore') + .to_raise(Errno::ECONNRESET) end it 'raises a Request::Error' do diff --git a/spec/services/proofing/socure/reason_codes/importer_spec.rb b/spec/services/proofing/socure/reason_codes/importer_spec.rb index f14ef0ac5af..2f8e4dddbfd 100644 --- a/spec/services/proofing/socure/reason_codes/importer_spec.rb +++ b/spec/services/proofing/socure/reason_codes/importer_spec.rb @@ -15,8 +15,8 @@ end it 'adds reason codes that do not exist', :freeze_time do - allow(subject.api_client).to receive(:download_reason_codes). - and_return(downloaded_reason_codes) + allow(subject.api_client).to receive(:download_reason_codes) + .and_return(downloaded_reason_codes) result = subject.synchronize @@ -42,8 +42,8 @@ added_at: 1.day.ago, ) - allow(subject.api_client).to receive(:download_reason_codes). - and_return(downloaded_reason_codes) + allow(subject.api_client).to receive(:download_reason_codes) + .and_return(downloaded_reason_codes) result = subject.synchronize expect(result.to_h[:deactivated_reason_codes]).to eq( @@ -58,8 +58,8 @@ context 'the downloaded reason codes are malformed' do it 'returns an unsuccessful response' do - allow(subject.api_client).to receive(:download_reason_codes). - and_return('malformed response') + allow(subject.api_client).to receive(:download_reason_codes) + .and_return('malformed response') result = subject.synchronize diff --git a/spec/services/push_notification/http_push_spec.rb b/spec/services/push_notification/http_push_spec.rb index 1cd1e71bb13..8288fa9287b 100644 --- a/spec/services/push_notification/http_push_spec.rb +++ b/spec/services/push_notification/http_push_spec.rb @@ -29,8 +29,8 @@ before do ActiveJob::Base.queue_adapter = :test allow(Identity::Hostdata).to receive(:env).and_return('dev') - allow(IdentityConfig.store).to receive(:push_notifications_enabled). - and_return(push_notifications_enabled) + allow(IdentityConfig.store).to receive(:push_notifications_enabled) + .and_return(push_notifications_enabled) end describe '#deliver' do diff --git a/spec/services/random_phrase_spec.rb b/spec/services/random_phrase_spec.rb index d9b3aab9c22..e94be65b36f 100644 --- a/spec/services/random_phrase_spec.rb +++ b/spec/services/random_phrase_spec.rb @@ -6,8 +6,8 @@ profane = Base32::Crockford.decode('FART') not_profane = Base32::Crockford.decode('ABCD') - expect(SecureRandom).to receive(:random_number). - and_return(profane, not_profane) + expect(SecureRandom).to receive(:random_number) + .and_return(profane, not_profane) phrase = RandomPhrase.new(num_words: 1) diff --git a/spec/services/rate_limiter_spec.rb b/spec/services/rate_limiter_spec.rb index a4b8fc619bf..f3184ac60f3 100644 --- a/spec/services/rate_limiter_spec.rb +++ b/spec/services/rate_limiter_spec.rb @@ -6,8 +6,8 @@ let(:attempt_window) { 10 } before(:each) do allow(IdentityConfig.store).to receive(:doc_auth_max_attempts).and_return(max_attempts) - allow(IdentityConfig.store).to receive(:doc_auth_attempt_window_in_minutes). - and_return(attempt_window) + allow(IdentityConfig.store).to receive(:doc_auth_attempt_window_in_minutes) + .and_return(attempt_window) end describe '.new' do @@ -16,31 +16,31 @@ context 'target is not a string' do it 'raises an error' do - expect { RateLimiter.new(target: 3, rate_limit_type: rate_limit_type) }. - to raise_error(ArgumentError) + expect { RateLimiter.new(target: 3, rate_limit_type: rate_limit_type) } + .to raise_error(ArgumentError) end end end it 'throws an error when neither user nor target are provided' do - expect { RateLimiter.new(rate_limit_type: rate_limit_type) }. - to raise_error( + expect { RateLimiter.new(rate_limit_type: rate_limit_type) } + .to raise_error( ArgumentError, 'RateLimiter must have a user or a target, but neither were provided', ) end it 'throws an error when both user and target are provided' do - expect { RateLimiter.new(rate_limit_type: rate_limit_type) }. - to raise_error( + expect { RateLimiter.new(rate_limit_type: rate_limit_type) } + .to raise_error( ArgumentError, 'RateLimiter must have a user or a target, but neither were provided', ) end it 'throws an error for an invalid rate_limit_type' do - expect { RateLimiter.new(rate_limit_type: :abc_123, target: '1') }. - to raise_error( + expect { RateLimiter.new(rate_limit_type: :abc_123, target: '1') } + .to raise_error( ArgumentError, 'rate_limit_type is not valid', ) @@ -141,8 +141,8 @@ rate_limiter.increment! travel_to(rate_limiter.attempted_at + 3.days) do - expect(rate_limiter.expires_at).to be_within(1.second). - of(rate_limiter.attempted_at + attempt_window.minutes) + expect(rate_limiter.expires_at).to be_within(1.second) + .of(rate_limiter.attempted_at + attempt_window.minutes) end end @@ -166,8 +166,8 @@ it 'returns expiration time' do freeze_time do rate_limiter.increment! - expect(rate_limiter.expires_at).to be_within(1.second). - of(rate_limiter.attempted_at + attempt_window.minutes) + expect(rate_limiter.expires_at).to be_within(1.second) + .of(rate_limiter.attempted_at + attempt_window.minutes) end end end diff --git a/spec/services/recaptcha_annotator_spec.rb b/spec/services/recaptcha_annotator_spec.rb index 10c6a5a1e0b..d6c0d79e3fd 100644 --- a/spec/services/recaptcha_annotator_spec.rb +++ b/spec/services/recaptcha_annotator_spec.rb @@ -48,19 +48,19 @@ context 'with recaptcha enterprise' do before do allow(FeatureManagement).to receive(:recaptcha_enterprise?).and_return(true) - allow(IdentityConfig.store).to receive(:recaptcha_enterprise_project_id). - and_return(recaptcha_enterprise_project_id) - allow(IdentityConfig.store).to receive(:recaptcha_enterprise_api_key). - and_return(recaptcha_enterprise_api_key) - stub_request(:post, annotation_url). - with do |req| + allow(IdentityConfig.store).to receive(:recaptcha_enterprise_project_id) + .and_return(recaptcha_enterprise_project_id) + allow(IdentityConfig.store).to receive(:recaptcha_enterprise_api_key) + .and_return(recaptcha_enterprise_api_key) + stub_request(:post, annotation_url) + .with do |req| parsed_body = JSON.parse(req.body) next if reason && parsed_body['reasons'] != [reason.to_s] next if !reason && parsed_body.key?('reasons') next if annotation && parsed_body['annotation'] != annotation.to_s true - end. - to_return(headers: { 'Content-Type': 'application/json' }, body: '{}') + end + .to_return(headers: { 'Content-Type': 'application/json' }, body: '{}') end it 'submits annotation' do @@ -86,8 +86,8 @@ it 'submits only what is provided' do annotate - expect(WebMock).to have_requested(:post, annotation_url). - with(body: { reasons: [reason] }.to_json) + expect(WebMock).to have_requested(:post, annotation_url) + .with(body: { reasons: [reason] }.to_json) end it 'returns a hash describing annotation' do diff --git a/spec/services/redis_rate_limiter_spec.rb b/spec/services/redis_rate_limiter_spec.rb index dd3aa0d6a48..ce4394c722a 100644 --- a/spec/services/redis_rate_limiter_spec.rb +++ b/spec/services/redis_rate_limiter_spec.rb @@ -85,8 +85,8 @@ context 'when the key does not exist in redis' do it 'sets the value to 1 when' do expect { rate_limiter.increment(now) }.to( - change { REDIS_THROTTLE_POOL.with { |r| r.get(rate_limiter.build_key(now)) } }. - from(nil).to('1'), + change { REDIS_THROTTLE_POOL.with { |r| r.get(rate_limiter.build_key(now)) } } + .from(nil).to('1'), ) end end diff --git a/spec/services/reporting/agency_and_sp_report_spec.rb b/spec/services/reporting/agency_and_sp_report_spec.rb index 7ed81700074..f4eced11e50 100644 --- a/spec/services/reporting/agency_and_sp_report_spec.rb +++ b/spec/services/reporting/agency_and_sp_report_spec.rb @@ -164,8 +164,8 @@ end before do - allow_any_instance_of(Reporting::AgencyAndSpReport).to receive(:facial_match_issuers). - and_return([idv_facial_match_sp.issuer]) + allow_any_instance_of(Reporting::AgencyAndSpReport).to receive(:facial_match_issuers) + .and_return([idv_facial_match_sp.issuer]) end it 'counts the SP and its Agency as IDV' do @@ -175,8 +175,8 @@ context 'when a query times out' do before do - expect(ServiceProvider).to receive(:where). - and_raise(ActiveRecord::QueryCanceled, 'query took too long') + expect(ServiceProvider).to receive(:where) + .and_raise(ActiveRecord::QueryCanceled, 'query took too long') end it 'rescues the error and shows a warning' do diff --git a/spec/services/request_password_reset_spec.rb b/spec/services/request_password_reset_spec.rb index 8b079c9b6bd..7bec877a0d9 100644 --- a/spec/services/request_password_reset_spec.rb +++ b/spec/services/request_password_reset_spec.rb @@ -30,20 +30,20 @@ end before do - allow(UserMailer).to receive(:reset_password_instructions). - and_wrap_original do |impl, user, email, options| + allow(UserMailer).to receive(:reset_password_instructions) + .and_wrap_original do |impl, user, email, options| token = options.fetch(:token) expect(token).to be_present - expect(Devise.token_generator.digest(User, :reset_password_token, token)). - to eq(user.reset_password_token) + expect(Devise.token_generator.digest(User, :reset_password_token, token)) + .to eq(user.reset_password_token) impl.call(user, email, **options) end end it 'sets password reset token' do - expect { subject }. - to(change { user.reload.reset_password_token }) + expect { subject } + .to(change { user.reload.reset_password_token }) end it 'sends the correct email to the user' do @@ -57,8 +57,8 @@ end it 'sends a recovery activated push event' do - expect(PushNotification::HttpPush).to receive(:deliver). - with(PushNotification::RecoveryActivatedEvent.new(user: user)) + expect(PushNotification::HttpPush).to receive(:deliver) + .with(PushNotification::RecoveryActivatedEvent.new(user: user)) subject end @@ -71,17 +71,17 @@ before do user.suspend! - allow(UserMailer).to receive(:reset_password_instructions). - and_wrap_original do |impl, user, email, options| + allow(UserMailer).to receive(:reset_password_instructions) + .and_wrap_original do |impl, user, email, options| token = options.fetch(:token) expect(token).to be_present - expect(Devise.token_generator.digest(User, :reset_password_token, token)). - to eq(user.reset_password_token) + expect(Devise.token_generator.digest(User, :reset_password_token, token)) + .to eq(user.reset_password_token) impl.call(user, email, **options) end - allow(UserMailer).to receive(:suspended_reset_password). - and_wrap_original do |impl, user, email, options| + allow(UserMailer).to receive(:suspended_reset_password) + .and_wrap_original do |impl, user, email, options| token = options.fetch(:token) expect(token).not_to be_present @@ -90,8 +90,8 @@ end it 'does not set a password reset token' do - expect { subject }. - not_to(change { user.reload.reset_password_token }) + expect { subject } + .not_to(change { user.reload.reset_password_token }) end it 'sends an email to the suspended user' do @@ -105,8 +105,8 @@ end it 'does not send a recovery activated push event' do - expect(PushNotification::HttpPush).not_to receive(:deliver). - with(PushNotification::RecoveryActivatedEvent.new(user: user)) + expect(PushNotification::HttpPush).not_to receive(:deliver) + .with(PushNotification::RecoveryActivatedEvent.new(user: user)) subject end @@ -114,20 +114,20 @@ context 'when the user is found, not privileged, and not yet confirmed' do it 'sends password reset instructions' do - allow(UserMailer).to receive(:reset_password_instructions). - and_wrap_original do |impl, user, email, options| + allow(UserMailer).to receive(:reset_password_instructions) + .and_wrap_original do |impl, user, email, options| token = options.fetch(:token) expect(token).to be_present - expect(Devise.token_generator.digest(User, :reset_password_token, token)). - to eq(user.reset_password_token) + expect(Devise.token_generator.digest(User, :reset_password_token, token)) + .to eq(user.reset_password_token) impl.call(user, email, **options) end expect do RequestPasswordReset.new(email:).perform - end. - to(change { user.reload.reset_password_token }) + end + .to(change { user.reload.reset_password_token }) end end @@ -180,8 +180,8 @@ email: email, analytics: analytics, ).perform - end. - to(change { user.reload.reset_password_token }) + end + .to(change { user.reload.reset_password_token }) end # extra time, rate limited @@ -190,8 +190,8 @@ email: email, analytics: analytics, ).perform - end. - to_not(change { user.reload.reset_password_token }) + end + .to_not(change { user.reload.reset_password_token }) expect(analytics).to have_logged_event( 'Rate Limit Reached', @@ -202,9 +202,9 @@ it 'only sends a push notification when the attempts have not been rate limited' do max_attempts = IdentityConfig.store.reset_password_email_max_attempts - expect(PushNotification::HttpPush).to receive(:deliver). - with(PushNotification::RecoveryActivatedEvent.new(user: user)). - exactly(max_attempts - 1).times + expect(PushNotification::HttpPush).to receive(:deliver) + .with(PushNotification::RecoveryActivatedEvent.new(user: user)) + .exactly(max_attempts - 1).times (max_attempts - 1).times do expect do @@ -212,8 +212,8 @@ email: email, analytics: analytics, ).perform - end. - to(change { user.reload.reset_password_token }) + end + .to(change { user.reload.reset_password_token }) end # extra time, rate limited @@ -222,8 +222,8 @@ email: email, analytics: analytics, ).perform - end. - to_not(change { user.reload.reset_password_token }) + end + .to_not(change { user.reload.reset_password_token }) end end end diff --git a/spec/services/reset_user_password_spec.rb b/spec/services/reset_user_password_spec.rb index f0017af9340..cd34047c356 100644 --- a/spec/services/reset_user_password_spec.rb +++ b/spec/services/reset_user_password_spec.rb @@ -15,22 +15,22 @@ end it 'creates a password_invalidated user event' do - expect { call }. - to(change { user.events.password_invalidated.size }.from(0).to(1)) + expect { call } + .to(change { user.events.password_invalidated.size }.from(0).to(1)) end it 'notifies the user via email to each of their confirmed email addresses' do create(:email_address, user:, email: Faker::Internet.email, confirmed_at: nil) - expect { call }. - to(change { ActionMailer::Base.deliveries.count }.by(2)) + expect { call } + .to(change { ActionMailer::Base.deliveries.count }.by(2)) mails = ActionMailer::Base.deliveries.last(2) expect(mails.map(&:to).flatten).to match_array(user.confirmed_email_addresses.map(&:email)) end it 'clears all remembered browsers by updating the remember_device_revoked_at timestamp' do - expect { call }. - to(change { user.reload.remember_device_revoked_at.to_i }.to(now.to_i)) + expect { call } + .to(change { user.reload.remember_device_revoked_at.to_i }.to(now.to_i)) end end end diff --git a/spec/services/revoke_service_provider_consent_spec.rb b/spec/services/revoke_service_provider_consent_spec.rb index c9e2042b6af..5a7b03872db 100644 --- a/spec/services/revoke_service_provider_consent_spec.rb +++ b/spec/services/revoke_service_provider_consent_spec.rb @@ -11,15 +11,15 @@ end it 'sets the deleted_at' do - expect { service.call }. - to change { identity.reload.deleted_at&.to_i }. - from(nil).to(now.to_i) + expect { service.call } + .to change { identity.reload.deleted_at&.to_i } + .from(nil).to(now.to_i) end it 'clears the verified attributes' do - expect { service.call }. - to change { identity.reload.verified_attributes }. - from(['email']).to(nil) + expect { service.call } + .to change { identity.reload.verified_attributes } + .from(['email']).to(nil) end end end diff --git a/spec/services/saml_request_validator_spec.rb b/spec/services/saml_request_validator_spec.rb index 5aac4b99285..5d16379edbd 100644 --- a/spec/services/saml_request_validator_spec.rb +++ b/spec/services/saml_request_validator_spec.rb @@ -311,8 +311,8 @@ context 'when the service provider is allowed to use facial match ials' do before do sp.update(ial: 2) - allow_any_instance_of(ServiceProvider).to receive(:facial_match_ial_allowed?). - and_return(true) + allow_any_instance_of(ServiceProvider).to receive(:facial_match_ial_allowed?) + .and_return(true) end it 'returns a successful response' do @@ -326,8 +326,8 @@ context 'when the service provider is not allowed to use facial match ials' do before do - allow_any_instance_of(ServiceProvider).to receive(:facial_match_ial_allowed?). - and_return(false) + allow_any_instance_of(ServiceProvider).to receive(:facial_match_ial_allowed?) + .and_return(false) end it 'fails with an unauthorized error' do diff --git a/spec/services/service_provider_request_proxy_spec.rb b/spec/services/service_provider_request_proxy_spec.rb index c6511a8062d..239e8478dc1 100644 --- a/spec/services/service_provider_request_proxy_spec.rb +++ b/spec/services/service_provider_request_proxy_spec.rb @@ -19,35 +19,35 @@ context 'when the record does not exist' do it 'returns an instance of NullServiceProviderRequest' do - expect(ServiceProviderRequestProxy.from_uuid('123')). - to be_an_instance_of NullServiceProviderRequest + expect(ServiceProviderRequestProxy.from_uuid('123')) + .to be_an_instance_of NullServiceProviderRequest end end context 'bad input' do it 'handles a null byte in the uuid' do - expect(ServiceProviderRequestProxy.from_uuid("\0")). - to be_an_instance_of NullServiceProviderRequest + expect(ServiceProviderRequestProxy.from_uuid("\0")) + .to be_an_instance_of NullServiceProviderRequest end it 'handles nil' do - expect(ServiceProviderRequestProxy.from_uuid(nil)). - to be_an_instance_of NullServiceProviderRequest + expect(ServiceProviderRequestProxy.from_uuid(nil)) + .to be_an_instance_of NullServiceProviderRequest end it 'handles empty string' do - expect(ServiceProviderRequestProxy.from_uuid('')). - to be_an_instance_of NullServiceProviderRequest + expect(ServiceProviderRequestProxy.from_uuid('')) + .to be_an_instance_of NullServiceProviderRequest end it 'handles hashes' do - expect(ServiceProviderRequestProxy.from_uuid({})). - to be_an_instance_of NullServiceProviderRequest + expect(ServiceProviderRequestProxy.from_uuid({})) + .to be_an_instance_of NullServiceProviderRequest end it 'handles arrays' do - expect(ServiceProviderRequestProxy.from_uuid([])). - to be_an_instance_of NullServiceProviderRequest + expect(ServiceProviderRequestProxy.from_uuid([])) + .to be_an_instance_of NullServiceProviderRequest end end end diff --git a/spec/services/service_provider_seeder_spec.rb b/spec/services/service_provider_seeder_spec.rb index 3151b056fd9..11972757385 100644 --- a/spec/services/service_provider_seeder_spec.rb +++ b/spec/services/service_provider_seeder_spec.rb @@ -67,10 +67,10 @@ it 'updates the attributes based on the current value of the yml file' do expect { run }.to( - change { ServiceProvider.find_by(issuer: 'http://test.host').acs_url }. - to('http://test.host/test/saml/decode_assertion').and( - change { ServiceProvider.find_by(issuer: 'http://test.host').certs }. - to([Rails.root.join('certs', 'sp', 'saml_test_sp.crt').read]), + change { ServiceProvider.find_by(issuer: 'http://test.host').acs_url } + .to('http://test.host/test/saml/decode_assertion').and( + change { ServiceProvider.find_by(issuer: 'http://test.host').certs } + .to([Rails.root.join('certs', 'sp', 'saml_test_sp.crt').read]), ), ) end diff --git a/spec/services/service_provider_updater_spec.rb b/spec/services/service_provider_updater_spec.rb index b398c92d381..480c72e7ce6 100644 --- a/spec/services/service_provider_updater_spec.rb +++ b/spec/services/service_provider_updater_spec.rb @@ -105,12 +105,12 @@ expect(sp.updated_at).to_not eq friendly_sp[:updated_at] expect(sp.created_at).to_not eq friendly_sp[:created_at] expect(sp.approved).to eq true - expect(sp.help_text['sign_in']).to eq friendly_sp[:help_text][:sign_in]. - stringify_keys - expect(sp.help_text['sign_up']).to eq friendly_sp[:help_text][:sign_up]. - stringify_keys - expect(sp.help_text['forgot_password']).to eq friendly_sp[:help_text][:forgot_password]. - stringify_keys + expect(sp.help_text['sign_in']).to eq friendly_sp[:help_text][:sign_in] + .stringify_keys + expect(sp.help_text['sign_up']).to eq friendly_sp[:help_text][:sign_up] + .stringify_keys + expect(sp.help_text['forgot_password']).to eq friendly_sp[:help_text][:forgot_password] + .stringify_keys end it 'updates existing dashboard-provided Service Providers' do @@ -128,12 +128,12 @@ expect(sp.updated_at).to_not eq friendly_sp[:updated_at] expect(sp.created_at).to_not eq friendly_sp[:created_at] expect(sp.approved).to eq true - expect(sp.help_text['sign_in']).to eq friendly_sp[:help_text][:sign_in]. - stringify_keys - expect(sp.help_text['sign_up']).to eq friendly_sp[:help_text][:sign_up]. - stringify_keys - expect(sp.help_text['forgot_password']).to eq friendly_sp[:help_text][:forgot_password]. - stringify_keys + expect(sp.help_text['sign_in']).to eq friendly_sp[:help_text][:sign_in] + .stringify_keys + expect(sp.help_text['sign_up']).to eq friendly_sp[:help_text][:sign_up] + .stringify_keys + expect(sp.help_text['forgot_password']).to eq friendly_sp[:help_text][:forgot_password] + .stringify_keys end it 'removes inactive Service Providers' do @@ -161,8 +161,8 @@ end it 'updates certs (plural)' do - expect { subject.run }. - to(change { ServiceProvider.find_by(issuer: oidc_issuer)&.ssl_certs&.size }.to(2)) + expect { subject.run } + .to(change { ServiceProvider.find_by(issuer: oidc_issuer)&.ssl_certs&.size }.to(2)) end end @@ -175,8 +175,8 @@ subject.run - expect(Rails.logger).to have_received(:error). - with("Failed to parse response from #{fake_dashboard_url}: ") + expect(Rails.logger).to have_received(:error) + .with("Failed to parse response from #{fake_dashboard_url}: ") expect(ServiceProvider.count).to eq before_count end end @@ -243,8 +243,8 @@ subject.run - expect(Rails.logger).to have_received(:error). - with("Failed to contact #{fake_dashboard_url}") + expect(Rails.logger).to have_received(:error) + .with("Failed to contact #{fake_dashboard_url}") expect(ServiceProvider.count).to eq before_count end end diff --git a/spec/services/sp_handoff_bouncer_spec.rb b/spec/services/sp_handoff_bouncer_spec.rb index 358cb3fcbda..9f590174b9d 100644 --- a/spec/services/sp_handoff_bouncer_spec.rb +++ b/spec/services/sp_handoff_bouncer_spec.rb @@ -7,8 +7,8 @@ describe '#add_handoff_time!' do it 'sets the handoff time in the session' do - expect { bouncer.add_handoff_time!(now) }. - to(change { sp_session[:sp_handoff_start_time] }.to(now)) + expect { bouncer.add_handoff_time!(now) } + .to(change { sp_session[:sp_handoff_start_time] }.to(now)) end end diff --git a/spec/services/string_redacter_spec.rb b/spec/services/string_redacter_spec.rb index 5c90b2ab1f8..489f297f74e 100644 --- a/spec/services/string_redacter_spec.rb +++ b/spec/services/string_redacter_spec.rb @@ -3,8 +3,8 @@ RSpec.describe 'StringRedacter' do describe '#redact_alphanumeric' do it 'leaves in punctuation and spaces, but removes letters and numbers' do - expect(StringRedacter.redact_alphanumeric('+11 (555) DEF-1234')). - to eq('+## (###) XXX-####') + expect(StringRedacter.redact_alphanumeric('+11 (555) DEF-1234')) + .to eq('+## (###) XXX-####') end end end diff --git a/spec/services/update_user_phone_configuration_spec.rb b/spec/services/update_user_phone_configuration_spec.rb index 5b1d7817cec..1ba36b660c3 100644 --- a/spec/services/update_user_phone_configuration_spec.rb +++ b/spec/services/update_user_phone_configuration_spec.rb @@ -42,8 +42,8 @@ end it 'sends a recovery information changed event' do - expect(PushNotification::HttpPush).to receive(:deliver). - with(PushNotification::RecoveryInformationChangedEvent.new(user: user)) + expect(PushNotification::HttpPush).to receive(:deliver) + .with(PushNotification::RecoveryInformationChangedEvent.new(user: user)) confirmed_at = 1.day.ago.change(usec: 0) attributes = { otp_delivery_preference: 'voice', @@ -123,8 +123,8 @@ phone_configuration.update(made_default_at: original_made_default_at) UpdateUserPhoneConfiguration.new(user: user, attributes: attributes).call phone_configuration.reload - expect(phone_configuration.made_default_at). - to be_within(1.second).of original_made_default_at + expect(phone_configuration.made_default_at) + .to be_within(1.second).of original_made_default_at end end diff --git a/spec/services/user_alerts/alert_user_about_new_device_spec.rb b/spec/services/user_alerts/alert_user_about_new_device_spec.rb index 7c295e605f1..32ae02d62ef 100644 --- a/spec/services/user_alerts/alert_user_about_new_device_spec.rb +++ b/spec/services/user_alerts/alert_user_about_new_device_spec.rb @@ -10,9 +10,9 @@ subject(:result) { described_class.schedule_alert(event:) } it 'sets the user sign_in_new_device_at value to time of the given event' do - expect { result }.to change { user.reload.sign_in_new_device_at&.change(usec: 0) }. - from(nil). - to(event.created_at.change(usec: 0)) + expect { result }.to change { user.reload.sign_in_new_device_at&.change(usec: 0) } + .from(nil) + .to(event.created_at.change(usec: 0)) end end @@ -36,9 +36,9 @@ end it 'unsets sign_in_new_device_at on the user' do - expect { result }.to change { user.reload.sign_in_new_device_at&.change(usec: 0) }. - from(sign_in_new_device_at.change(usec: 0)). - to(nil) + expect { result }.to change { user.reload.sign_in_new_device_at&.change(usec: 0) } + .from(sign_in_new_device_at.change(usec: 0)) + .to(nil) end context 'with sign in notification expired disavowal event' do diff --git a/spec/services/user_alerts/alert_user_about_personal_key_sign_in_spec.rb b/spec/services/user_alerts/alert_user_about_personal_key_sign_in_spec.rb index ebd57cbdbd7..514bb1ce6f0 100644 --- a/spec/services/user_alerts/alert_user_about_personal_key_sign_in_spec.rb +++ b/spec/services/user_alerts/alert_user_about_personal_key_sign_in_spec.rb @@ -17,10 +17,10 @@ response = described_class.call(user, disavowal_token) - expect(Telephony).to have_received(:send_personal_key_sign_in_notice). - with(to: phone_configurations[0].phone, country_code: 'US') - expect(Telephony).to have_received(:send_personal_key_sign_in_notice). - with(to: phone_configurations[1].phone, country_code: 'US') + expect(Telephony).to have_received(:send_personal_key_sign_in_notice) + .with(to: phone_configurations[0].phone, country_code: 'US') + expect(Telephony).to have_received(:send_personal_key_sign_in_notice) + .with(to: phone_configurations[1].phone, country_code: 'US') expect(response.to_h[:emails]).to eq(2) expect(response.to_h[:sms_message_ids].size).to eq(2) diff --git a/spec/services/user_event_creator_spec.rb b/spec/services/user_event_creator_spec.rb index 30686caa949..5ddc4e8e062 100644 --- a/spec/services/user_event_creator_spec.rb +++ b/spec/services/user_event_creator_spec.rb @@ -87,9 +87,9 @@ end it 'saves the cookie permanently' do - expect { subject.create_user_event(event_type, user) }.to change { cookie_jar[:device] }. - from(nil). - to(lambda { |value| value == Device.last.cookie_uuid }) + expect { subject.create_user_event(event_type, user) }.to change { cookie_jar[:device] } + .from(nil) + .to(lambda { |value| value == Device.last.cookie_uuid }) end end end @@ -99,8 +99,8 @@ it 'creates a device with a disavowal' do event, disavowal_token = subject.create_user_event_with_disavowal(event_type, user) - expect(event.disavowal_token_fingerprint). - to eq(Pii::Fingerprinter.fingerprint(disavowal_token)) + expect(event.disavowal_token_fingerprint) + .to eq(Pii::Fingerprinter.fingerprint(disavowal_token)) end end diff --git a/spec/services/usps_in_person_proofing/enrollment_helper_spec.rb b/spec/services/usps_in_person_proofing/enrollment_helper_spec.rb index cb549770d51..a0aee910a79 100644 --- a/spec/services/usps_in_person_proofing/enrollment_helper_spec.rb +++ b/spec/services/usps_in_person_proofing/enrollment_helper_spec.rb @@ -9,9 +9,9 @@ let(:current_address_matches_id) { false } let(:pii) do Pii::Attributes.new_from_hash( - Idp::Constants::MOCK_IDV_APPLICANT_SAME_ADDRESS_AS_ID_WITH_PHONE. - merge(same_address_as_id: current_address_matches_id ? 'true' : 'false'). - transform_keys(&:to_s), + Idp::Constants::MOCK_IDV_APPLICANT_SAME_ADDRESS_AS_ID_WITH_PHONE + .merge(same_address_as_id: current_address_matches_id ? 'true' : 'false') + .transform_keys(&:to_s), ) end subject(:subject) { described_class } @@ -30,16 +30,16 @@ stub_request_token stub_request_enroll allow(IdentityConfig.store).to receive(:usps_mock_fallback).and_return(usps_mock_fallback) - allow(IdentityConfig.store).to receive(:usps_ipp_enrollment_status_update_email_address). - and_return(usps_ipp_enrollment_status_update_email_address) + allow(IdentityConfig.store).to receive(:usps_ipp_enrollment_status_update_email_address) + .and_return(usps_ipp_enrollment_status_update_email_address) allow(subject).to receive(:transliterator).and_return(transliterator) - allow(transliterator).to receive(:transliterate). - with(anything) do |val| + allow(transliterator).to receive(:transliterate) + .with(anything) do |val| transliterated_without_change(val) end allow(subject).to receive(:analytics).and_return(subject_analytics) - allow(IdentityConfig.store).to receive(:usps_ipp_transliteration_enabled). - and_return(usps_ipp_transliteration_enabled) + allow(IdentityConfig.store).to receive(:usps_ipp_transliteration_enabled) + .and_return(usps_ipp_transliteration_enabled) allow(IdentityConfig.store).to receive(:usps_ipp_sponsor_id).and_return(usps_ipp_sponsor_id) end @@ -118,10 +118,10 @@ context 'same address as id is false' do let(:pii) do Pii::Attributes.new_from_hash( - Idp::Constants::MOCK_IDV_APPLICANT_WITH_PHONE. - merge(same_address_as_id: current_address_matches_id ? 'true' : 'false'). - merge(Idp::Constants::MOCK_IDV_APPLICANT_STATE_ID_ADDRESS). - transform_keys(&:to_s), + Idp::Constants::MOCK_IDV_APPLICANT_WITH_PHONE + .merge(same_address_as_id: current_address_matches_id ? 'true' : 'false') + .merge(Idp::Constants::MOCK_IDV_APPLICANT_STATE_ID_ADDRESS) + .transform_keys(&:to_s), ) end @@ -155,14 +155,14 @@ address = Idp::Constants::MOCK_IDV_APPLICANT[:address1] city = Idp::Constants::MOCK_IDV_APPLICANT[:city] - expect(transliterator).to receive(:transliterate). - with(first_name).and_return(transliterated_without_change(first_name)) - expect(transliterator).to receive(:transliterate). - with(last_name).and_return(transliterated(last_name)) - expect(transliterator).to receive(:transliterate). - with(address).and_return(transliterated_with_failure(address)) - expect(transliterator).to receive(:transliterate). - with(city).and_return(transliterated(city)) + expect(transliterator).to receive(:transliterate) + .with(first_name).and_return(transliterated_without_change(first_name)) + expect(transliterator).to receive(:transliterate) + .with(last_name).and_return(transliterated(last_name)) + expect(transliterator).to receive(:transliterate) + .with(address).and_return(transliterated_with_failure(address)) + expect(transliterator).to receive(:transliterate) + .with(city).and_return(transliterated(city)) expect(proofer).to receive(:request_enroll) do |applicant| expect(applicant.first_name).to eq(first_name) @@ -352,8 +352,8 @@ ) end before do - allow(IdentityConfig.store).to receive(:usps_eipp_sponsor_id). - and_return(usps_eipp_sponsor_id) + allow(IdentityConfig.store).to receive(:usps_eipp_sponsor_id) + .and_return(usps_eipp_sponsor_id) allow(UspsInPersonProofing::Mock::Proofer).to receive(:new).and_return(proofer) allow(proofer).to receive(:request_enroll).and_call_original end diff --git a/spec/services/usps_in_person_proofing/proofer_spec.rb b/spec/services/usps_in_person_proofing/proofer_spec.rb index eae18260f75..f4e4763d005 100644 --- a/spec/services/usps_in_person_proofing/proofer_spec.rb +++ b/spec/services/usps_in_person_proofing/proofer_spec.rb @@ -36,19 +36,19 @@ password = 'test password' client_id = 'test client id' - expect(IdentityConfig.store).to receive(:usps_ipp_root_url). - and_return(root_url) - expect(IdentityConfig.store).to receive(:usps_ipp_username). - and_return(username) - expect(IdentityConfig.store).to receive(:usps_ipp_password). - and_return(password) - expect(IdentityConfig.store).to receive(:usps_ipp_client_id). - and_return(client_id) + expect(IdentityConfig.store).to receive(:usps_ipp_root_url) + .and_return(root_url) + expect(IdentityConfig.store).to receive(:usps_ipp_username) + .and_return(username) + expect(IdentityConfig.store).to receive(:usps_ipp_password) + .and_return(password) + expect(IdentityConfig.store).to receive(:usps_ipp_client_id) + .and_return(client_id) subject.retrieve_token! - expect(WebMock).to have_requested(:post, "#{root_url}/oauth/authenticate"). - with( + expect(WebMock).to have_requested(:post, "#{root_url}/oauth/authenticate") + .with( body: hash_including( { 'username' => username, @@ -169,8 +169,8 @@ stub_request_facilities subject.request_facilities(location, is_enhanced_ipp) - expect(WebMock).to have_requested(:post, request_url). - with( + expect(WebMock).to have_requested(:post, request_url) + .with( body: hash_including( { sponsorID: usps_ipp_sponsor_id, @@ -212,15 +212,15 @@ let(:usps_eipp_sponsor_id) { '314159265359' } let(:is_enhanced_ipp) { true } before do - allow(IdentityConfig.store).to receive(:usps_eipp_sponsor_id). - and_return(usps_eipp_sponsor_id) + allow(IdentityConfig.store).to receive(:usps_eipp_sponsor_id) + .and_return(usps_eipp_sponsor_id) end it 'uses the usps_eipp_sponsor_id in calls to the USPS API' do stub_request_enhanced_ipp_facilities subject.request_facilities(location, is_enhanced_ipp) - expect(WebMock).to have_requested(:post, request_url). - with( + expect(WebMock).to have_requested(:post, request_url) + .with( body: hash_including( { sponsorID: usps_eipp_sponsor_id.to_i, @@ -289,8 +289,8 @@ before do stub_request_token - allow(IdentityConfig.store).to receive(:usps_ipp_sponsor_id). - and_return(usps_ipp_sponsor_id) + allow(IdentityConfig.store).to receive(:usps_ipp_sponsor_id) + .and_return(usps_ipp_sponsor_id) end it 'returns enrollment information' do @@ -305,8 +305,8 @@ stub_request_enroll_bad_request_response expect { subject.request_enroll(applicant, is_enhanced_ipp) }.to raise_error( - an_instance_of(Faraday::BadRequestError). - and(having_attributes( + an_instance_of(Faraday::BadRequestError) + .and(having_attributes( response: include( body: include( 'responseMessage' => 'Sponsor for sponsorID 5 not found', @@ -320,8 +320,8 @@ stub_request_enroll_internal_server_error_response expect { subject.request_enroll(applicant, is_enhanced_ipp) }.to raise_error( - an_instance_of(Faraday::ServerError). - and(having_attributes( + an_instance_of(Faraday::ServerError) + .and(having_attributes( response: include( body: include( 'responseMessage' => 'An internal error occurred processing the request', @@ -335,8 +335,8 @@ stub_request_enroll subject.request_enroll(applicant, is_enhanced_ipp) - expect(WebMock).to have_requested(:post, request_url). - with( + expect(WebMock).to have_requested(:post, request_url) + .with( body: hash_including( { sponsorID: usps_ipp_sponsor_id.to_i, @@ -378,15 +378,15 @@ let(:ipp_assurance_level) { '2.0' } let(:is_enhanced_ipp) { true } before do - allow(IdentityConfig.store).to receive(:usps_eipp_sponsor_id). - and_return(usps_eipp_sponsor_id) + allow(IdentityConfig.store).to receive(:usps_eipp_sponsor_id) + .and_return(usps_eipp_sponsor_id) end it 'uses the enhanced ipp usps_eipp_sponsor_id & IPPAssuranceLevel in calls to USPS API' do stub_request_enroll subject.request_enroll(applicant, is_enhanced_ipp) - expect(WebMock).to have_requested(:post, request_url). - with( + expect(WebMock).to have_requested(:post, request_url) + .with( body: hash_including( { sponsorID: usps_eipp_sponsor_id.to_i, @@ -457,8 +457,8 @@ expect do subject.request_proofing_results(applicant) end.to raise_error( - an_instance_of(Faraday::BadRequestError). - and(having_attributes( + an_instance_of(Faraday::BadRequestError) + .and(having_attributes( response: include( body: include( 'responseMessage' => 'Customer has not been to a post office to complete IPP', diff --git a/spec/services/usps_in_person_proofing/transliterable_validator_spec.rb b/spec/services/usps_in_person_proofing/transliterable_validator_spec.rb index cb016ac3027..51ac5f95f3a 100644 --- a/spec/services/usps_in_person_proofing/transliterable_validator_spec.rb +++ b/spec/services/usps_in_person_proofing/transliterable_validator_spec.rb @@ -29,8 +29,8 @@ end before do - allow(IdentityConfig.store).to receive(:usps_ipp_transliteration_enabled). - and_return(usps_ipp_transliteration_enabled) + allow(IdentityConfig.store).to receive(:usps_ipp_transliteration_enabled) + .and_return(usps_ipp_transliteration_enabled) end subject(:validator) { described_class.new(options) } @@ -111,8 +111,8 @@ before do allow(validator).to receive(:analytics).and_return(analytics) - allow(validator.transliterator).to receive(:transliterate).with('def'). - and_return( + allow(validator.transliterator).to receive(:transliterate).with('def') + .and_return( UspsInPersonProofing::Transliterator::TransliterationResult.new( changed?: true, original: 'def', @@ -156,8 +156,8 @@ let(:transliterated_value_returned) { '1234' } let(:invalid_field) { 'def' } before do - allow(validator.transliterator).to receive(:transliterate).with('def'). - and_return( + allow(validator.transliterator).to receive(:transliterate).with('def') + .and_return( UspsInPersonProofing::Transliterator::TransliterationResult.new( changed?: true, original: 'def', diff --git a/spec/services/usps_in_person_proofing/transliterator_spec.rb b/spec/services/usps_in_person_proofing/transliterator_spec.rb index 85aaa971ffa..dd114eccad8 100644 --- a/spec/services/usps_in_person_proofing/transliterator_spec.rb +++ b/spec/services/usps_in_person_proofing/transliterator_spec.rb @@ -27,9 +27,9 @@ expect(result.unsupported_chars).to include('И', 'Љ') end it 'transliterates using English locale' do - expect(I18n).to receive(:transliterate). - with(duck_type(:to_s), locale: :en). - and_call_original.at_least(:once) + expect(I18n).to receive(:transliterate) + .with(duck_type(:to_s), locale: :en) + .and_call_original.at_least(:once) result end it 'does not count question marks as unsupported characters by default' do diff --git a/spec/services/vot/parser_spec.rb b/spec/services/vot/parser_spec.rb index 6065776e08b..4ec977cb0ff 100644 --- a/spec/services/vot/parser_spec.rb +++ b/spec/services/vot/parser_spec.rb @@ -4,8 +4,11 @@ describe '#parse' do context 'when neither a VtR nor ACR values are provided' do it 'raises an error' do - expect { Vot::Parser.new(vector_of_trust: nil, acr_values: nil).parse }. - to raise_error(Vot::Parser::ParseException, 'VoT parser called without VoT or ACR values') + expect { Vot::Parser.new(vector_of_trust: nil, acr_values: nil).parse } + .to raise_error( + Vot::Parser::ParseException, + 'VoT parser called without VoT or ACR values', + ) end end diff --git a/spec/simplecov_helper.rb b/spec/simplecov_helper.rb index 3a327d3a971..fac68152203 100644 --- a/spec/simplecov_helper.rb +++ b/spec/simplecov_helper.rb @@ -20,9 +20,9 @@ def self.configure # by using the job name. Folders end up being coverage/specs-1-5, coverage/specs-2-5, etc. # This is not necessarily folder name friendly, so non-alphabetic/numeric characters are # removed. - job_name = ENV['CI_JOB_NAME'].downcase. - gsub(/[^a-z0-9]/, '-')[0..62]. - gsub(/(\A-+|-+\z)/, '') + job_name = ENV['CI_JOB_NAME'].downcase + .gsub(/[^a-z0-9]/, '-')[0..62] + .gsub(/(\A-+|-+\z)/, '') command_name job_name coverage_dir "coverage/#{job_name}" end diff --git a/spec/support/aamva_fixtures.rb b/spec/support/aamva_fixtures.rb index 745382a673c..21600dae4bb 100644 --- a/spec/support/aamva_fixtures.rb +++ b/spec/support/aamva_fixtures.rb @@ -48,10 +48,10 @@ def self.aamva_test_data end def self.authentication_token_request - read_fixture_file('proofing/aamva/requests/authentication_token_request.xml'). - gsub(/^\s+/, ''). - gsub(/\s+$/, ''). - delete("\n") + "\n" + read_fixture_file('proofing/aamva/requests/authentication_token_request.xml') + .gsub(/^\s+/, '') + .gsub(/\s+$/, '') + .delete("\n") + "\n" end def self.authentication_token_response @@ -59,10 +59,10 @@ def self.authentication_token_response end def self.security_token_request - read_fixture_file('proofing/aamva/requests/security_token_request.xml'). - gsub(/^\s+/, ''). - gsub(/\s+$/, ''). - delete("\n") + "\n" + read_fixture_file('proofing/aamva/requests/security_token_request.xml') + .gsub(/^\s+/, '') + .gsub(/\s+$/, '') + .delete("\n") + "\n" end def self.security_token_response diff --git a/spec/support/controller_helper.rb b/spec/support/controller_helper.rb index 7e8b1f15d10..d03875df7cf 100644 --- a/spec/support/controller_helper.rb +++ b/spec/support/controller_helper.rb @@ -55,8 +55,8 @@ def stub_verify_steps_one_and_two( def stub_user_with_pending_profile(user) allow(user).to receive(:pending_profile).and_return(pending_profile) - allow(user).to receive(:gpo_verification_pending_profile?). - and_return(has_pending_profile) + allow(user).to receive(:gpo_verification_pending_profile?) + .and_return(has_pending_profile) user end diff --git a/spec/support/deprecated_classes.rb b/spec/support/deprecated_classes.rb index 16e595e48e1..8cc98e12a85 100644 --- a/spec/support/deprecated_classes.rb +++ b/spec/support/deprecated_classes.rb @@ -1,10 +1,10 @@ class ActionView::Helpers::TagHelper::TagBuilder def self.deprecated_classes @deprecated_classes ||= begin - YAML.safe_load(File.read(File.expand_path('../../../.erb_lint.yml', __FILE__))). - dig('linters', 'DeprecatedClasses', 'rule_set'). - flat_map { |rule| rule['deprecated'] }. - map { |regex_str| Regexp.new "^#{regex_str}$" } + YAML.safe_load(File.read(File.expand_path('../../../.erb_lint.yml', __FILE__))) + .dig('linters', 'DeprecatedClasses', 'rule_set') + .flat_map { |rule| rule['deprecated'] } + .map { |regex_str| Regexp.new "^#{regex_str}$" } end end diff --git a/spec/support/diff_helper.rb b/spec/support/diff_helper.rb index be56abc0a99..162cdc2344d 100644 --- a/spec/support/diff_helper.rb +++ b/spec/support/diff_helper.rb @@ -6,9 +6,9 @@ def assert_error_messages_equal(err, expected) end def normalize_error_message(message) - message. - gsub(/\x1b\[[0-9;]*m/, ''). # Strip ANSI control characters used for color - gsub(/:0x[0-9a-f]{16}/, ':'). - strip + message + .gsub(/\x1b\[[0-9;]*m/, '') # Strip ANSI control characters used for color + .gsub(/:0x[0-9a-f]{16}/, ':') + .strip end end diff --git a/spec/support/fake_analytics.rb b/spec/support/fake_analytics.rb index 6f43aaa06e7..450bbbbbbb2 100644 --- a/spec/support/fake_analytics.rb +++ b/spec/support/fake_analytics.rb @@ -77,20 +77,20 @@ module UndocumentedParamsChecker mattr_accessor :docstrings def track_event(event, original_attributes = {}) - method_name = caller. - grep(/analytics_events\.rb/)&. - first&. - match(/:in `(?[^']+)'/)&. - [](:method_name)&. - to_sym + method_name = caller + .grep(/analytics_events\.rb/) + &.first + &.match(/:in `(?[^']+)'/) + &.[](:method_name) + &.to_sym if method_name analytics_method = AnalyticsEvents.instance_method(method_name) - param_names = analytics_method. - parameters. - select { |type, _name| [:keyreq, :key].include?(type) }. - map(&:last) + param_names = analytics_method + .parameters + .select { |type, _name| [:keyreq, :key].include?(type) } + .map(&:last) extra_keywords = original_attributes.keys \ - [:pii_like_keypaths, :user_id] \ @@ -127,9 +127,9 @@ def option_param_names(instance_method) file = instance_method.source_location.first ast = self.asts[file] ||= begin - YARD::Parser::Ruby::RubyParser.new(File.read(file), file). - parse. - ast + YARD::Parser::Ruby::RubyParser.new(File.read(file), file) + .parse + .ast end docstring = self.docstrings[instance_method.name] ||= begin @@ -140,8 +140,8 @@ def option_param_names(instance_method) YARD::DocstringParser.new.parse(node.docstring).to_docstring end - docstring.tags.select { |tag| tag.tag_name == 'option' }. - map { |tag| tag.pair.name.tr(%('"), '') } + docstring.tags.select { |tag| tag.tag_name == 'option' } + .map { |tag| tag.pair.name.tr(%('"), '') } end end diff --git a/spec/support/fake_analytics_spec.rb b/spec/support/fake_analytics_spec.rb index e1b9291ea28..30717e1529e 100644 --- a/spec/support/fake_analytics_spec.rb +++ b/spec/support/fake_analytics_spec.rb @@ -9,8 +9,8 @@ let(:code_under_test) { -> { expect(analytics).to have_logged_event } } it 'raises if event was not logged' do - expect(&code_under_test). - to raise_error(RSpec::Expectations::ExpectationNotMetError) do |err| + expect(&code_under_test) + .to raise_error(RSpec::Expectations::ExpectationNotMetError) do |err| assert_error_messages_equal(err, <<~MESSAGE) Expected that FakeAnalytics would have received event nil @@ -22,16 +22,16 @@ it 'does not raise if event was logged 1x' do track_event.call - expect(&code_under_test). - not_to raise_error(RSpec::Expectations::ExpectationNotMetError) + expect(&code_under_test) + .not_to raise_error(RSpec::Expectations::ExpectationNotMetError) end it 'does not raise if event was logged 2x' do track_event.call track_event.call - expect(&code_under_test). - not_to raise_error(RSpec::Expectations::ExpectationNotMetError) + expect(&code_under_test) + .not_to raise_error(RSpec::Expectations::ExpectationNotMetError) end end @@ -40,8 +40,8 @@ let(:code_under_test) { -> { expect(analytics).to have_logged_event(:my_event) } } it 'raises if no event has been logged' do - expect(&code_under_test). - to raise_error(RSpec::Expectations::ExpectationNotMetError) do |err| + expect(&code_under_test) + .to raise_error(RSpec::Expectations::ExpectationNotMetError) do |err| assert_error_messages_equal(err, <<~MESSAGE) Expected that FakeAnalytics would have received event :my_event @@ -54,8 +54,8 @@ it 'raises if another type of event has been logged' do analytics.track_event(:my_other_event) - expect(&code_under_test). - to raise_error(RSpec::Expectations::ExpectationNotMetError) do |err| + expect(&code_under_test) + .to raise_error(RSpec::Expectations::ExpectationNotMetError) do |err| assert_error_messages_equal(err, <<~MESSAGE) Expected that FakeAnalytics would have received event :my_event @@ -67,24 +67,24 @@ it 'does not raise if event was logged 1x' do track_event.call - expect(&code_under_test). - not_to raise_error(RSpec::Expectations::ExpectationNotMetError) + expect(&code_under_test) + .not_to raise_error(RSpec::Expectations::ExpectationNotMetError) end it 'does not raise if event was logged 2x' do track_event.call track_event.call - expect(&code_under_test). - not_to raise_error(RSpec::Expectations::ExpectationNotMetError) + expect(&code_under_test) + .not_to raise_error(RSpec::Expectations::ExpectationNotMetError) end describe '.once' do let(:code_under_test) { -> { expect(analytics).to have_logged_event(:my_event).once } } it 'raises if no event has been logged' do - expect(&code_under_test). - to raise_error(RSpec::Expectations::ExpectationNotMetError) do |err| + expect(&code_under_test) + .to raise_error(RSpec::Expectations::ExpectationNotMetError) do |err| assert_error_messages_equal(err, <<~MESSAGE) Expected that FakeAnalytics would have received event :my_event once but it was received 0 times @@ -96,16 +96,16 @@ it 'does not raise if event was logged 1x' do track_event.call - expect(&code_under_test). - not_to raise_error(RSpec::Expectations::ExpectationNotMetError) + expect(&code_under_test) + .not_to raise_error(RSpec::Expectations::ExpectationNotMetError) end it 'raises if event was logged 2x' do track_event.call track_event.call - expect(&code_under_test). - to raise_error(RSpec::Expectations::ExpectationNotMetError) do |err| + expect(&code_under_test) + .to raise_error(RSpec::Expectations::ExpectationNotMetError) do |err| assert_error_messages_equal(err, <<~MESSAGE) Expected that FakeAnalytics would have received event :my_event once but it was received twice @@ -129,8 +129,8 @@ let(:code_under_test) { -> { expect(analytics).to have_logged_event(:my_event, arg1: 42) } } it 'raises if no event has been logged' do - expect(&code_under_test). - to raise_error(RSpec::Expectations::ExpectationNotMetError) do |err| + expect(&code_under_test) + .to raise_error(RSpec::Expectations::ExpectationNotMetError) do |err| assert_error_messages_equal(err, <<~MESSAGE) Expected that FakeAnalytics would have received event :my_event with {:arg1=>42} @@ -144,8 +144,8 @@ it 'raises if another type of event has been logged' do track_other_event.call - expect(&code_under_test). - to raise_error(RSpec::Expectations::ExpectationNotMetError) do |err| + expect(&code_under_test) + .to raise_error(RSpec::Expectations::ExpectationNotMetError) do |err| assert_error_messages_equal(err, <<~MESSAGE) Expected that FakeAnalytics would have received event :my_event with {:arg1=>42} @@ -159,8 +159,8 @@ it 'raises if only a non-matching event of the same type has been logged' do track_event_with_different_args.call - expect(&code_under_test). - to raise_error(RSpec::Expectations::ExpectationNotMetError) do |err| + expect(&code_under_test) + .to raise_error(RSpec::Expectations::ExpectationNotMetError) do |err| assert_error_messages_equal(err, <<~MESSAGE) Expected that FakeAnalytics would have received event :my_event expected: {:arg1=>42} @@ -177,8 +177,8 @@ it 'raises if an event that matches but has additional args has been logged' do track_event_with_extra_args.call - expect(&code_under_test). - to raise_error(RSpec::Expectations::ExpectationNotMetError) do |err| + expect(&code_under_test) + .to raise_error(RSpec::Expectations::ExpectationNotMetError) do |err| assert_error_messages_equal(err, <<~MESSAGE) Expected that FakeAnalytics would have received event :my_event expected: {:arg1=>42} @@ -196,28 +196,28 @@ track_event.call track_event_with_different_args.call - expect(&code_under_test). - not_to raise_error(RSpec::Expectations::ExpectationNotMetError) + expect(&code_under_test) + .not_to raise_error(RSpec::Expectations::ExpectationNotMetError) end it 'does not raise if event was logged 1x' do track_event.call - expect(&code_under_test). - not_to raise_error(RSpec::Expectations::ExpectationNotMetError) + expect(&code_under_test) + .not_to raise_error(RSpec::Expectations::ExpectationNotMetError) end it 'does not raise if event was logged 1x' do track_event.call - expect(&code_under_test). - not_to raise_error(RSpec::Expectations::ExpectationNotMetError) + expect(&code_under_test) + .not_to raise_error(RSpec::Expectations::ExpectationNotMetError) end it 'does not raise if event was logged 2x' do track_event.call track_event.call - expect(&code_under_test). - not_to raise_error(RSpec::Expectations::ExpectationNotMetError) + expect(&code_under_test) + .not_to raise_error(RSpec::Expectations::ExpectationNotMetError) end describe '.once' do @@ -228,8 +228,8 @@ end it 'raises if no event has been logged' do - expect(&code_under_test). - to raise_error(RSpec::Expectations::ExpectationNotMetError) do |err| + expect(&code_under_test) + .to raise_error(RSpec::Expectations::ExpectationNotMetError) do |err| assert_error_messages_equal(err, <<~MESSAGE) Expected that FakeAnalytics would have received event :my_event once but it was received 0 times with {:arg1=>42} @@ -242,16 +242,16 @@ it 'does not raise if event was logged 1x' do track_event.call - expect(&code_under_test). - not_to raise_error(RSpec::Expectations::ExpectationNotMetError) + expect(&code_under_test) + .not_to raise_error(RSpec::Expectations::ExpectationNotMetError) end it 'raises if event was logged 2x' do track_event.call track_event.call - expect(&code_under_test). - to raise_error(RSpec::Expectations::ExpectationNotMetError) do |err| + expect(&code_under_test) + .to raise_error(RSpec::Expectations::ExpectationNotMetError) do |err| assert_error_messages_equal(err, <<~MESSAGE) Expected that FakeAnalytics would have received event :my_event once but it was received twice with {:arg1=>42} @@ -280,8 +280,8 @@ end it 'raises if no event has been logged' do - expect(&code_under_test). - to raise_error(RSpec::Expectations::ExpectationNotMetError) do |err| + expect(&code_under_test) + .to raise_error(RSpec::Expectations::ExpectationNotMetError) do |err| assert_error_messages_equal(err, <<~MESSAGE) Expected that FakeAnalytics would have received matching event :my_event with include(arg1: 42) @@ -295,8 +295,8 @@ it 'raises if another type of event has been logged' do track_other_event.call - expect(&code_under_test). - to raise_error(RSpec::Expectations::ExpectationNotMetError) do |err| + expect(&code_under_test) + .to raise_error(RSpec::Expectations::ExpectationNotMetError) do |err| assert_error_messages_equal(err, <<~MESSAGE) Expected that FakeAnalytics would have received matching event :my_event with include(arg1: 42) @@ -310,8 +310,8 @@ it 'raises if only a non-matching event of the same type has been logged' do track_event_with_different_args.call - expect(&code_under_test). - to raise_error(RSpec::Expectations::ExpectationNotMetError) do |err| + expect(&code_under_test) + .to raise_error(RSpec::Expectations::ExpectationNotMetError) do |err| assert_error_messages_equal(err, <<~MESSAGE) Expected that FakeAnalytics would have received matching event :my_event expected: include(arg1: 42) @@ -329,28 +329,28 @@ track_event.call track_event_with_different_args.call - expect(&code_under_test). - not_to raise_error(RSpec::Expectations::ExpectationNotMetError) + expect(&code_under_test) + .not_to raise_error(RSpec::Expectations::ExpectationNotMetError) end it 'does not raise if event was logged 1x' do track_event.call - expect(&code_under_test). - not_to raise_error(RSpec::Expectations::ExpectationNotMetError) + expect(&code_under_test) + .not_to raise_error(RSpec::Expectations::ExpectationNotMetError) end it 'does not raise if event was logged 1x' do track_event.call - expect(&code_under_test). - not_to raise_error(RSpec::Expectations::ExpectationNotMetError) + expect(&code_under_test) + .not_to raise_error(RSpec::Expectations::ExpectationNotMetError) end it 'does not raise if event was logged 2x' do track_event.call track_event.call - expect(&code_under_test). - not_to raise_error(RSpec::Expectations::ExpectationNotMetError) + expect(&code_under_test) + .not_to raise_error(RSpec::Expectations::ExpectationNotMetError) end describe '.once' do @@ -361,8 +361,8 @@ end it 'raises if no event has been logged' do - expect(&code_under_test). - to raise_error(RSpec::Expectations::ExpectationNotMetError) do |err| + expect(&code_under_test) + .to raise_error(RSpec::Expectations::ExpectationNotMetError) do |err| assert_error_messages_equal(err, <<~MESSAGE) Expected that FakeAnalytics would have received matching event :my_event once but it was received 0 times with include(arg1: 42) @@ -375,16 +375,16 @@ it 'does not raise if event was logged 1x' do track_event.call - expect(&code_under_test). - not_to raise_error(RSpec::Expectations::ExpectationNotMetError) + expect(&code_under_test) + .not_to raise_error(RSpec::Expectations::ExpectationNotMetError) end it 'raises if event was logged 2x' do track_event.call track_event.call - expect(&code_under_test). - to raise_error(RSpec::Expectations::ExpectationNotMetError) do |err| + expect(&code_under_test) + .to raise_error(RSpec::Expectations::ExpectationNotMetError) do |err| assert_error_messages_equal(err, <<~MESSAGE) Expected that FakeAnalytics would have received matching event :my_event once but it was received twice with include(arg1: 42) @@ -413,8 +413,8 @@ end it 'raises if no event has been logged' do - expect(&code_under_test). - to raise_error(RSpec::Expectations::ExpectationNotMetError) do |err| + expect(&code_under_test) + .to raise_error(RSpec::Expectations::ExpectationNotMetError) do |err| assert_error_messages_equal(err, <<~MESSAGE) Expected that FakeAnalytics would have received matching event :my_event with hash_including(arg1: 42) @@ -428,8 +428,8 @@ it 'raises if another type of event has been logged' do track_other_event.call - expect(&code_under_test). - to raise_error(RSpec::Expectations::ExpectationNotMetError) do |err| + expect(&code_under_test) + .to raise_error(RSpec::Expectations::ExpectationNotMetError) do |err| assert_error_messages_equal(err, <<~MESSAGE) Expected that FakeAnalytics would have received matching event :my_event with hash_including(arg1: 42) @@ -443,8 +443,8 @@ it 'raises if only a non-matching event of the same type has been logged' do track_event_with_different_args.call - expect(&code_under_test). - to raise_error(RSpec::Expectations::ExpectationNotMetError) do |err| + expect(&code_under_test) + .to raise_error(RSpec::Expectations::ExpectationNotMetError) do |err| assert_error_messages_equal(err, <<~MESSAGE) Expected that FakeAnalytics would have received matching event :my_event expected: hash_including(arg1: 42) @@ -462,28 +462,28 @@ track_event.call track_event_with_different_args.call - expect(&code_under_test). - not_to raise_error(RSpec::Expectations::ExpectationNotMetError) + expect(&code_under_test) + .not_to raise_error(RSpec::Expectations::ExpectationNotMetError) end it 'does not raise if event was logged 1x' do track_event.call - expect(&code_under_test). - not_to raise_error(RSpec::Expectations::ExpectationNotMetError) + expect(&code_under_test) + .not_to raise_error(RSpec::Expectations::ExpectationNotMetError) end it 'does not raise if event was logged 1x' do track_event.call - expect(&code_under_test). - not_to raise_error(RSpec::Expectations::ExpectationNotMetError) + expect(&code_under_test) + .not_to raise_error(RSpec::Expectations::ExpectationNotMetError) end it 'does not raise if event was logged 2x' do track_event.call track_event.call - expect(&code_under_test). - not_to raise_error(RSpec::Expectations::ExpectationNotMetError) + expect(&code_under_test) + .not_to raise_error(RSpec::Expectations::ExpectationNotMetError) end describe '.once' do @@ -494,8 +494,8 @@ end it 'raises if no event has been logged' do - expect(&code_under_test). - to raise_error(RSpec::Expectations::ExpectationNotMetError) do |err| + expect(&code_under_test) + .to raise_error(RSpec::Expectations::ExpectationNotMetError) do |err| assert_error_messages_equal(err, <<~MESSAGE) Expected that FakeAnalytics would have received matching event :my_event once but it was received 0 times with hash_including(arg1: 42) @@ -508,16 +508,16 @@ it 'does not raise if event was logged 1x' do track_event.call - expect(&code_under_test). - not_to raise_error(RSpec::Expectations::ExpectationNotMetError) + expect(&code_under_test) + .not_to raise_error(RSpec::Expectations::ExpectationNotMetError) end it 'raises if event was logged 2x' do track_event.call track_event.call - expect(&code_under_test). - to raise_error(RSpec::Expectations::ExpectationNotMetError) do |err| + expect(&code_under_test) + .to raise_error(RSpec::Expectations::ExpectationNotMetError) do |err| assert_error_messages_equal(err, <<~MESSAGE) Expected that FakeAnalytics would have received matching event :my_event once but it was received twice with hash_including(arg1: 42) @@ -535,8 +535,8 @@ subject(:analytics) { nil } it 'raises with message explaining that analytics needs to be stubbed' do - expect(&code_under_test). - to raise_error(RSpec::Expectations::ExpectationNotMetError) do |err| + expect(&code_under_test) + .to raise_error(RSpec::Expectations::ExpectationNotMetError) do |err| assert_error_messages_equal(err, <<~MESSAGE) Matching expected logged events requires analytics to be stubbed. @@ -551,20 +551,20 @@ it 'throws an error when pii is passed in' do expect { analytics.track_event('Trackable Event') }.to_not raise_error - expect { analytics.track_event('Trackable Event', first_name: 'Bobby') }. - to raise_error(FakeAnalytics::PiiDetected) + expect { analytics.track_event('Trackable Event', first_name: 'Bobby') } + .to raise_error(FakeAnalytics::PiiDetected) expect do analytics.track_event('Trackable Event', nested: [{ value: { first_name: 'Bobby' } }]) end.to raise_error(FakeAnalytics::PiiDetected) - expect { analytics.track_event('Trackable Event', decrypted_pii: '{"first_name":"Bobby"}') }. - to raise_error(FakeAnalytics::PiiDetected) + expect { analytics.track_event('Trackable Event', decrypted_pii: '{"first_name":"Bobby"}') } + .to raise_error(FakeAnalytics::PiiDetected) end it 'throws an error when it detects sample PII in the payload' do - expect { analytics.track_event('Trackable Event', some_benign_key: 'FAKEY MCFAKERSON') }. - to raise_error(FakeAnalytics::PiiDetected) + expect { analytics.track_event('Trackable Event', some_benign_key: 'FAKEY MCFAKERSON') } + .to raise_error(FakeAnalytics::PiiDetected) end end diff --git a/spec/support/features/document_capture_step_helper.rb b/spec/support/features/document_capture_step_helper.rb index 72c40807522..d92eb073a1a 100644 --- a/spec/support/features/document_capture_step_helper.rb +++ b/spec/support/features/document_capture_step_helper.rb @@ -117,9 +117,9 @@ def stub_docv_verification_data(docv_transaction_token:, body:) docvTransactionToken: docv_transaction_token, } - stub_request(:post, "#{IdentityConfig.store.socure_idplus_base_url}/api/3.0/EmailAuthScore"). - with(body: request_body.to_json). - to_return( + stub_request(:post, "#{IdentityConfig.store.socure_idplus_base_url}/api/3.0/EmailAuthScore") + .with(body: request_body.to_json) + .to_return( headers: { 'Content-Type' => 'application/json', }, @@ -143,8 +143,8 @@ def stub_docv_document_request( }, } - stub_request(:post, IdentityConfig.store.socure_docv_document_request_endpoint). - to_return( + stub_request(:post, IdentityConfig.store.socure_docv_document_request_endpoint) + .to_return( status:, body: body.to_json, ) diff --git a/spec/support/features/session_helper.rb b/spec/support/features/session_helper.rb index 9c9ba9f72d5..897f117a3f0 100644 --- a/spec/support/features/session_helper.rb +++ b/spec/support/features/session_helper.rb @@ -79,8 +79,8 @@ def signin_with_bad_piv end def fill_in_piv_cac_credentials_and_submit(user, - uuid = user. - piv_cac_configurations&.first&.x509_dn_uuid) + uuid = user + .piv_cac_configurations&.first&.x509_dn_uuid) allow(FeatureManagement).to receive(:development_and_identity_pki_disabled?).and_return(false) stub_piv_cac_service(uuid:) @@ -544,8 +544,8 @@ def sign_in_via_branded_page(user) def stub_piv_cac_service(error: nil, uuid: Random.uuid) allow(IdentityConfig.store).to receive(:identity_pki_disabled).and_return(false) - allow(IdentityConfig.store).to receive(:piv_cac_service_url). - and_return('http://piv.example.com/') + allow(IdentityConfig.store).to receive(:piv_cac_service_url) + .and_return('http://piv.example.com/') allow(IdentityConfig.store).to receive(:piv_cac_verify_token_url).and_return('http://piv.example.com/') stub_request(:post, 'piv.example.com').to_return do |request| { @@ -554,9 +554,9 @@ def stub_piv_cac_service(error: nil, uuid: Random.uuid) } end - stub_request(:post, 'piv.example.com'). - with(query: hash_including('nonce', 'redirect_uri')). - to_return do |request| + stub_request(:post, 'piv.example.com') + .with(query: hash_including('nonce', 'redirect_uri')) + .to_return do |request| query = UriService.params(request.uri) { status: 302, diff --git a/spec/support/idv_examples/sp_handoff.rb b/spec/support/idv_examples/sp_handoff.rb index 282910ce4bd..868f999ad5a 100644 --- a/spec/support/idv_examples/sp_handoff.rb +++ b/spec/support/idv_examples/sp_handoff.rb @@ -130,8 +130,8 @@ def expect_csp_headers_to_be_present # Selenium driver does not support response header inspection, but we should be able to expect # that the browser itself would respect CSP and refuse invalid form targets. return if javascript_enabled? - expect(page.response_headers['Content-Security-Policy']). - to(include('form-action \'self\' http://localhost:7654')) + expect(page.response_headers['Content-Security-Policy']) + .to(include('form-action \'self\' http://localhost:7654')) end def expect_successful_oidc_handoff diff --git a/spec/support/key_rotation_helper.rb b/spec/support/key_rotation_helper.rb index cad9145f53a..4481c65b985 100644 --- a/spec/support/key_rotation_helper.rb +++ b/spec/support/key_rotation_helper.rb @@ -15,8 +15,8 @@ def rotate_attribute_encryption_key(new_key = '4' * 32) current_queue = IdentityConfig.store.attribute_encryption_key_queue current_queue = [{ 'key' => old_key }] + current_queue - allow(IdentityConfig.store).to receive(:attribute_encryption_key_queue). - and_return(current_queue) + allow(IdentityConfig.store).to receive(:attribute_encryption_key_queue) + .and_return(current_queue) end def rotate_all_keys diff --git a/spec/support/matchers/accessibility.rb b/spec/support/matchers/accessibility.rb index 5221025ff52..6442e593eb4 100644 --- a/spec/support/matchers/accessibility.rb +++ b/spec/support/matchers/accessibility.rb @@ -91,8 +91,8 @@ def page_html page.driver.browser.set_cookie "_identity_idp_session=#{session_value}" if session_value page.driver.get(original_path_with_params) allow(IdentityConfig.store).to receive(:domain_name).and_return(domain_name) - allow(Rails.application.routes).to receive(:default_url_options). - and_return(default_url_options) + allow(Rails.application.routes).to receive(:default_url_options) + .and_return(default_url_options) page.html end else @@ -118,9 +118,9 @@ def page_markup_syntax_errors RSpec::Matchers.define :have_description do |description| def descriptors(element) - element['aria-describedby']&. - split(' ')&. - map { |descriptor_id| page.find("##{descriptor_id}")&.text } + element['aria-describedby'] + &.split(' ') + &.map { |descriptor_id| page.find("##{descriptor_id}")&.text } end match do |element| @@ -213,9 +213,9 @@ def decorative_svgs(page) end failure_message do |page| - img_tags = decorative_svgs(page).select { |img| img[:'aria-hidden'].nil? }. - map { |img| %(#{img[:alt]}) }. - join("\n") + img_tags = decorative_svgs(page).select { |img| img[:'aria-hidden'].nil? } + .map { |img| %(#{img[:alt]}) } + .join("\n") <<~STR Expect all decorative SVGs to have aria-hidden, but found ones without: @@ -269,10 +269,10 @@ def aria_labelledby_name(element) # "if computing a name, and the current node has an aria-labelledby attribute that contains at # least one valid IDREF, and the current node is not already part of an aria-labelledby # traversal, process its IDREFs in the order they occur" - valid_labels = element['aria-labelledby']&. - split(' ')&. - map { |label_id| page.find("##{label_id}")&.text }&. - compact + valid_labels = element['aria-labelledby'] + &.split(' ') + &.map { |label_id| page.find("##{label_id}")&.text } + &.compact valid_labels.join('') if valid_labels.present? end diff --git a/spec/support/saml_response_doc.rb b/spec/support/saml_response_doc.rb index a45ebe25e21..802212a0b90 100644 --- a/spec/support/saml_response_doc.rb +++ b/spec/support/saml_response_doc.rb @@ -210,13 +210,13 @@ def organization_nodeset end def organization_name - organization_nodeset[0]. - xpath('./ds:OrganizationName', ds: Saml::XML::Namespaces::METADATA)[0].content + organization_nodeset[0] + .xpath('./ds:OrganizationName', ds: Saml::XML::Namespaces::METADATA)[0].content end def organization_display_name - organization_nodeset[0]. - xpath( + organization_nodeset[0] + .xpath( './ds:OrganizationDisplayName', ds: Saml::XML::Namespaces::METADATA, ).first.content @@ -230,13 +230,13 @@ def attribute_authority_organization_nodeset end def attribute_authority_organization_name - attribute_authority_organization_nodeset[0]. - xpath('./ds:OrganizationName', ds: Saml::XML::Namespaces::METADATA)[0].content + attribute_authority_organization_nodeset[0] + .xpath('./ds:OrganizationName', ds: Saml::XML::Namespaces::METADATA)[0].content end def attribute_authority_organization_display_name - attribute_authority_organization_nodeset[0]. - xpath( + attribute_authority_organization_nodeset[0] + .xpath( './ds:OrganizationDisplayName', ds: Saml::XML::Namespaces::METADATA, ).first.content diff --git a/spec/support/shared_examples/lexis_nexis.rb b/spec/support/shared_examples/lexis_nexis.rb index ae54d21dca9..01523549962 100644 --- a/spec/support/shared_examples/lexis_nexis.rb +++ b/spec/support/shared_examples/lexis_nexis.rb @@ -15,9 +15,9 @@ allow(response).to receive(:product_list).and_return([]) allow(verification_request).to receive(:send_request).and_return(response) - allow(verification_request.class).to receive(:new). - with(applicant: applicant, config: kind_of(Proofing::LexisNexis::Config)). - and_return(verification_request) + allow(verification_request.class).to receive(:new) + .with(applicant: applicant, config: kind_of(Proofing::LexisNexis::Config)) + .and_return(verification_request) end describe '#proof' do @@ -66,19 +66,19 @@ credentials = Base64.strict_encode64('test_username:test_password') expected_value = "Basic #{credentials}" - stub_request(:post, subject.url). - to_return(status: 200, body: response_body) + stub_request(:post, subject.url) + .to_return(status: 200, body: response_body) subject.send_request - expect(a_request(:post, subject.url).with(headers: { 'Authorization' => expected_value })). - to have_been_requested + expect(a_request(:post, subject.url).with(headers: { 'Authorization' => expected_value })) + .to have_been_requested end end it 'returns a response object initialized with the http response' do - stub_request(:post, subject.url). - to_return(status: 200, body: response_body) + stub_request(:post, subject.url) + .to_return(status: 200, body: response_body) ln_response = subject.send_request expect(ln_response).to be_a(Proofing::LexisNexis::Response) diff --git a/spec/support/shared_examples/phone/rate_limiting.rb b/spec/support/shared_examples/phone/rate_limiting.rb index 455ce898365..fdc50481233 100644 --- a/spec/support/shared_examples/phone/rate_limiting.rb +++ b/spec/support/shared_examples/phone/rate_limiting.rb @@ -4,12 +4,12 @@ let(:min_attempts) { 2 } before do - allow(IdentityConfig.store).to receive(:login_otp_confirmation_max_attempts). - and_return(max_confirmation_attempts) - allow(IdentityConfig.store).to receive(:otp_delivery_blocklist_maxretry). - and_return(max_otp_sends) - allow(IdentityConfig.store).to receive(:otp_min_attempts_remaining_warning_count). - and_return(min_attempts) + allow(IdentityConfig.store).to receive(:login_otp_confirmation_max_attempts) + .and_return(max_confirmation_attempts) + allow(IdentityConfig.store).to receive(:otp_delivery_blocklist_maxretry) + .and_return(max_otp_sends) + allow(IdentityConfig.store).to receive(:otp_min_attempts_remaining_warning_count) + .and_return(min_attempts) end it 'limits the number of times the user can resend an OTP' do diff --git a/spec/support/shared_examples/remember_device.rb b/spec/support/shared_examples/remember_device.rb index 8cadc69f64f..3bf6c9dcf25 100644 --- a/spec/support/shared_examples/remember_device.rb +++ b/spec/support/shared_examples/remember_device.rb @@ -10,8 +10,8 @@ it 'requires 2FA on sign in after expiration' do user = remember_device_and_sign_out_user - days_to_travel = (IdentityConfig.store.remember_device_expiration_hours_aal_1 + 1). - hours.from_now + days_to_travel = (IdentityConfig.store.remember_device_expiration_hours_aal_1 + 1) + .hours.from_now travel_to(days_to_travel) sign_in_user(user) diff --git a/spec/support/shared_examples/sign_in.rb b/spec/support/shared_examples/sign_in.rb index 8136ec3cbc2..b84aa6054e9 100644 --- a/spec/support/shared_examples/sign_in.rb +++ b/spec/support/shared_examples/sign_in.rb @@ -99,8 +99,8 @@ fill_in_credentials_and_submit(user.email, user.password) click_link t('two_factor_authentication.login_options_link_text') - expect(page). - to_not have_selector("label[for='two_factor_options_form_selection_ personal_key']") + expect(page) + .to_not have_selector("label[for='two_factor_options_form_selection_ personal_key']") end end @@ -196,8 +196,8 @@ fill_in_credentials_and_submit('test@test.com', 'foo') link_url = new_user_password_url(locale: 'es', request_id: sp_request_id) - expect(page). - to have_link t('devise.failure.not_found_in_database_link_text', href: link_url) + expect(page) + .to have_link t('devise.failure.not_found_in_database_link_text', href: link_url) end end @@ -211,8 +211,8 @@ fill_in_credentials_and_submit(user.email, 'password') link_url = new_user_password_url(locale: 'es', request_id: sp_request_id) - expect(page). - to have_link t('devise.failure.invalid_link_text', href: link_url) + expect(page) + .to have_link t('devise.failure.invalid_link_text', href: link_url) end end end @@ -222,10 +222,10 @@ let(:window_end) { 1.day.ago } before do - allow(IdentityConfig.store).to receive(:broken_personal_key_window_start). - and_return(window_start) - allow(IdentityConfig.store).to receive(:broken_personal_key_window_finish). - and_return(window_end) + allow(IdentityConfig.store).to receive(:broken_personal_key_window_start) + .and_return(window_start) + allow(IdentityConfig.store).to receive(:broken_personal_key_window_finish) + .and_return(window_end) end def user_with_broken_personal_key(scenario) @@ -322,8 +322,8 @@ def user_with_broken_personal_key(scenario) asserted_expected_user = false fake_analytics = FakeAnalytics.new - allow_any_instance_of(ApplicationController).to receive(:analytics). - and_wrap_original do |original| + allow_any_instance_of(ApplicationController).to receive(:analytics) + .and_wrap_original do |original| if original.receiver.instance_of?(Users::SessionsController) && original.receiver.action_name == 'create' expect(original.call.user).to eq(user) diff --git a/spec/support/shared_examples/webauthn_setup.rb b/spec/support/shared_examples/webauthn_setup.rb index db9f254e10a..229153b4564 100644 --- a/spec/support/shared_examples/webauthn_setup.rb +++ b/spec/support/shared_examples/webauthn_setup.rb @@ -44,9 +44,9 @@ let(:fake_analytics) { FakeAnalytics.new } before do - allow(IdentityConfig.store). - to receive(:show_unsupported_passkey_platform_authentication_setup). - and_return(true) + allow(IdentityConfig.store) + .to receive(:show_unsupported_passkey_platform_authentication_setup) + .and_return(true) allow(WebauthnVerificationForm).to receive(:domain_name).and_return('localhost:3000') allow_any_instance_of(ApplicationController).to receive(:analytics).and_return(fake_analytics) mock_webauthn_setup_challenge diff --git a/spec/support/shared_examples_for_email_validation.rb b/spec/support/shared_examples_for_email_validation.rb index 88ae7c8583c..c324f4dca54 100644 --- a/spec/support/shared_examples_for_email_validation.rb +++ b/spec/support/shared_examples_for_email_validation.rb @@ -1,9 +1,9 @@ RSpec.shared_examples 'email validation' do it 'uses the valid_email gem with mx and ban_disposable options' do - email_validator = subject._validators.values.flatten. - find { |v| v.instance_of?(EmailValidator) } + email_validator = subject._validators.values.flatten + .find { |v| v.instance_of?(EmailValidator) } - expect(email_validator.options). - to eq(mx_with_fallback: true, ban_disposable_email: true, partial: true) + expect(email_validator.options) + .to eq(mx_with_fallback: true, ban_disposable_email: true, partial: true) end end diff --git a/spec/support/shared_examples_for_otp_delivery_preference_validation.rb b/spec/support/shared_examples_for_otp_delivery_preference_validation.rb index 17e8434aaab..a459e23203f 100644 --- a/spec/support/shared_examples_for_otp_delivery_preference_validation.rb +++ b/spec/support/shared_examples_for_otp_delivery_preference_validation.rb @@ -10,8 +10,8 @@ context 'voice' do it 'is valid when supported for the phone' do - expect(UpdateUserPhoneConfiguration).to receive(:update!). - with(user: user, attributes: { otp_delivery_preference: 'voice' }) + expect(UpdateUserPhoneConfiguration).to receive(:update!) + .with(user: user, attributes: { otp_delivery_preference: 'voice' }) capabilities = spy(PhoneNumberCapabilities) allow(PhoneNumberCapabilities).to receive(:new).with(phone).and_return(capabilities) diff --git a/spec/support/shared_examples_for_password_validation.rb b/spec/support/shared_examples_for_password_validation.rb index a4872571118..674c22c34f1 100644 --- a/spec/support/shared_examples_for_password_validation.rb +++ b/spec/support/shared_examples_for_password_validation.rb @@ -4,8 +4,8 @@ end it do - is_expected.to validate_length_of(:password). - is_at_least(Devise.password_length.first).is_at_most(Devise.password_length.last) + is_expected.to validate_length_of(:password) + .is_at_least(Devise.password_length.first).is_at_most(Devise.password_length.last) end it do diff --git a/spec/support/sp_auth_helper.rb b/spec/support/sp_auth_helper.rb index 809205724d8..e36369a218e 100644 --- a/spec/support/sp_auth_helper.rb +++ b/spec/support/sp_auth_helper.rb @@ -13,8 +13,8 @@ def create_ial1_account_go_back_to_sp_and_sign_out(sp) def create_in_person_ial2_account_go_back_to_sp_and_sign_out(sp) user = user_with_totp_2fa - ServiceProvider.find_by(issuer: service_provider_issuer(sp)). - update(in_person_proofing_enabled: true) + ServiceProvider.find_by(issuer: service_provider_issuer(sp)) + .update(in_person_proofing_enabled: true) visit_idp_from_sp_with_ial2(sp) sign_in_user(user) diff --git a/spec/support/usps_ipp_helper.rb b/spec/support/usps_ipp_helper.rb index 93dd0d6826f..f7dffc104f4 100644 --- a/spec/support/usps_ipp_helper.rb +++ b/spec/support/usps_ipp_helper.rb @@ -174,8 +174,8 @@ def stub_request_unexpected_expired_proofing_results def request_unexpected_expired_proofing_results_args { status: 400, - body: UspsInPersonProofing::Mock::Fixtures. - request_unexpected_expired_proofing_results_response, + body: UspsInPersonProofing::Mock::Fixtures + .request_unexpected_expired_proofing_results_response, headers: { 'content-type' => 'application/json' }, } end @@ -194,8 +194,8 @@ def stub_request_unexpected_invalid_applicant(response_body_overrides = {}) def request_unexpected_invalid_applicant_args { status: 400, - body: UspsInPersonProofing::Mock::Fixtures. - request_unexpected_invalid_applicant_response, + body: UspsInPersonProofing::Mock::Fixtures + .request_unexpected_invalid_applicant_response, headers: { 'content-type' => 'application/json' }, } end @@ -215,8 +215,8 @@ def stub_request_unexpected_invalid_enrollment_code(response_body_overrides = {} def request_unexpected_invalid_enrollment_code_args { status: 400, - body: UspsInPersonProofing::Mock::Fixtures. - request_unexpected_invalid_enrollment_code_response, + body: UspsInPersonProofing::Mock::Fixtures + .request_unexpected_invalid_enrollment_code_response, headers: { 'content-type' => 'application/json' }, } end diff --git a/spec/views/accounts/connected_accounts/show.html.erb_spec.rb b/spec/views/accounts/connected_accounts/show.html.erb_spec.rb index 718d656dd5d..9a18c8cbb00 100644 --- a/spec/views/accounts/connected_accounts/show.html.erb_spec.rb +++ b/spec/views/accounts/connected_accounts/show.html.erb_spec.rb @@ -6,8 +6,8 @@ before do allow(view).to receive(:current_user).and_return(user) - allow(IdentityConfig.store).to receive(:feature_select_email_to_share_enabled). - and_return(feature_select_email_to_share_enabled) + allow(IdentityConfig.store).to receive(:feature_select_email_to_share_enabled) + .and_return(feature_select_email_to_share_enabled) assign( :presenter, AccountShowPresenter.new( diff --git a/spec/views/devise/passwords/new.html.erb_spec.rb b/spec/views/devise/passwords/new.html.erb_spec.rb index c3d8ca7c831..7fe0374391c 100644 --- a/spec/views/devise/passwords/new.html.erb_spec.rb +++ b/spec/views/devise/passwords/new.html.erb_spec.rb @@ -11,12 +11,12 @@ before do @password_reset_email_form = PasswordResetEmailForm.new('') view_context = ActionController::Base.new.view_context - allow(view_context).to receive(:new_user_session_url). - and_return('https://www.example.com/') - allow(view_context).to receive(:sign_up_email_path). - and_return('/sign_up/enter_email') - allow_any_instance_of(ActionController::TestRequest).to receive(:path). - and_return('/users/password/new') + allow(view_context).to receive(:new_user_session_url) + .and_return('https://www.example.com/') + allow(view_context).to receive(:sign_up_email_path) + .and_return('/sign_up/enter_email') + allow_any_instance_of(ActionController::TestRequest).to receive(:path) + .and_return('/users/password/new') @decorated_sp_session = ServiceProviderSessionCreator.new( sp: sp, diff --git a/spec/views/devise/sessions/new.html.erb_spec.rb b/spec/views/devise/sessions/new.html.erb_spec.rb index d184de347df..db514243ac6 100644 --- a/spec/views/devise/sessions/new.html.erb_spec.rb +++ b/spec/views/devise/sessions/new.html.erb_spec.rb @@ -10,8 +10,8 @@ allow(view).to receive(:devise_mapping).and_return(Devise.mappings[:user]) allow(view).to receive(:controller_name).and_return('sessions') allow(view).to receive(:decorated_sp_session).and_return(NullServiceProviderSession.new) - allow_any_instance_of(ActionController::TestRequest).to receive(:path). - and_return('/') + allow_any_instance_of(ActionController::TestRequest).to receive(:path) + .and_return('/') end it 'sets autocomplete attribute off' do @@ -89,8 +89,8 @@ service_provider_request: ServiceProviderRequest.new, ).create_session allow(view).to receive(:decorated_sp_session).and_return(@decorated_sp_session) - allow(view_context).to receive(:sign_up_email_path). - and_return('/sign_up/enter_email') + allow(view_context).to receive(:sign_up_email_path) + .and_return('/sign_up/enter_email') end it 'displays a custom header' do @@ -182,8 +182,8 @@ it 'does not render DAP analytics' do allow(view).to receive(:javascript_packs_tag_once) - expect(view).not_to receive(:javascript_packs_tag_once). - with(a_string_matching('https://dap.digitalgov.gov/'), defer: true, id: '_fed_an_ua_tag') + expect(view).not_to receive(:javascript_packs_tag_once) + .with(a_string_matching('https://dap.digitalgov.gov/'), defer: true, id: '_fed_an_ua_tag') render end @@ -214,10 +214,10 @@ subject(:rendered) { render } before do - allow(FeatureManagement).to receive(:sign_in_recaptcha_enabled?). - and_return(sign_in_recaptcha_enabled) - allow(IdentityConfig.store).to receive(:recaptcha_mock_validator). - and_return(recaptcha_mock_validator) + allow(FeatureManagement).to receive(:sign_in_recaptcha_enabled?) + .and_return(sign_in_recaptcha_enabled) + allow(IdentityConfig.store).to receive(:recaptcha_mock_validator) + .and_return(recaptcha_mock_validator) end context 'recaptcha at sign in is disabled' do diff --git a/spec/views/forgot_password/show.html.erb_spec.rb b/spec/views/forgot_password/show.html.erb_spec.rb index efe18e77a21..3b7603ade4b 100644 --- a/spec/views/forgot_password/show.html.erb_spec.rb +++ b/spec/views/forgot_password/show.html.erb_spec.rb @@ -25,10 +25,10 @@ render expect(rendered).to have_button(t('links.resend')) - expect(rendered). - to have_xpath("//form[@action='#{user_password_path}']") - expect(rendered). - to have_xpath("//form[@method='post']") + expect(rendered) + .to have_xpath("//form[@action='#{user_password_path}']") + expect(rendered) + .to have_xpath("//form[@method='post']") end it 'provides an explanation to the user' do diff --git a/spec/views/idv/enter_password/new.html.erb_spec.rb b/spec/views/idv/enter_password/new.html.erb_spec.rb index faf0034e1e0..3947b5ec513 100644 --- a/spec/views/idv/enter_password/new.html.erb_spec.rb +++ b/spec/views/idv/enter_password/new.html.erb_spec.rb @@ -9,8 +9,8 @@ before do user = build_stubbed(:user, :fully_registered) allow(view).to receive(:current_user).and_return(user) - allow(view).to receive(:step_indicator_steps). - and_return(Idv::StepIndicatorConcern::STEP_INDICATOR_STEPS) + allow(view).to receive(:step_indicator_steps) + .and_return(Idv::StepIndicatorConcern::STEP_INDICATOR_STEPS) allow(view).to receive(:step_indicator_step).and_return(:re_enter_password) end diff --git a/spec/views/idv/in_person/ready_to_verify/show.html.erb_spec.rb b/spec/views/idv/in_person/ready_to_verify/show.html.erb_spec.rb index 400994814d5..152365c4d20 100644 --- a/spec/views/idv/in_person/ready_to_verify/show.html.erb_spec.rb +++ b/spec/views/idv/in_person/ready_to_verify/show.html.erb_spec.rb @@ -112,8 +112,8 @@ context 'outage alert' do context 'when the outage message flag is enabled' do before do - allow(IdentityConfig.store).to receive(:in_person_outage_message_enabled). - and_return(true) + allow(IdentityConfig.store).to receive(:in_person_outage_message_enabled) + .and_return(true) end context 'when the outage dates are included' do @@ -122,12 +122,12 @@ let(:in_person_outage_expected_update_date) { 'October 31, 2023' } before do - allow(IdentityConfig.store).to receive(:in_person_outage_message_enabled). - and_return(true) - allow(IdentityConfig.store).to receive(:in_person_outage_emailed_by_date). - and_return(in_person_outage_emailed_by_date) - allow(IdentityConfig.store).to receive(:in_person_outage_expected_update_date). - and_return(in_person_outage_expected_update_date) + allow(IdentityConfig.store).to receive(:in_person_outage_message_enabled) + .and_return(true) + allow(IdentityConfig.store).to receive(:in_person_outage_emailed_by_date) + .and_return(in_person_outage_emailed_by_date) + allow(IdentityConfig.store).to receive(:in_person_outage_expected_update_date) + .and_return(in_person_outage_expected_update_date) end it 'renders the outage alert' do @@ -144,12 +144,12 @@ context 'when the outage dates are not included' do before do - allow(IdentityConfig.store).to receive(:in_person_outage_message_enabled). - and_return(true) - allow(IdentityConfig.store).to receive(:in_person_outage_emailed_by_date). - and_return('') - allow(IdentityConfig.store).to receive(:in_person_outage_expected_update_date). - and_return('') + allow(IdentityConfig.store).to receive(:in_person_outage_message_enabled) + .and_return(true) + allow(IdentityConfig.store).to receive(:in_person_outage_emailed_by_date) + .and_return('') + allow(IdentityConfig.store).to receive(:in_person_outage_expected_update_date) + .and_return('') end it 'does not render a warning' do @@ -164,8 +164,8 @@ context 'when the outage message flag is disabled' do before do - allow(IdentityConfig.store).to receive(:in_person_outage_message_enabled). - and_return(false) + allow(IdentityConfig.store).to receive(:in_person_outage_message_enabled) + .and_return(false) end it 'does not render the outage alert' do diff --git a/spec/views/idv/please_call/show.html.erb_spec.rb b/spec/views/idv/please_call/show.html.erb_spec.rb index 2b1df4f41b3..bc97fd358e2 100644 --- a/spec/views/idv/please_call/show.html.erb_spec.rb +++ b/spec/views/idv/please_call/show.html.erb_spec.rb @@ -6,8 +6,8 @@ before do @call_by_date = Date.new(2023, 10, 13) @in_person = in_person - allow(IdentityConfig.store).to receive(:in_person_proofing_enabled). - and_return(in_person_proofing_enabled) + allow(IdentityConfig.store).to receive(:in_person_proofing_enabled) + .and_return(in_person_proofing_enabled) render end diff --git a/spec/views/idv/shared/ssn.html.erb_spec.rb b/spec/views/idv/shared/ssn.html.erb_spec.rb index 989dbdca74c..c951b33ba9f 100644 --- a/spec/views/idv/shared/ssn.html.erb_spec.rb +++ b/spec/views/idv/shared/ssn.html.erb_spec.rb @@ -21,10 +21,10 @@ before :each do allow(view).to receive(:url_for).and_return('https://example.com/') - allow(IdentityConfig.store).to receive(:proofing_device_profiling). - and_return(threatmetrix_enabled ? :enabled : :disabled) - allow(IdentityConfig.store). - to receive(:lexisnexis_threatmetrix_org_id).and_return(lexisnexis_threatmetrix_org_id) + allow(IdentityConfig.store).to receive(:proofing_device_profiling) + .and_return(threatmetrix_enabled ? :enabled : :disabled) + allow(IdentityConfig.store) + .to receive(:lexisnexis_threatmetrix_org_id).and_return(lexisnexis_threatmetrix_org_id) assign( :ssn_presenter, @@ -110,8 +110,8 @@ def expect_noscript_tag_rendered end def expect_session_id_input_rendered - expect(rendered). - to have_css( + expect(rendered) + .to have_css( "input[type=hidden][name='doc_auth[threatmetrix_session_id]'][value='#{session_id}']", visible: false, ) @@ -126,7 +126,7 @@ def expect_noscript_tag_not_rendered end def expect_session_id_input_not_rendered - expect(rendered). - not_to have_css('input[name="doc_auth[threatmetrix_session_id]"]', visible: false) + expect(rendered) + .not_to have_css('input[name="doc_auth[threatmetrix_session_id]"]', visible: false) end end diff --git a/spec/views/sign_up/emails/show.html.erb_spec.rb b/spec/views/sign_up/emails/show.html.erb_spec.rb index b8f2e9f22d7..86a8a620d0e 100644 --- a/spec/views/sign_up/emails/show.html.erb_spec.rb +++ b/spec/views/sign_up/emails/show.html.erb_spec.rb @@ -24,8 +24,8 @@ expect(rendered).to have_selector('lg-form-link') expect(rendered).to have_link(href: '#', class: ['usa-link', 'block-link']) - expect(rendered). - to have_button(t('notices.signed_up_but_unconfirmed.resend_confirmation_email')) + expect(rendered) + .to have_button(t('notices.signed_up_but_unconfirmed.resend_confirmation_email')) expect(rendered).to have_css("form[action='#{sign_up_register_path}']") end diff --git a/spec/views/sign_up/registrations/new.html.erb_spec.rb b/spec/views/sign_up/registrations/new.html.erb_spec.rb index 97a2c1f0e45..8e3006e4559 100644 --- a/spec/views/sign_up/registrations/new.html.erb_spec.rb +++ b/spec/views/sign_up/registrations/new.html.erb_spec.rb @@ -15,12 +15,12 @@ analytics: FakeAnalytics.new, ) view_context = ActionController::Base.new.view_context - allow(view_context).to receive(:new_user_session_url). - and_return('https://www.example.com/') - allow(view_context).to receive(:sign_up_email_path). - and_return('/sign_up/enter_email') - allow_any_instance_of(ActionView::Base).to receive(:request_id). - and_return(nil) + allow(view_context).to receive(:new_user_session_url) + .and_return('https://www.example.com/') + allow(view_context).to receive(:sign_up_email_path) + .and_return('/sign_up/enter_email') + allow_any_instance_of(ActionView::Base).to receive(:request_id) + .and_return(nil) @decorated_sp_session = ServiceProviderSessionCreator.new( sp: sp, diff --git a/spec/views/two_factor_authentication/personal_key_verification/show.html.erb_spec.rb b/spec/views/two_factor_authentication/personal_key_verification/show.html.erb_spec.rb index ae22211f294..409574b6560 100644 --- a/spec/views/two_factor_authentication/personal_key_verification/show.html.erb_spec.rb +++ b/spec/views/two_factor_authentication/personal_key_verification/show.html.erb_spec.rb @@ -20,24 +20,24 @@ it 'has a localized heading' do render - expect(rendered). - to have_content t('two_factor_authentication.personal_key_header_text') + expect(rendered) + .to have_content t('two_factor_authentication.personal_key_header_text') end it 'prompts the user to enter their personal key' do render - expect(rendered). - to have_content t('two_factor_authentication.personal_key_prompt') + expect(rendered) + .to have_content t('two_factor_authentication.personal_key_prompt') end it 'contains a form to submit the personal key' do render expect(rendered).to have_button(t('forms.buttons.submit.default')) - expect(rendered). - to have_xpath("//form[@action='#{login_two_factor_personal_key_path}']") - expect(rendered). - to have_xpath("//form[@method='post']") + expect(rendered) + .to have_xpath("//form[@action='#{login_two_factor_personal_key_path}']") + expect(rendered) + .to have_xpath("//form[@method='post']") end end diff --git a/spec/views/users/backup_code_setup/create.html.erb_spec.rb b/spec/views/users/backup_code_setup/create.html.erb_spec.rb index c0fa8c23e3d..09c11ae8986 100644 --- a/spec/views/users/backup_code_setup/create.html.erb_spec.rb +++ b/spec/views/users/backup_code_setup/create.html.erb_spec.rb @@ -49,10 +49,10 @@ it 'contains form post to backup_code_continue_path' do render - expect(rendered). - to have_xpath("//form[@action='#{backup_code_continue_path}']") - expect(rendered). - to have_xpath("//form[@method='post']") + expect(rendered) + .to have_xpath("//form[@action='#{backup_code_continue_path}']") + expect(rendered) + .to have_xpath("//form[@method='post']") end it 'has continue button' do diff --git a/spec/views/users/delete/show.html.erb_spec.rb b/spec/views/users/delete/show.html.erb_spec.rb index 022074309f5..7a932f2680c 100644 --- a/spec/views/users/delete/show.html.erb_spec.rb +++ b/spec/views/users/delete/show.html.erb_spec.rb @@ -25,14 +25,14 @@ it 'displays bullets for loa1' do allow(user).to receive(:identity_verified?).and_return(false) - expect(user.delete_account_bullet_key). - to eq t('users.delete.bullet_2_basic', app_name: APP_NAME) + expect(user.delete_account_bullet_key) + .to eq t('users.delete.bullet_2_basic', app_name: APP_NAME) end it 'displays bullets for loa1' do allow(user).to receive(:identity_verified?).and_return(true) - expect(user.delete_account_bullet_key). - to eq t('users.delete.bullet_2_verified', app_name: APP_NAME) + expect(user.delete_account_bullet_key) + .to eq t('users.delete.bullet_2_verified', app_name: APP_NAME) end it 'contains link to delete account button' do diff --git a/spec/views/users/two_factor_authentication_setup/index.html.erb_spec.rb b/spec/views/users/two_factor_authentication_setup/index.html.erb_spec.rb index 40cc2e3bfd3..0bcac8fc504 100644 --- a/spec/views/users/two_factor_authentication_setup/index.html.erb_spec.rb +++ b/spec/views/users/two_factor_authentication_setup/index.html.erb_spec.rb @@ -61,8 +61,8 @@ context 'all phone vendor outage' do before do - allow_any_instance_of(OutageStatus).to receive(:all_vendor_outage?). - with(OutageStatus::PHONE_VENDORS).and_return(true) + allow_any_instance_of(OutageStatus).to receive(:all_vendor_outage?) + .with(OutageStatus::PHONE_VENDORS).and_return(true) end it 'renders alert banner' do From acd51252a87bed98837e7a6d6a38db6514706b36 Mon Sep 17 00:00:00 2001 From: "Davida (she/they)" Date: Thu, 12 Dec 2024 09:14:49 -0500 Subject: [PATCH 02/19] Add integration error event (#11615) * changelog: Internal, Analytics, Add integration error event --- .../concerns/saml_idp_auth_concern.rb | 15 +++ .../authorization_controller.rb | 36 ++++-- .../openid_connect/logout_controller.rb | 16 ++- .../openid_connect/token_controller.rb | 8 +- .../openid_connect/user_info_controller.rb | 4 +- app/controllers/saml_idp_controller.rb | 20 ++- app/forms/openid_connect_authorize_form.rb | 13 ++ app/forms/openid_connect_logout_form.rb | 11 ++ app/forms/openid_connect_token_form.rb | 13 ++ app/services/access_token_verifier.rb | 11 ++ app/services/analytics_events.rb | 26 ++++ .../authorization_controller_spec.rb | 50 +++++++- .../openid_connect/logout_controller_spec.rb | 104 ++++++++++++++- .../openid_connect/token_controller_spec.rb | 17 +++ .../user_info_controller_spec.rb | 35 ++++++ spec/controllers/saml_idp_controller_spec.rb | 119 +++++++++++++++++- .../openid_connect_authorize_form_spec.rb | 8 ++ spec/forms/openid_connect_token_form_spec.rb | 30 ++++- 18 files changed, 506 insertions(+), 30 deletions(-) diff --git a/app/controllers/concerns/saml_idp_auth_concern.rb b/app/controllers/concerns/saml_idp_auth_concern.rb index 60443489dfd..7e19ba70df3 100644 --- a/app/controllers/concerns/saml_idp_auth_concern.rb +++ b/app/controllers/concerns/saml_idp_auth_concern.rb @@ -50,6 +50,11 @@ def validate_service_provider_and_authn_context return if result.success? capture_analytics + track_integration_errors( + event: :saml_auth_request, + errors: result.errors.values.flatten, + ) + render 'saml_idp/auth/error', status: :bad_request end @@ -248,4 +253,14 @@ def request_url url.query = Rack::Utils.build_query(query_params).presence url.to_s end + + def track_integration_errors(event:, errors: nil) + analytics.sp_integration_errors_present( + error_details: errors || saml_request.errors.uniq, + error_types: [:saml_request_errors], + event:, + integration_exists: saml_request_service_provider.present?, + request_issuer: saml_request&.issuer, + ) + end end diff --git a/app/controllers/openid_connect/authorization_controller.rb b/app/controllers/openid_connect/authorization_controller.rb index b6567e4b234..d015161a030 100644 --- a/app/controllers/openid_connect/authorization_controller.rb +++ b/app/controllers/openid_connect/authorization_controller.rb @@ -56,7 +56,7 @@ def pending_profile_policy end def check_sp_active - return if @authorize_form.service_provider&.active? + return if service_provider&.active? redirect_to sp_inactive_error_url end @@ -100,7 +100,7 @@ def email_address_id def ial_context IalContext.new( ial: resolved_authn_context_int_ial, - service_provider: @authorize_form.service_provider, + service_provider:, user: current_user, ) end @@ -121,7 +121,6 @@ def handle_successful_handoff redirect_user( @authorize_form.success_redirect_uri, - @authorize_form.service_provider.issuer, current_user.uuid, ) @@ -153,13 +152,13 @@ def build_authorize_form_from_params def secure_headers_override return if form_action_csp_disabled_and_not_server_side_redirect?( - issuer: @authorize_form.service_provider.issuer, + issuer: issuer, user_uuid: current_user&.uuid, ) csp_uris = SecureHeadersAllowList.csp_with_sp_redirect_uris( @authorize_form.redirect_uri, - @authorize_form.service_provider.redirect_uris, + service_provider.redirect_uris, ) override_form_action_csp(csp_uris) end @@ -172,7 +171,7 @@ def pre_validate_authorize_form result = @authorize_form.submit analytics.openid_connect_request_authorization( - **result.to_h.except(:redirect_uri, :code_digest).merge( + **result.to_h.except(:redirect_uri, :code_digest, :integration_errors).merge( user_fully_authenticated: user_fully_authenticated?, referer: request.referer, vtr_param: params[:vtr], @@ -180,19 +179,26 @@ def pre_validate_authorize_form ), ) return if result.success? + + if result.extra[:integration_errors].present? + analytics.sp_integration_errors_present( + **result.to_h[:integration_errors], + ) + end + redirect_uri = result.extra[:redirect_uri] if redirect_uri.nil? render :error else - redirect_user(redirect_uri, @authorize_form.service_provider.issuer, current_user&.uuid) + redirect_user(redirect_uri, current_user&.uuid) end end def sign_out_if_prompt_param_is_login_and_user_is_signed_in if @authorize_form.prompt != 'login' set_issuer_forced_reauthentication( - issuer: @authorize_form.service_provider.issuer, + issuer:, is_forced_reauthentication: false, ) end @@ -204,7 +210,7 @@ def sign_out_if_prompt_param_is_login_and_user_is_signed_in unless sp_session[:request_url] == request.original_url sign_out set_issuer_forced_reauthentication( - issuer: @authorize_form.service_provider.issuer, + issuer:, is_forced_reauthentication: true, ) end @@ -236,8 +242,8 @@ def track_events track_billing_events end - def redirect_user(redirect_uri, issuer, user_uuid) - case oidc_redirect_method(issuer: issuer, user_uuid: user_uuid) + def redirect_user(redirect_uri, user_uuid) + case oidc_redirect_method(issuer:, user_uuid: user_uuid) when 'client_side' @oidc_redirect_uri = redirect_uri render( @@ -258,6 +264,14 @@ def redirect_user(redirect_uri, issuer, user_uuid) end end + def service_provider + @authorize_form.service_provider + end + + def issuer + service_provider&.issuer + end + def sp_handoff_bouncer @sp_handoff_bouncer ||= SpHandoffBouncer.new(sp_session) end diff --git a/app/controllers/openid_connect/logout_controller.rb b/app/controllers/openid_connect/logout_controller.rb index ada39ed341e..c9ac544c72f 100644 --- a/app/controllers/openid_connect/logout_controller.rb +++ b/app/controllers/openid_connect/logout_controller.rb @@ -26,6 +26,8 @@ def show if result.success? && redirect_uri handle_successful_logout_request(result, redirect_uri) else + track_integration_errors(result:, event: :oidc_logout_requested) + render :error end end @@ -48,6 +50,8 @@ def delete if result.success? && redirect_uri handle_logout(result, redirect_uri) else + track_integration_errors(result:, event: :oidc_logout_submitted) + render :error end end @@ -141,11 +145,21 @@ def handle_logout(result, redirect_uri) # Convert FormResponse into loggable analytics event # @param [FormResponse] result def to_event(result) - result.to_h.except(:redirect_uri) + result.to_h.except(:redirect_uri, :integration_errors) end def logout_params params.permit(:client_id, :id_token_hint, :post_logout_redirect_uri, :state) end + + def track_integration_errors(result:, event:) + if result.extra[:integration_errors].present? + analytics.sp_integration_errors_present( + **result. + to_h[:integration_errors]. + merge(event:), + ) + end + end end end diff --git a/app/controllers/openid_connect/token_controller.rb b/app/controllers/openid_connect/token_controller.rb index de48ebb649d..8771aa8d3d7 100644 --- a/app/controllers/openid_connect/token_controller.rb +++ b/app/controllers/openid_connect/token_controller.rb @@ -15,7 +15,13 @@ def create analytics_attributes = result.to_h analytics_attributes[:expires_in] = response[:expires_in] - analytics.openid_connect_token(**analytics_attributes) + analytics.openid_connect_token(**analytics_attributes.except(:integration_errors)) + + if !result.success? && analytics_attributes[:integration_errors].present? + analytics.sp_integration_errors_present( + **analytics_attributes[:integration_errors], + ) + end render json: response, status: (result.success? ? :ok : :bad_request) diff --git a/app/controllers/openid_connect/user_info_controller.rb b/app/controllers/openid_connect/user_info_controller.rb index a1df4ba00f3..818e79d8511 100644 --- a/app/controllers/openid_connect/user_info_controller.rb +++ b/app/controllers/openid_connect/user_info_controller.rb @@ -18,11 +18,13 @@ def show def authenticate_identity_via_bearer_token verifier = AccessTokenVerifier.new(request.env['HTTP_AUTHORIZATION']) response, identity = verifier.submit - analytics.openid_connect_bearer_token(**response) + attributes = response.to_h + analytics.openid_connect_bearer_token(**attributes.except(:integration_errors)) if response.success? @current_identity = identity else + analytics.sp_integration_errors_present(**attributes[:integration_errors]) render json: { error: verifier.errors[:access_token].join(' ') }, status: :unauthorized end diff --git a/app/controllers/saml_idp_controller.rb b/app/controllers/saml_idp_controller.rb index 55083feb324..5c7ab57cbe5 100644 --- a/app/controllers/saml_idp_controller.rb +++ b/app/controllers/saml_idp_controller.rb @@ -61,7 +61,11 @@ def logout track_logout_event - return head(:bad_request) unless valid_saml_request? + unless valid_saml_request? + track_integration_errors(event: :saml_logout_request) + + return head(:bad_request) + end handle_valid_sp_logout_request end @@ -75,11 +79,21 @@ def remotelogout track_remote_logout_event(issuer) - return head(:bad_request) unless valid_saml_request? + unless valid_saml_request? + track_integration_errors(event: :saml_remote_logout_request) + + return head(:bad_request) + end user_id = find_user_from_session_index - return head(:bad_request) unless user_id.present? + unless user_id.present? + track_integration_errors( + event: :saml_remote_logout_request, + errors: [:no_user_found_from_session_index], + ) + return head(:bad_request) + end handle_valid_sp_remote_logout_request(user_id: user_id, issuer: issuer) end diff --git a/app/forms/openid_connect_authorize_form.rb b/app/forms/openid_connect_authorize_form.rb index d272a10fa52..c3bbca2b17c 100644 --- a/app/forms/openid_connect_authorize_form.rb +++ b/app/forms/openid_connect_authorize_form.rb @@ -284,6 +284,7 @@ def extra_analytics_attributes code_digest: code ? Digest::SHA256.hexdigest(code) : nil, code_challenge_present: code_challenge.present?, service_provider_pkce: service_provider&.pkce, + integration_errors:, } end @@ -350,6 +351,18 @@ def ialmax_requested? Saml::Idp::Constants::AUTHN_CONTEXT_CLASSREF_TO_IAL[ial_values.sort.max] == 0 end + def integration_errors + return nil if @success || client_id.blank? + + { + error_details: errors.full_messages, + error_types: errors.attribute_names, + event: :oidc_request_authorization, + integration_exists: service_provider.present?, + request_issuer: client_id, + } + end + def facial_match_ial_requested? ial_values.any? { |ial| Saml::Idp::Constants::FACIAL_MATCH_IAL_CONTEXTS.include? ial } end diff --git a/app/forms/openid_connect_logout_form.rb b/app/forms/openid_connect_logout_form.rb index 061daf9019a..68ebffdc411 100644 --- a/app/forms/openid_connect_logout_form.rb +++ b/app/forms/openid_connect_logout_form.rb @@ -114,6 +114,16 @@ def id_token_hint_or_client_id_present ) end + def integration_errors + return nil if valid? + { + error_details: errors.full_messages, + error_types: errors.attribute_names, + integration_exists: service_provider.present?, + request_issuer: client_id || service_provider&.issuer, + } + end + def valid_client_id return unless client_id.present? && id_token_hint.blank? return if service_provider.present? @@ -144,6 +154,7 @@ def extra_analytics_attributes redirect_uri: redirect_uri, sp_initiated: true, oidc: true, + integration_errors:, } end diff --git a/app/forms/openid_connect_token_form.rb b/app/forms/openid_connect_token_form.rb index 3baaa626ae1..02fc37d7648 100644 --- a/app/forms/openid_connect_token_form.rb +++ b/app/forms/openid_connect_token_form.rb @@ -205,6 +205,19 @@ def extra_analytics_attributes code_verifier_present: code_verifier.present?, service_provider_pkce: service_provider&.pkce, ial: identity&.ial, + integration_errors:, + } + end + + def integration_errors + return nil if valid? || client_id.blank? + + { + error_details: errors.full_messages, + error_types: errors.attribute_names, + event: :oidc_token_request, + integration_exists: service_provider.present?, + request_issuer: client_id, } end diff --git a/app/services/access_token_verifier.rb b/app/services/access_token_verifier.rb index 49372e308b2..bf122c1b316 100644 --- a/app/services/access_token_verifier.rb +++ b/app/services/access_token_verifier.rb @@ -21,6 +21,7 @@ def submit extra: { client_id: @identity&.service_provider, ial: @identity&.ial, + integration_errors:, }, ) @@ -69,4 +70,14 @@ def extract_access_token(header) access_token end + + def integration_errors + { + error_details: errors.full_messages, + error_types: errors.attribute_names, + event: :oidc_bearer_token_auth, + integration_exists: @identity&.service_provider.present?, + request_issuer: @identity&.service_provider, + } + end end diff --git a/app/services/analytics_events.rb b/app/services/analytics_events.rb index 8e867239b69..ab4a9c3fec7 100644 --- a/app/services/analytics_events.rb +++ b/app/services/analytics_events.rb @@ -6915,6 +6915,32 @@ def sp_inactive_visit track_event('SP inactive visited') end + # @param [Array] error_details Full messages of the errors + # @param [Hash] error_types Types of errors that are surfaced + # @param [Symbol] event What part of the workflow the error occured in + # @param [Boolean] integration_exists Whether the requesting issuer maps to an SP + # @param [String] request_issuer The issuer in the request + # Monitoring service-provider specific integration errors + def sp_integration_errors_present( + error_details:, + error_types:, + event:, + integration_exists:, + request_issuer: nil, + **extra + ) + types = error_types.index_with { |_type| true } + track_event( + :sp_integration_errors_present, + error_details:, + error_types: types, + event:, + integration_exists:, + request_issuer:, + **extra, + ) + end + # Tracks when a user is redirected back to the service provider # @param [Integer] ial # @param [Integer] billed_ial diff --git a/spec/controllers/openid_connect/authorization_controller_spec.rb b/spec/controllers/openid_connect/authorization_controller_spec.rb index 8343d630af9..90637ce9bd4 100644 --- a/spec/controllers/openid_connect/authorization_controller_spec.rb +++ b/spec/controllers/openid_connect/authorization_controller_spec.rb @@ -153,6 +153,10 @@ sign_in_flow:, acr_values: 'http://idmanagement.gov/ns/assurance/ial/1', ) + + expect(@analytics).to_not have_logged_event( + :sp_integration_errors_present, + ) end end @@ -2020,12 +2024,45 @@ errors: hash_including(:prompt), error_details: hash_including(:prompt), user_fully_authenticated: true, - acr_values: 'http://idmanagement.gov/ns/assurance/ial/1', + acr_values: acr_values, code_challenge_present: false, scope: 'openid', ) expect(@analytics).to_not have_logged_event('SP redirect initiated') + + expect(@analytics).to have_logged_event( + :sp_integration_errors_present, + error_details: array_including( + 'Prompt Please fill in this field.', + ), + error_types: { prompt: true }, + event: :oidc_request_authorization, + integration_exists: true, + request_issuer: client_id, + ) + end + + context 'when there are multiple issues with the request' do + let(:acr_values) { nil } + + it 'notes all the integration errors' do + stub_analytics + + action + + expect(@analytics).to have_logged_event( + :sp_integration_errors_present, + error_details: array_including( + 'Acr values Please fill in this field.', + 'Prompt Please fill in this field.', + ), + error_types: { acr_values: true, prompt: true }, + event: :oidc_request_authorization, + integration_exists: true, + request_issuer: client_id, + ) + end end end @@ -2054,6 +2091,17 @@ scope: 'openid profile', unknown_authn_contexts: unknown_value, ) + + expect(@analytics).to have_logged_event( + :sp_integration_errors_present, + error_details: array_including( + 'Acr values Please fill in this field.', + ), + error_types: { acr_values: true }, + event: :oidc_request_authorization, + integration_exists: true, + request_issuer: client_id, + ) end context 'when there is also a valid acr_value' do diff --git a/spec/controllers/openid_connect/logout_controller_spec.rb b/spec/controllers/openid_connect/logout_controller_spec.rb index 12918531258..3c2780cde83 100644 --- a/spec/controllers/openid_connect/logout_controller_spec.rb +++ b/spec/controllers/openid_connect/logout_controller_spec.rb @@ -176,6 +176,10 @@ oidc: true, ), ) + + expect(@analytics).to_not have_logged_event( + :sp_integration_errors_present, + ) end end @@ -215,6 +219,17 @@ oidc: true, ), ) + + expect(@analytics).to have_logged_event( + :sp_integration_errors_present, + error_details: array_including( + 'Redirect uri redirect_uri does not match registered redirect_uri', + ), + error_types: { redirect_uri: true }, + event: :oidc_logout_requested, + integration_exists: true, + request_issuer: service_provider.issuer, + ) end end @@ -238,6 +253,16 @@ oidc: true, ), ) + + expect(@analytics).to have_logged_event( + :sp_integration_errors_present, + error_details: array_including( + 'Id token hint id_token_hint was not recognized', + ), + error_types: { id_token_hint: true }, + event: :oidc_logout_requested, + integration_exists: false, + ) end end end @@ -317,6 +342,9 @@ oidc: true, ), ) + expect(@analytics).to_not have_logged_event( + :sp_integration_errors_present, + ) expect(response).to render_template(:confirm_logout) expect(response.body).to include service_provider.friendly_name end @@ -358,6 +386,17 @@ oidc: true, ), ) + + expect(@analytics).to have_logged_event( + :sp_integration_errors_present, + error_details: array_including( + 'Redirect uri redirect_uri does not match registered redirect_uri', + ), + error_types: { redirect_uri: true }, + event: :oidc_logout_requested, + integration_exists: true, + request_issuer: service_provider.issuer, + ) end end end @@ -444,6 +483,10 @@ oidc: true, ), ) + + expect(@analytics).to_not have_logged_event( + :sp_integration_errors_present, + ) end end @@ -483,6 +526,18 @@ oidc: true, ), ) + + expect(@analytics).to have_logged_event( + :sp_integration_errors_present, + error_details: array_including( + 'Id token hint This application is misconfigured and should not be sending ' \ + 'id_token_hint. Please send client_id instead.', + ), + error_types: { id_token_hint: true }, + event: :oidc_logout_requested, + integration_exists: true, + request_issuer: service_provider.issuer, + ) end end @@ -522,6 +577,17 @@ oidc: true, ), ) + + expect(@analytics).to have_logged_event( + :sp_integration_errors_present, + error_details: array_including( + 'Redirect uri redirect_uri does not match registered redirect_uri', + ), + error_types: { redirect_uri: true }, + event: :oidc_logout_requested, + integration_exists: true, + request_issuer: service_provider.issuer, + ) end end end @@ -730,13 +796,15 @@ describe '#delete' do context 'when sending client_id' do + let(:params) do + { + client_id: service_provider.issuer, + post_logout_redirect_uri: post_logout_redirect_uri, + state: state, + } + end subject(:action) do - delete :delete, - params: { - client_id: service_provider.issuer, - post_logout_redirect_uri: post_logout_redirect_uri, - state: state, - } + delete :delete, params: end context 'user is signed in' do @@ -795,6 +863,30 @@ sp_initiated: true, oidc: true, ) + expect(@analytics).to_not have_logged_event( + :sp_integration_errors_present, + ) + end + + context 'when client_id is missing' do + before do + params.delete(:client_id) + end + it 'tracks an integration error event' do + stub_analytics + + action + + expect(@analytics).to have_logged_event( + :sp_integration_errors_present, + error_details: array_including( + 'Client client_id is missing', + ), + error_types: { client_id: true }, + event: :oidc_logout_submitted, + integration_exists: false, + ) + end end end diff --git a/spec/controllers/openid_connect/token_controller_spec.rb b/spec/controllers/openid_connect/token_controller_spec.rb index d8648d7a274..037299f9590 100644 --- a/spec/controllers/openid_connect/token_controller_spec.rb +++ b/spec/controllers/openid_connect/token_controller_spec.rb @@ -67,6 +67,8 @@ ial: 1, } ) + + expect(@analytics).to_not have_logged_event(:sp_integration_errors_present) end end @@ -99,6 +101,17 @@ ial: 1, } ) + + expect(@analytics).to have_logged_event( + :sp_integration_errors_present, + error_details: array_including( + 'Grant type is not included in the list', + ), + error_types: { grant_type: true }, + event: :oidc_token_request, + integration_exists: true, + request_issuer: client_id, + ) end end @@ -106,12 +119,16 @@ let(:code) { { nested: 'code' } } it 'is a 400 and has an error response and no id_token' do + stub_analytics + action expect(response).to be_bad_request json = JSON.parse(response.body).with_indifferent_access expect(json[:error]).to be_present expect(json).to_not have_key(:id_token) + + expect(@analytics).to_not have_logged_event(:sp_integration_errors_present) end end end diff --git a/spec/controllers/openid_connect/user_info_controller_spec.rb b/spec/controllers/openid_connect/user_info_controller_spec.rb index 296e044c907..d0eb23d054f 100644 --- a/spec/controllers/openid_connect/user_info_controller_spec.rb +++ b/spec/controllers/openid_connect/user_info_controller_spec.rb @@ -28,6 +28,16 @@ errors: hash_including(:access_token), error_details: hash_including(:access_token), ) + + expect(@analytics).to have_logged_event( + :sp_integration_errors_present, + error_details: array_including( + 'Access token No Authorization header provided', + ), + error_types: { access_token: true }, + event: :oidc_bearer_token_auth, + integration_exists: false, + ) end end @@ -52,6 +62,16 @@ errors: hash_including(:access_token), error_details: hash_including(:access_token), ) + + expect(@analytics).to have_logged_event( + :sp_integration_errors_present, + error_details: array_including( + 'Access token Malformed Authorization header', + ), + error_types: { access_token: true }, + event: :oidc_bearer_token_auth, + integration_exists: false, + ) end end @@ -75,6 +95,17 @@ errors: hash_including(:access_token), error_details: hash_including(:access_token), ) + + expect(@analytics).to have_logged_event( + :sp_integration_errors_present, + error_details: array_including( + 'Access token Could not find authorization for the contents of the provided ' \ + 'access_token or it may have expired', + ), + error_types: { access_token: true }, + event: :oidc_bearer_token_auth, + integration_exists: false, + ) end end @@ -135,6 +166,10 @@ ial: identity.ial, errors: {}, ) + + expect(@analytics).to_not have_logged_event( + :sp_integration_errors_present, + ) end it 'only changes the paths visited in session' do diff --git a/spec/controllers/saml_idp_controller_spec.rb b/spec/controllers/saml_idp_controller_spec.rb index 36cf0214a84..1e23ba2b050 100644 --- a/spec/controllers/saml_idp_controller_spec.rb +++ b/spec/controllers/saml_idp_controller_spec.rb @@ -46,6 +46,13 @@ 'Logout Initiated', hash_including(sp_initiated: true, oidc: false, saml_request_valid: false), ) + expect(@analytics).to have_logged_event( + :sp_integration_errors_present, + error_details: [:issuer_missing_or_invald, :no_auth_or_logout_request, :invalid_signature], + error_types: { saml_request_errors: true }, + event: :saml_logout_request, + integration_exists: false, + ) end let(:service_provider) do @@ -112,12 +119,35 @@ expect(response).to be_ok end - it 'rejects requests from a wrong cert' do - delete :logout, params: UriService.params( - OneLogin::RubySaml::Logoutrequest.new.create(wrong_cert_settings), - ).merge(path_year: path_year) + context 'when the cert is not registered' do + it 'rejects requests from a wrong cert' do + delete :logout, params: UriService.params( + OneLogin::RubySaml::Logoutrequest.new.create(wrong_cert_settings), + ).merge(path_year: path_year) - expect(response).to be_bad_request + expect(response).to be_bad_request + end + + it 'tracks the request' do + stub_analytics + + delete :logout, params: UriService.params( + OneLogin::RubySaml::Logoutrequest.new.create(wrong_cert_settings), + ).merge(path_year: path_year) + + expect(@analytics).to have_logged_event( + 'Logout Initiated', + hash_including(sp_initiated: true, oidc: false, saml_request_valid: false), + ) + expect(@analytics).to have_logged_event( + :sp_integration_errors_present, + error_details: [:invalid_signature], + error_types: { saml_request_errors: true }, + event: :saml_logout_request, + integration_exists: true, + request_issuer: service_provider.issuer, + ) + end end context 'cert element in SAML request is blank' do @@ -183,6 +213,13 @@ post :remotelogout, params: { SAMLRequest: 'foo', path_year: path_year } expect(@analytics).to have_logged_event('Remote Logout initiated', saml_request_valid: false) + expect(@analytics).to have_logged_event( + :sp_integration_errors_present, + error_details: [:issuer_missing_or_invald, :no_auth_or_logout_request, :invalid_signature], + error_types: { saml_request_errors: true }, + event: :saml_remote_logout_request, + integration_exists: false, + ) end let(:agency) { create(:agency) } @@ -351,12 +388,21 @@ ), ).to eq(true) + stub_analytics post :remotelogout, params: payload.to_h.merge( Signature: Base64.encode64(signature), path_year: path_year, ) expect(response).to be_bad_request + expect(@analytics).to have_logged_event( + :sp_integration_errors_present, + error_details: [:no_user_found_from_session_index], + error_types: { saml_request_errors: true }, + event: :saml_remote_logout_request, + integration_exists: true, + request_issuer: service_provider.issuer, + ) end it 'rejects requests from a correct cert but bad session index' do @@ -385,12 +431,21 @@ ), ).to eq(true) + stub_analytics post :remotelogout, params: payload.to_h.merge( Signature: Base64.encode64(signature), path_year: path_year, ) expect(response).to be_bad_request + expect(@analytics).to have_logged_event( + :sp_integration_errors_present, + error_details: [:no_user_found_from_session_index], + error_types: { saml_request_errors: true }, + event: :saml_remote_logout_request, + integration_exists: true, + request_issuer: service_provider.issuer, + ) end it 'rejects requests from a correct cert but a non-associated user' do @@ -419,20 +474,38 @@ ), ).to eq(true) + stub_analytics post :remotelogout, params: payload.to_h.merge( Signature: Base64.encode64(signature), path_year: path_year, ) expect(response).to be_bad_request + expect(@analytics).to have_logged_event( + :sp_integration_errors_present, + error_details: [:no_user_found_from_session_index], + error_types: { saml_request_errors: true }, + event: :saml_remote_logout_request, + integration_exists: true, + request_issuer: service_provider.issuer, + ) end it 'rejects requests from a wrong cert' do + stub_analytics post :remotelogout, params: UriService.params( OneLogin::RubySaml::Logoutrequest.new.create(wrong_cert_settings), ).merge(path_year: path_year) expect(response).to be_bad_request + expect(@analytics).to have_logged_event( + :sp_integration_errors_present, + error_details: [:invalid_signature], + error_types: { saml_request_errors: true }, + event: :saml_remote_logout_request, + integration_exists: true, + request_issuer: service_provider.issuer, + ) end end @@ -1012,6 +1085,14 @@ def name_id_version(format_urn) unknown_authn_contexts: unknown_value, ), ) + expect(@analytics).to have_logged_event( + :sp_integration_errors_present, + error_details: ['Unauthorized authentication context'], + error_types: { saml_request_errors: true }, + event: :saml_auth_request, + integration_exists: true, + request_issuer: saml_settings.issuer, + ) end context 'there is also a valid authn_context' do @@ -1030,6 +1111,9 @@ def name_id_version(format_urn) unknown_authn_contexts: unknown_value, ), ) + expect(@analytics).to_not have_logged_event( + :sp_integration_errors_present, + ) end context 'when it includes the ReqAttributes AuthnContext' do @@ -1276,6 +1360,14 @@ def name_id_version(format_urn) finish_profile: false, ), ) + expect(@analytics).to have_logged_event( + :sp_integration_errors_present, + error_details: ['Unauthorized Service Provider'], + error_types: { saml_request_errors: true }, + event: :saml_auth_request, + integration_exists: false, + request_issuer: 'invalid_provider', + ) end end @@ -1321,6 +1413,14 @@ def name_id_version(format_urn) finish_profile: false, ), ) + expect(@analytics).to have_logged_event( + :sp_integration_errors_present, + error_details: ['Unauthorized Service Provider', 'Unauthorized authentication context'], + error_types: { saml_request_errors: true }, + event: :saml_auth_request, + integration_exists: false, + request_issuer: 'invalid_provider', + ) end end @@ -1364,6 +1464,15 @@ def name_id_version(format_urn) error_details: { service_provider: { no_cert_registered: true } }, ), ) + + expect(@analytics).to have_logged_event( + :sp_integration_errors_present, + error_details: ['Your service provider does not have a certificate registered.'], + error_types: { saml_request_errors: true }, + event: :saml_auth_request, + integration_exists: true, + request_issuer: service_provider.issuer, + ) end context 'when service provider has block_encryption set to none' do diff --git a/spec/forms/openid_connect_authorize_form_spec.rb b/spec/forms/openid_connect_authorize_form_spec.rb index 6b015d11b91..ccdfa5f3b7f 100644 --- a/spec/forms/openid_connect_authorize_form_spec.rb +++ b/spec/forms/openid_connect_authorize_form_spec.rb @@ -54,6 +54,7 @@ code_digest: nil, code_challenge_present: false, service_provider_pkce: nil, + integration_errors: nil, ) end end @@ -79,6 +80,13 @@ code_digest: nil, code_challenge_present: false, service_provider_pkce: nil, + integration_errors: { + error_details: ['Response type is not included in the list'], + error_types: [:response_type], + event: :oidc_request_authorization, + integration_exists: true, + request_issuer: client_id, + }, ) end end diff --git a/spec/forms/openid_connect_token_form_spec.rb b/spec/forms/openid_connect_token_form_spec.rb index 9af7e585223..b039b2ac37c 100644 --- a/spec/forms/openid_connect_token_form_spec.rb +++ b/spec/forms/openid_connect_token_form_spec.rb @@ -382,11 +382,12 @@ code_verifier_present: false, service_provider_pkce: nil, ial: 1, + integration_errors: nil, ) end end - context 'with invalid params' do + context 'with invalid code' do let(:code) { nil } it 'returns FormResponse with success: false' do @@ -402,6 +403,33 @@ ) end end + + context 'with the wrong grant_type ' do + let(:grant_type) { 'wrong' } + + it 'returns FormResponse with success: false and int error' do + submission = form.submit + + expect(submission.to_h).to include( + success: false, + errors: form.errors.messages, + error_details: hash_including(:grant_type), + client_id: client_id, + user_id: user.uuid, + code_digest: Digest::SHA256.hexdigest(code), + code_verifier_present: false, + service_provider_pkce: nil, + ial: 1, + integration_errors: { + error_details: ['Grant type is not included in the list'], + error_types: [:grant_type], + event: :oidc_token_request, + integration_exists: true, + request_issuer: client_id, + }, + ) + end + end end describe '#response' do From e9465c30c1056510ea70ef6cede758b0518505f2 Mon Sep 17 00:00:00 2001 From: Mitchell Henke Date: Thu, 12 Dec 2024 08:39:36 -0600 Subject: [PATCH 03/19] Update actionpack to address security vulnerability (#11630) changelog: Internal, Maintenance, Update actionpack to address security vulnerability --- Gemfile.lock | 108 ++++++++++++++++++++++++++------------------------- 1 file changed, 55 insertions(+), 53 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 037d8d04e17..7dc21388bc9 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -80,29 +80,29 @@ GIT GEM remote: https://rubygems.org/ specs: - actioncable (7.2.1.1) - actionpack (= 7.2.1.1) - activesupport (= 7.2.1.1) + actioncable (7.2.2.1) + actionpack (= 7.2.2.1) + activesupport (= 7.2.2.1) nio4r (~> 2.0) websocket-driver (>= 0.6.1) zeitwerk (~> 2.6) - actionmailbox (7.2.1.1) - actionpack (= 7.2.1.1) - activejob (= 7.2.1.1) - activerecord (= 7.2.1.1) - activestorage (= 7.2.1.1) - activesupport (= 7.2.1.1) + actionmailbox (7.2.2.1) + actionpack (= 7.2.2.1) + activejob (= 7.2.2.1) + activerecord (= 7.2.2.1) + activestorage (= 7.2.2.1) + activesupport (= 7.2.2.1) mail (>= 2.8.0) - actionmailer (7.2.1.1) - actionpack (= 7.2.1.1) - actionview (= 7.2.1.1) - activejob (= 7.2.1.1) - activesupport (= 7.2.1.1) + actionmailer (7.2.2.1) + actionpack (= 7.2.2.1) + actionview (= 7.2.2.1) + activejob (= 7.2.2.1) + activesupport (= 7.2.2.1) mail (>= 2.8.0) rails-dom-testing (~> 2.2) - actionpack (7.2.1.1) - actionview (= 7.2.1.1) - activesupport (= 7.2.1.1) + actionpack (7.2.2.1) + actionview (= 7.2.2.1) + activesupport (= 7.2.2.1) nokogiri (>= 1.8.5) racc rack (>= 2.2.4, < 3.2) @@ -111,36 +111,37 @@ GEM rails-dom-testing (~> 2.2) rails-html-sanitizer (~> 1.6) useragent (~> 0.16) - actiontext (7.2.1.1) - actionpack (= 7.2.1.1) - activerecord (= 7.2.1.1) - activestorage (= 7.2.1.1) - activesupport (= 7.2.1.1) + actiontext (7.2.2.1) + actionpack (= 7.2.2.1) + activerecord (= 7.2.2.1) + activestorage (= 7.2.2.1) + activesupport (= 7.2.2.1) globalid (>= 0.6.0) nokogiri (>= 1.8.5) - actionview (7.2.1.1) - activesupport (= 7.2.1.1) + actionview (7.2.2.1) + activesupport (= 7.2.2.1) builder (~> 3.1) erubi (~> 1.11) rails-dom-testing (~> 2.2) rails-html-sanitizer (~> 1.6) - activejob (7.2.1.1) - activesupport (= 7.2.1.1) + activejob (7.2.2.1) + activesupport (= 7.2.2.1) globalid (>= 0.3.6) - activemodel (7.2.1.1) - activesupport (= 7.2.1.1) - activerecord (7.2.1.1) - activemodel (= 7.2.1.1) - activesupport (= 7.2.1.1) + activemodel (7.2.2.1) + activesupport (= 7.2.2.1) + activerecord (7.2.2.1) + activemodel (= 7.2.2.1) + activesupport (= 7.2.2.1) timeout (>= 0.4.0) - activestorage (7.2.1.1) - actionpack (= 7.2.1.1) - activejob (= 7.2.1.1) - activerecord (= 7.2.1.1) - activesupport (= 7.2.1.1) + activestorage (7.2.2.1) + actionpack (= 7.2.2.1) + activejob (= 7.2.2.1) + activerecord (= 7.2.2.1) + activesupport (= 7.2.2.1) marcel (~> 1.0) - activesupport (7.2.1.1) + activesupport (7.2.2.1) base64 + benchmark (>= 0.3) bigdecimal concurrent-ruby (~> 1.0, >= 1.3.1) connection_pool (>= 2.2.5) @@ -212,6 +213,7 @@ GEM base32-crockford (0.1.0) base64 (0.2.0) bcrypt (3.1.19) + benchmark (0.4.0) benchmark-ips (2.12.0) better_errors (2.10.1) erubi (>= 1.0.0) @@ -522,20 +524,20 @@ GEM rackup (2.1.0) rack (>= 3) webrick (~> 1.8) - rails (7.2.1.1) - actioncable (= 7.2.1.1) - actionmailbox (= 7.2.1.1) - actionmailer (= 7.2.1.1) - actionpack (= 7.2.1.1) - actiontext (= 7.2.1.1) - actionview (= 7.2.1.1) - activejob (= 7.2.1.1) - activemodel (= 7.2.1.1) - activerecord (= 7.2.1.1) - activestorage (= 7.2.1.1) - activesupport (= 7.2.1.1) + rails (7.2.2.1) + actioncable (= 7.2.2.1) + actionmailbox (= 7.2.2.1) + actionmailer (= 7.2.2.1) + actionpack (= 7.2.2.1) + actiontext (= 7.2.2.1) + actionview (= 7.2.2.1) + activejob (= 7.2.2.1) + activemodel (= 7.2.2.1) + activerecord (= 7.2.2.1) + activestorage (= 7.2.2.1) + activesupport (= 7.2.2.1) bundler (>= 1.15.0) - railties (= 7.2.1.1) + railties (= 7.2.2.1) rails-controller-testing (1.0.5) actionpack (>= 5.0.1.rc1) actionview (>= 5.0.1.rc1) @@ -550,9 +552,9 @@ GEM rails-i18n (7.0.6) i18n (>= 0.7, < 2) railties (>= 6.0.0, < 8) - railties (7.2.1.1) - actionpack (= 7.2.1.1) - activesupport (= 7.2.1.1) + railties (7.2.2.1) + actionpack (= 7.2.2.1) + activesupport (= 7.2.2.1) irb (~> 1.13) rackup (>= 1.0.0) rake (>= 12.2) From cdb0f6fd852f0b07b5c6b546e4ad47eacfc9ec0d Mon Sep 17 00:00:00 2001 From: "Davida (she/they)" Date: Thu, 12 Dec 2024 10:20:27 -0500 Subject: [PATCH 04/19] changelog: Internal, Linting, Fix dot position (#11631) --- app/controllers/openid_connect/logout_controller.rb | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/app/controllers/openid_connect/logout_controller.rb b/app/controllers/openid_connect/logout_controller.rb index c9ac544c72f..70cf271f512 100644 --- a/app/controllers/openid_connect/logout_controller.rb +++ b/app/controllers/openid_connect/logout_controller.rb @@ -155,9 +155,9 @@ def logout_params def track_integration_errors(result:, event:) if result.extra[:integration_errors].present? analytics.sp_integration_errors_present( - **result. - to_h[:integration_errors]. - merge(event:), + **result + .to_h[:integration_errors] + .merge(event:), ) end end From b6cacfc88c9058e6ae96b4ee6dd46781f927298a Mon Sep 17 00:00:00 2001 From: Jonathan Hooper Date: Thu, 12 Dec 2024 16:37:52 -0500 Subject: [PATCH 05/19] LG-15237 Allow the SP return URL resolver to interpolate locale values into URLs (#11620) * LG-15237 Allow the SP return URL resolver to interpolate locale values into URLs In #11591 we added a `post_idv_follow_up` URL in response to issues we were having getting users for a particular partner to return to their SP. This partner expressed concerns about have the appropriate locale for these users since they are returning to the partner without initiating a session at the partner. The original implementation for the change in #11591 included a locale param on the `post_idv_follow_up` URL. After some discussion with other engineers we identified that this pattern of hardcoding a param onto a single service providers was undesirable. This commit introduces the ability to include templateable values in these URLs and introduces the locale as one of those values. changelog: Internal, SP Configuration, Add the ability to specify a locale in a redirect URL --- app/services/sp_return_url_resolver.rb | 4 +++- spec/services/sp_return_url_resolver_spec.rb | 8 ++++++++ 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/app/services/sp_return_url_resolver.rb b/app/services/sp_return_url_resolver.rb index 0e2f2e3bfd8..ad397eb3035 100644 --- a/app/services/sp_return_url_resolver.rb +++ b/app/services/sp_return_url_resolver.rb @@ -25,7 +25,9 @@ def homepage_url end def post_idv_follow_up_url - service_provider.post_idv_follow_up_url || homepage_url + url = service_provider.post_idv_follow_up_url || homepage_url + return if url.blank? + format(url.to_s, locale: I18n.locale.to_s) end private diff --git a/spec/services/sp_return_url_resolver_spec.rb b/spec/services/sp_return_url_resolver_spec.rb index 3181cb88723..bd556eeb16d 100644 --- a/spec/services/sp_return_url_resolver_spec.rb +++ b/spec/services/sp_return_url_resolver_spec.rb @@ -170,5 +170,13 @@ it { expect(post_idv_follow_up_url).to eq(sp_post_idv_follow_up_url) } end + + context 'with a template param in the URL' do + let(:sp_post_idv_follow_up_url) { 'https://sp.gov/follow_up?locale=%{locale}' } + + it 'interpolates the appropriate value' do + expect(post_idv_follow_up_url).to eq('https://sp.gov/follow_up?locale=en') + end + end end end From 85b73e4cbf565a5303678ceb2f7e94c0af2067bf Mon Sep 17 00:00:00 2001 From: Zach Margolis Date: Thu, 12 Dec 2024 14:01:17 -0800 Subject: [PATCH 06/19] Fix documentation formatting for Analytics Events (#11640) * Fix documentation for idv_doc_auth_submitted_image_upload_vendor * Fix formatting errors in other events too - Regex used /# [^@ ]/ changelog: Internal, Documentation, Fix documentation formatting --- app/services/analytics_events.rb | 76 ++++++++++++++++---------------- 1 file changed, 38 insertions(+), 38 deletions(-) diff --git a/app/services/analytics_events.rb b/app/services/analytics_events.rb index ab4a9c3fec7..8db2741e1f5 100644 --- a/app/services/analytics_events.rb +++ b/app/services/analytics_events.rb @@ -1236,7 +1236,7 @@ def idv_consent_checkbox_toggled(checked:, **extra) # @param [String] step Current IdV step # @param [String] analytics_id Current IdV flow identifier # @param [String] acuant_sdk_upgrade_ab_test_bucket A/B test bucket for Acuant document capture - # SDK upgrades + # SDK upgrades # @param [Boolean] skip_hybrid_handoff Whether skipped hybrid handoff A/B test is active # @param [Boolean] opted_in_to_in_person_proofing User opted into in person proofing def idv_doc_auth_agreement_submitted( @@ -1268,7 +1268,7 @@ def idv_doc_auth_agreement_submitted( # @param [String] step Current IdV step # @param [String] analytics_id Current IdV flow identifier # @param [String] acuant_sdk_upgrade_ab_test_bucket A/B test bucket for Acuant document capture - # SDK upgrades + # SDK upgrades # @param [Boolean] skip_hybrid_handoff Whether skipped hybrid handoff A/B test is active # @param [Boolean] opted_in_to_in_person_proofing User opted into in person proofing def idv_doc_auth_agreement_visited( @@ -1321,7 +1321,7 @@ def idv_doc_auth_capture_complete_visited( # @param [Boolean] selfie_check_required Whether facial match check is required # @param [Boolean] opted_in_to_in_person_proofing User opted into in person proofing # @param [String] acuant_sdk_upgrade_ab_test_bucket A/B test bucket for Acuant document capture - # SDK upgrades + # SDK upgrades def idv_doc_auth_document_capture_polling_wait_visited( flow_path:, step:, @@ -1358,10 +1358,10 @@ def idv_doc_auth_document_capture_polling_wait_visited( # @param [Boolean] selfie_check_required Whether facial match check is required # @param ["hybrid","standard"] flow_path Document capture user flow # @param [Boolean] redo_document_capture Whether user is redoing document capture after barcode - # warning + # warning # @param [Boolean] skip_hybrid_handoff Whether skipped hybrid handoff A/B test is active # @param [String] acuant_sdk_upgrade_ab_test_bucket A/B test bucket for Acuant document capture - # SDK upgrades + # SDK upgrades # @param [Boolean] stored_result_present Whether a stored result was present # @param [Boolean] opted_in_to_in_person_proofing User opted into in person proofing def idv_doc_auth_document_capture_submitted( @@ -1401,12 +1401,12 @@ def idv_doc_auth_document_capture_submitted( # @param [String] step Current IdV step # @param [String] analytics_id Current IdV flow identifier # @param [Boolean] redo_document_capture Whether user is redoing document capture after barcode - # warning + # warning # @param [Boolean] liveness_checking_required Whether facial match check is required # @param [Boolean] selfie_check_required Whether facial match check is required # @param ["hybrid","standard"] flow_path Document capture user flow # @param [String] acuant_sdk_upgrade_ab_test_bucket A/B test bucket for Acuant document capture - # SDK upgrades + # SDK upgrades # @param [Boolean] skip_hybrid_handoff Whether skipped hybrid handoff A/B test is active # @param [Boolean] opted_in_to_in_person_proofing User opted into in person proofing def idv_doc_auth_document_capture_visited( @@ -1546,12 +1546,12 @@ def idv_doc_auth_how_to_verify_visited( # @param [String] step Current IdV step # @param [String] analytics_id Current IdV flow identifier # @param [Boolean] redo_document_capture Whether user is redoing document capture after barcode - # warning + # warning # @param [Boolean] selfie_check_required Whether facial match check is required # @param ["document_capture","send_link"] destination Where user is sent after submission # @param ["hybrid","standard"] flow_path Document capture user flow # @param [String] acuant_sdk_upgrade_ab_test_bucket A/B test bucket for Acuant document capture - # SDK upgrades + # SDK upgrades # @param [Boolean] skip_hybrid_handoff Whether skipped hybrid handoff A/B test is active # @param [Hash] telephony_response Response from Telephony gem # @param [Boolean] opted_in_to_in_person_proofing User opted into in person proofing @@ -1593,10 +1593,10 @@ def idv_doc_auth_hybrid_handoff_submitted( # @param [String] step Current IdV step # @param [String] analytics_id Current IdV flow identifier # @param [Boolean] redo_document_capture Whether user is redoing document capture after barcode - # warning + # warning # @param [Boolean] selfie_check_required Whether facial match check is required # @param [String] acuant_sdk_upgrade_ab_test_bucket A/B test bucket for Acuant document capture - # SDK upgrades + # SDK upgrades # @param [Boolean] skip_hybrid_handoff Whether skipped hybrid handoff A/B test is active # @param [Boolean] opted_in_to_in_person_proofing User opted into in person proofing def idv_doc_auth_hybrid_handoff_visited( @@ -1802,7 +1802,7 @@ def idv_doc_auth_ssn_visited( # @param [Hash] errors Errors resulting from form validation # @param [Hash] error_details Details for errors that occurred in unsuccessful submission # @param [Integer] submit_attempts Times that user has tried submitting (previously called - # "attempts") + # "attempts") # @param [Integer] remaining_submit_attempts (previously called "remaining_attempts") # @param [String] user_id # @param ["hybrid","standard"] flow_path Document capture user flow @@ -1811,7 +1811,7 @@ def idv_doc_auth_ssn_visited( # @param [String] back_image_fingerprint Fingerprint of back image data # @param [String] selfie_image_fingerprint Fingerprint of selfie image data # @param [String] acuant_sdk_upgrade_ab_test_bucket A/B test bucket for Acuant document capture - # SDK upgrades + # SDK upgrades # The document capture image uploaded was locally validated during the IDV process def idv_doc_auth_submitted_image_upload_form( success:, @@ -1855,7 +1855,7 @@ def idv_doc_auth_submitted_image_upload_form( # @param [String] state_id_type # @param [Boolean] async # @param [Integer] submit_attempts Times that user has tried submitting (previously called - # "attempts") + # "attempts") # @param [Integer] remaining_submit_attempts (previously called "remaining_attempts") # @param [Hash] client_image_metrics # @param ["hybrid","standard"] flow_path Document capture user flow @@ -1890,10 +1890,10 @@ def idv_doc_auth_submitted_image_upload_form( # @param [String] birth_year Birth year from document # @param [Integer] issue_year Year document was issued # @param [Hash] failed_image_fingerprints Hash of document field with an array of failed image - # fingerprints for that field. + # fingerprints for that field. # @param [Integer] selfie_attempts number of selfie attempts the user currently has processed # @param [String] acuant_sdk_upgrade_ab_test_bucket A/B test bucket for Acuant document capture - # SDK upgrades + # SDK upgrades # @option extra [String] 'DocumentName' # @option extra [String] 'DocAuthResult' # @option extra [String] 'DocIssuerCode' @@ -4215,7 +4215,7 @@ def idv_phone_confirmation_otp_visit( # @param [Hash] vendor Vendor response payload # @param [Boolean] new_phone_added Whether phone number was added to account in submission # @param [Boolean] hybrid_handoff_phone_used Whether phone is the same as what was used for hybrid - # document capture + # document capture # @param [String] area_code Area code of phone number # @param [String] country_code Abbreviated 2-letter country code associated with phone number # @param [String] phone_fingerprint HMAC fingerprint of the phone number formatted as E.164 @@ -4864,7 +4864,7 @@ def idv_socure_shadow_mode_proofing_result_missing(**extra) # @param [String] state_id_type type of state issued ID # @param [Boolean] async whether or not this worker is running asynchronously # @param [Integer] submit_attempts Times that user has tried submitting (previously called - # "attempts") + # "attempts") # @param [Integer] remaining_submit_attempts (previously called "remaining_attempts") # @param ["hybrid","standard"] flow_path Document capture user flow # @param [Float] vendor_request_time_in_ms Time it took to upload images & get a response. @@ -5471,8 +5471,8 @@ def multi_factor_auth_enter_totp_visit(context:, **extra) # @param ["authentication", "reauthentication", "confirmation"] context User session context # @param ["webauthn","webauthn_platform"] multi_factor_auth_method which webauthn method was used, - # webauthn means a roaming authenticator like a yubikey, webauthn_platform means a platform - # authenticator like face or touch ID + # webauthn means a roaming authenticator like a yubikey, webauthn_platform means a platform + # authenticator like face or touch ID # @param [Integer, nil] webauthn_configuration_id webauthn database ID # @param [String] multi_factor_auth_method_created_at When the authentication method was created # User visited the page to authenticate with webauthn (yubikey, face ID or touch ID) @@ -5596,7 +5596,7 @@ def multi_factor_auth_phone_setup( # @param [Integer] attempts number of MFA setup attempts # @param [String, nil] aaguid AAGUID value of WebAuthn device # @param [String[], nil] unknown_transports Array of unrecognized WebAuthn transports, intended to - # be used in case of future specification changes. + # be used in case of future specification changes. # @param [:authentication, :account_creation, nil] webauthn_platform_recommended A/B test for # recommended Face or Touch Unlock setup, if applicable. def multi_factor_auth_setup( @@ -5979,7 +5979,7 @@ def otp_phone_validation_failed(error:, message:, context:, country:, **extra) # @param [Boolean] active_profile_present Whether active profile existed at time of change # @param [Boolean] pending_profile_present Whether pending profile existed at time of change # @param [Boolean] required_password_change Whether password change was forced due to compromised - # password + # password # The user updated their password def password_changed( success:, @@ -6035,9 +6035,9 @@ def password_max_attempts # @param [Boolean] success Whether form validation was successful # @param [Hash] errors Errors resulting from form validation # @param [Boolean, nil] confirmed if the account the reset is being requested for has a - # confirmed email + # confirmed email # @param [Boolean, nil] active_profile if the account the reset is being requested for has an - # active proofed profile + # active proofed profile # @param [Hash] error_details Details for errors that occurred in unsuccessful submission # The user entered an email address to request a password reset def password_reset_email( @@ -6062,11 +6062,11 @@ def password_reset_email( # @param [Boolean] success Whether form validation was successful # @param [Hash] errors Errors resulting from form validation # @param [Boolean] profile_deactivated if the active profile for the account was deactivated - # (the user will need to use their personal key to reactivate their profile) + # (the user will need to use their personal key to reactivate their profile) # @param [Boolean] pending_profile_invalidated Whether a pending profile was invalidated as a - # result of the password reset + # result of the password reset # @param [String] pending_profile_pending_reasons Comma-separated list of the pending states - # associated with the associated profile. + # associated with the associated profile. # @param [Hash] error_details Details for errors that occurred in unsuccessful submission # The user changed the password for their account via the password reset flow def password_reset_password( @@ -6126,7 +6126,7 @@ def pending_account_reset_visited # @param [Hash] error_details Details for errors that occurred in unsuccessful submission # @param [Integer] emails Number of email addresses the notification was sent to # @param [Array] sms_message_ids AWS Pinpoint SMS message IDs for each phone number that - # was notified + # was notified # Alert user if a personal key was used to sign in def personal_key_alert_about_sign_in( success:, @@ -6386,7 +6386,7 @@ def profile_personal_key_create # @param [Hash] error_details Details for errors that occurred in unsuccessful submission # @param [Integer] emails Number of email addresses the notification was sent to # @param [Array] sms_message_ids AWS Pinpoint SMS message IDs for each phone number that - # was notified + # was notified # User has chosen to receive a new personal key, contains stats about notifications that # were sent to phone numbers and email addresses for the user def profile_personal_key_create_notifications( @@ -6680,14 +6680,14 @@ def rules_of_use_visit # @param [Boolean] finish_profile # @param [String] requested_ial # @param [Boolean] request_signed - # @param [String] matching_cert_serial - # matches the request certificate in a successful, signed request + # @param [String] matching_cert_serial matches the request certificate in a successful, signed + # request # @param [Boolean] certs_different Whether the matching cert changes when SHA256 validations - # are turned on in the saml_idp gem + # are turned on in the saml_idp gem # @param [Hash] cert_error_details Details for errors that occurred because of an invalid - # signature + # signature # @param [String] sha256_matching_cert serial of the cert that matches when sha256 validations - # are turned on + # are turned on # @param [String] unknown_authn_contexts space separated list of unknown contexts def saml_auth( success:, @@ -6994,7 +6994,7 @@ def sp_revoke_consent_visited(issuer:, **extra) # @param [Hash] error_details Details for errors that occurred in unsuccessful submission # @param [Integer] selected_email_id Selected email address record ID # @param [String, nil] needs_completion_screen_reason Reason for the consent screen being shown, - # if user is changing email in consent flow + # if user is changing email in consent flow def sp_select_email_submitted( success:, selected_email_id:, @@ -7014,7 +7014,7 @@ def sp_select_email_submitted( # User visited form to change email shared with service provider # @param [String, nil] needs_completion_screen_reason Reason for the consent screen being shown, - # if user is changing email in consent flow + # if user is changing email in consent flow def sp_select_email_visited(needs_completion_screen_reason: nil, **extra) track_event(:sp_select_email_visited, needs_completion_screen_reason:, **extra) end @@ -7174,7 +7174,7 @@ def user_registration_2fa_setup_visit( # @param [String] service_provider_name The friendly name of the service provider # @param ['account-page','agency-page'] page_occurence Where the user concluded registration # @param ['new_sp','new_attributes','reverified_after_consent'] needs_completion_screen_reason The - # reason for the consent screen being shown + # reason for the consent screen being shown # @param [Boolean] in_account_creation_flow Whether user is going through account creation # @param [Array] sp_session_requested_attributes Attributes requested by the service provider # @param [String, nil] in_person_proofing_status In person proofing status @@ -7222,7 +7222,7 @@ def user_registration_cancellation(request_came_from:, **extra) # @param [String] service_provider_name The friendly name of the service provider # @param ['account-page','agency-page'] page_occurence Where the user concluded registration # @param ['new_sp','new_attributes','reverified_after_consent'] needs_completion_screen_reason The - # reason for the consent screen being shown + # reason for the consent screen being shown # @param [Array] sp_session_requested_attributes Attributes requested by the service provider # @param [Boolean] in_account_creation_flow Whether user is going through account creation flow # @param [String, nil] disposable_email_domain Disposable email domain used for registration From 7ad5a8f27267302a3a25fafbba7f32facc86eef4 Mon Sep 17 00:00:00 2001 From: Mitchell Henke Date: Fri, 13 Dec 2024 08:18:09 -0600 Subject: [PATCH 07/19] Add support for two OpenID Connect key-pairs (#11626) * rename to primary * placeholder * allow decoding id_token_hint with either OIDC key * remove extraneous class creation * support two keys changelog: Internal, OpenID Connect, Support two OIDC key-pairs --------- Co-authored-by: Zach Margolis --- app/forms/openid_connect_logout_form.rb | 27 ++++++---- .../openid_connect_certs_presenter.rb | 20 +++---- app/services/id_token_builder.rb | 4 +- app/services/push_notification/http_push.rb | 4 +- .../local/oidc_secondary.key | 30 +++++++++++ .../local/oidc_secondary.pub | 9 ++++ config/initializers/app_artifacts.rb | 52 ++++++++++++++++--- lib/app_artifacts.rb | 7 +-- spec/forms/openid_connect_logout_form_spec.rb | 18 ++++++- spec/forms/openid_connect_token_form_spec.rb | 2 +- spec/forms/security_event_form_spec.rb | 2 +- spec/lib/app_artifacts_spec.rb | 14 +++++ .../openid_connect_certs_presenter_spec.rb | 16 ++++-- spec/services/id_token_builder_spec.rb | 6 ++- .../push_notification/http_push_spec.rb | 10 ++-- .../features/push_notifications_helper.rb | 2 +- spec/support/oidc_auth_helper.rb | 2 +- spec/support/private_key_file_helper.rb | 4 +- 18 files changed, 175 insertions(+), 54 deletions(-) create mode 100644 config/artifacts.example/local/oidc_secondary.key create mode 100644 config/artifacts.example/local/oidc_secondary.pub diff --git a/app/forms/openid_connect_logout_form.rb b/app/forms/openid_connect_logout_form.rb index 68ebffdc411..34c7c3391c2 100644 --- a/app/forms/openid_connect_logout_form.rb +++ b/app/forms/openid_connect_logout_form.rb @@ -86,22 +86,29 @@ def load_identity if reject_id_token_hint? identity_from_client_id else + identity_from_token_hint(id_token_hint) || identity_from_client_id + end + end + + def identity_from_token_hint(id_token_hint) + return nil if id_token_hint.blank? + payload, _headers = nil + + Rails.application.config.oidc_public_key_queue.compact.find do |key| payload, _headers = JWT.decode( - id_token_hint, AppArtifacts.store.oidc_public_key, true, + id_token_hint, key, true, algorithm: 'RS256', leeway: Float::INFINITY ).map(&:with_indifferent_access) - - identity_from_payload(payload) || identity_from_client_id + rescue JWT::DecodeError + next end - rescue JWT::DecodeError - nil - end - def identity_from_payload(payload) - uuid = payload[:sub] - sp = payload[:aud] - AgencyIdentityLinker.sp_identity_from_uuid_and_sp(uuid, sp) + if payload + uuid = payload[:sub] + sp = payload[:aud] + AgencyIdentityLinker.sp_identity_from_uuid_and_sp(uuid, sp) + end end def id_token_hint_or_client_id_present diff --git a/app/presenters/openid_connect_certs_presenter.rb b/app/presenters/openid_connect_certs_presenter.rb index 245bbcbffb9..c90ec2fbc55 100644 --- a/app/presenters/openid_connect_certs_presenter.rb +++ b/app/presenters/openid_connect_certs_presenter.rb @@ -1,20 +1,16 @@ # frozen_string_literal: true class OpenidConnectCertsPresenter + KEYS = Rails.application.config.oidc_public_key_queue.map do |key| + { + alg: 'RS256', + use: 'sig', + }.merge(JWT::JWK.new(key).export) + end.freeze + def certs { - keys: keys, + keys: KEYS, } end - - private - - def keys - [AppArtifacts.store.oidc_public_key].map do |key| - { - alg: 'RS256', - use: 'sig', - }.merge(JWT::JWK.new(key).export) - end - end end diff --git a/app/services/id_token_builder.rb b/app/services/id_token_builder.rb index 4ce7f9c926e..0df1aef172c 100644 --- a/app/services/id_token_builder.rb +++ b/app/services/id_token_builder.rb @@ -16,9 +16,9 @@ def initialize(identity:, code:, custom_expiration: nil, now: Time.zone.now) def id_token JWT.encode( jwt_payload, - AppArtifacts.store.oidc_private_key, + AppArtifacts.store.oidc_primary_private_key, 'RS256', - kid: JWT::JWK.new(AppArtifacts.store.oidc_private_key).kid, + kid: JWT::JWK.new(AppArtifacts.store.oidc_primary_private_key).kid, ) end diff --git a/app/services/push_notification/http_push.rb b/app/services/push_notification/http_push.rb index a4a51e8ae99..48f24872c8f 100644 --- a/app/services/push_notification/http_push.rb +++ b/app/services/push_notification/http_push.rb @@ -62,10 +62,10 @@ def jwt(service_provider) JWT.encode( payload, - AppArtifacts.store.oidc_private_key, + AppArtifacts.store.oidc_primary_private_key, 'RS256', typ: 'secevent+jwt', - kid: JWT::JWK.new(AppArtifacts.store.oidc_private_key).kid, + kid: JWT::JWK.new(AppArtifacts.store.oidc_primary_private_key).kid, ) end diff --git a/config/artifacts.example/local/oidc_secondary.key b/config/artifacts.example/local/oidc_secondary.key new file mode 100644 index 00000000000..518378f7ca4 --- /dev/null +++ b/config/artifacts.example/local/oidc_secondary.key @@ -0,0 +1,30 @@ +This is a public example key used for testing and local development. +Even though it appears to be a private key, it is not secret and is intended to be public. + +-----BEGIN RSA PRIVATE KEY----- +MIIEpQIBAAKCAQEA1a4Vx1KKS9ByDlNgX+Z7hiojyA9U5f8iu4wNesiOdtWmHG9O +d7QsIpPV2A/yf7Y0X2nEWAABdHtAmrvmmJbP1aofmhaxAmYQXYJSloACZFA5qVdT +cV2jKA3+ZCCgZDj6bXWhERFQRIBbKIc7VWtxM/M5lhpnTEsy55XIN0iXoq1cM539 +GtKp5XfGTQ1Pv9ovCJ1//WH1vBnhXwd62kExk+Snp/9X+eLBoguQcNofphQOsLIu +b7t9YuqI9xbQZDCfy280R3jV6K9g/ZlIoKfE18q9MI5n4U7L8W0/DopImyYCJltM +zcJtcvSUVCapOK+bnwnnaDvke67lA1kyReZnmwIDAQABAoIBAQC1xR9VrctjbvB3 +a0nCishtew9xMkmgVYdwT1VwK4e1Y02pRq5TeftJdsUkxXweVBr9R3X0/hw+wFJW +zpz9FN27/rpfVApD5hrp0OD8kex29R/4BAdBmsweWLkc5/xJBYdS8guP/1Bu1Vm2 +gkNhCMMF1FQacl+JMTcedfYZwTDs+kjX4i5ccY9xXdHQSYikCSZOcrcqD5949FZd +3SjIMrYaY8Mf6WFsWXMzsXNef7eVoeK7MLPbe9+jsdyrswk/3qMrUSmYG+hVSkCp +lO0S3ZD+INbOHQe0x3v88rNMJVe6VrwFMauDDXs3s7TVelqDjsyA8uAKCUR+amVj +9/6e7d4RAoGBAP8RZlOVTkfKxgZPjoYEOVq9kMRCbF+4S/6ZGflpNBEQAPyegooh +5GP7k/QzqA+D9wHIl7ATslW3i3CNOnhIX77TuRanErtQ6KMSKoX4I+FBJyZWpFml +FF9t5xkRrUHLk3dP925y/ZguuQHWOsO4jZOn0lSYGYSCYTwoR+X4jX7PAoGBANZ1 ++DECFAA6R+/0/neHuzHOFukrIJicekBm0mkIq333DjXAZBDZsqNG6lbfpNCe5Z/J +zv0BCL7m50ypmRh6jp8lqndm8A/ONy4XkB9QrYd+ftTIZGm3bvFdjgbqNUGplfwQ +yFF/mcvY/2y48M9Uwr+SDPJZNzhGAxQQ/3zjwh11AoGAXziNrNJmYOLQPnbgzCMz +ji6KptntP2a76BYb3kJqD5yb4bMDJLI2YyT+PQIz0WcAhYfvKOqRfvKAecofc9wA +8mp0BILmuUshLg+QFGdobaU3Clb6EAVSr7WFupQgzBlFuhr+UhtXlMKMiqUBVyPE +psTV/oKxtAhAaIbZIH9Dw30CgYEAwgMG/I78uRgAbDwe2NOZrXzbjSTO4EDu98QN +JagKPHJ8EHR0EipfSQamiODZoUGeSeevsYJ1/v200c28CkEVNTRF+q7NDf9oO/Jl +F29NDP6KjsSa0mh3nTMdgXPvqe9ZGCe2kMP2xksRB7JnZ6kuZVAjFjtPkUEFF+oo +tzr0KOECgYEA7jLXEmtJZtdaHRzgEb2DxwNiHzfUg7mrBn3tbfB5V3yDdRtMzXRk +ASMMc7n+wh553Ms9A8X/75yX/Lt2+viA0q8L/ideZl7b1Of5I4E4c92WGQ0P6x6E +9JV6vfZzsKjmOBux52vvxjCUHLaBEL6y8e4mteMgvQJbY8aimU19dgU= +-----END RSA PRIVATE KEY----- diff --git a/config/artifacts.example/local/oidc_secondary.pub b/config/artifacts.example/local/oidc_secondary.pub new file mode 100644 index 00000000000..f950dab5d4b --- /dev/null +++ b/config/artifacts.example/local/oidc_secondary.pub @@ -0,0 +1,9 @@ +-----BEGIN PUBLIC KEY----- +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1a4Vx1KKS9ByDlNgX+Z7 +hiojyA9U5f8iu4wNesiOdtWmHG9Od7QsIpPV2A/yf7Y0X2nEWAABdHtAmrvmmJbP +1aofmhaxAmYQXYJSloACZFA5qVdTcV2jKA3+ZCCgZDj6bXWhERFQRIBbKIc7VWtx +M/M5lhpnTEsy55XIN0iXoq1cM539GtKp5XfGTQ1Pv9ovCJ1//WH1vBnhXwd62kEx +k+Snp/9X+eLBoguQcNofphQOsLIub7t9YuqI9xbQZDCfy280R3jV6K9g/ZlIoKfE +18q9MI5n4U7L8W0/DopImyYCJltMzcJtcvSUVCapOK+bnwnnaDvke67lA1kyReZn +mwIDAQAB +-----END PUBLIC KEY----- diff --git a/config/initializers/app_artifacts.rb b/config/initializers/app_artifacts.rb index 2f82b258b3a..0f7fe61374a 100644 --- a/config/initializers/app_artifacts.rb +++ b/config/initializers/app_artifacts.rb @@ -10,12 +10,52 @@ store.add_artifact(:saml_2024_cert, '/%s/saml2024.crt') store.add_artifact(:saml_2024_key, '/%s/saml2024.key.enc') - store.add_artifact(:oidc_private_key, '/%s/oidc.key') { |k| OpenSSL::PKey::RSA.new(k) } - store.add_artifact(:oidc_public_key, '/%s/oidc.pub') { |k| OpenSSL::PKey::RSA.new(k) } + store.add_artifact(:oidc_primary_private_key, '/%s/oidc.key') do |k| + OpenSSL::PKey::RSA.new(k) + end + store.add_artifact(:oidc_primary_public_key, '/%s/oidc.pub') do |k| + OpenSSL::PKey::RSA.new(k) + end + store.add_artifact( + :oidc_secondary_private_key, '/%s/oidc_secondary.key', + allow_missing: true + ) do |k| + OpenSSL::PKey::RSA.new(k) + end + store.add_artifact( + :oidc_secondary_public_key, '/%s/oidc_secondary.pub', + allow_missing: true + ) do |k| + OpenSSL::PKey::RSA.new(k) + end end -valid = OpenidConnectKeyValidation.valid?( - public_key: AppArtifacts.store.oidc_public_key, - private_key: AppArtifacts.store.oidc_private_key, +primary_valid = OpenidConnectKeyValidation.valid?( + public_key: AppArtifacts.store.oidc_primary_public_key, + private_key: AppArtifacts.store.oidc_primary_private_key, ) -raise 'OIDC Public/Private Keys do not match' if !valid +raise 'OIDC Primary Public/Private Keys do not match' if !primary_valid + +secondary_valid = + (AppArtifacts.store.oidc_secondary_private_key.nil? && + AppArtifacts.store.oidc_secondary_public_key.nil?) || + OpenidConnectKeyValidation.valid?( + public_key: AppArtifacts.store.oidc_secondary_public_key, + private_key: AppArtifacts.store.oidc_secondary_private_key, + ) +raise 'OIDC Secondary Public/Private Keys are invalid' if !secondary_valid + +Rails.application.configure do + config.oidc_public_key = AppArtifacts.store.oidc_primary_public_key + config.oidc_private_key = AppArtifacts.store.oidc_primary_private_key + + config.oidc_public_key_queue = [ + AppArtifacts.store.oidc_primary_public_key, + AppArtifacts.store.oidc_secondary_public_key, + ].compact.freeze + + config.oidc_private_key_queue = [ + AppArtifacts.store.oidc_primary_private_key, + AppArtifacts.store.oidc_secondary_private_key, + ].compact.freeze +end diff --git a/lib/app_artifacts.rb b/lib/app_artifacts.rb index 31f2ebb82c7..379f7af6b8f 100644 --- a/lib/app_artifacts.rb +++ b/lib/app_artifacts.rb @@ -27,10 +27,11 @@ def build # @param [Symbol] name # @param [String] path - def add_artifact(name, path) + # @param [Boolean] allow_missing + def add_artifact(name, path, allow_missing: false) value = read_artifact(path) - raise MissingArtifactError.new("missing artifact: #{path}") if value.nil? - value = yield(value) if block_given? + raise MissingArtifactError.new("missing artifact: #{path}") if value.nil? && !allow_missing + value = yield(value) if block_given? && value @artifacts[name] = value nil end diff --git a/spec/forms/openid_connect_logout_form_spec.rb b/spec/forms/openid_connect_logout_form_spec.rb index 60a635f5196..78e3af831a8 100644 --- a/spec/forms/openid_connect_logout_form_spec.rb +++ b/spec/forms/openid_connect_logout_form_spec.rb @@ -149,9 +149,25 @@ end end + context 'with a valid payload that was signed with the secondary OIDC key' do + let(:id_token_hint) do + JWT.encode( + { sub: identity.uuid, aud: identity.service_provider }, + AppArtifacts.store.oidc_secondary_private_key, 'RS256' + ) + end + + it 'is valid' do + expect(valid?).to eq(true) + end + end + context 'with a payload that does not correspond to an identity' do let(:id_token_hint) do - JWT.encode({ sub: '123', aud: '456' }, AppArtifacts.store.oidc_private_key, 'RS256') + JWT.encode( + { sub: '123', aud: '456' }, + AppArtifacts.store.oidc_primary_private_key, 'RS256' + ) end it 'is not valid' do diff --git a/spec/forms/openid_connect_token_form_spec.rb b/spec/forms/openid_connect_token_form_spec.rb index b039b2ac37c..b79c08aedbf 100644 --- a/spec/forms/openid_connect_token_form_spec.rb +++ b/spec/forms/openid_connect_token_form_spec.rb @@ -46,7 +46,7 @@ let(:client_private_key) do OpenSSL::PKey::RSA.new(Rails.root.join('keys', 'saml_test_sp.key').read) end - let(:server_public_key) { AppArtifacts.store.oidc_public_key } + let(:server_public_key) { Rails.application.config.oidc_public_key } let(:user) { create(:user) } diff --git a/spec/forms/security_event_form_spec.rb b/spec/forms/security_event_form_spec.rb index 19241a31a5f..b4f96a5a7b3 100644 --- a/spec/forms/security_event_form_spec.rb +++ b/spec/forms/security_event_form_spec.rb @@ -211,7 +211,7 @@ context 'when signed with a different key than registered to the SP' do let(:rp_private_key) do - OpenSSL::PKey::RSA.new(AppArtifacts.store.oidc_private_key) + AppArtifacts.store.oidc_primary_private_key end it 'is invalid' do diff --git a/spec/lib/app_artifacts_spec.rb b/spec/lib/app_artifacts_spec.rb index 55f305c487f..752bbe389f4 100644 --- a/spec/lib/app_artifacts_spec.rb +++ b/spec/lib/app_artifacts_spec.rb @@ -38,6 +38,20 @@ AppArtifacts::MissingArtifactError, 'missing artifact: /%s/test_artifact' ) end + + context 'with allow_missing: true' do + it 'does not raise an error if an artifact is missing' do + expect(secrets_s3).to receive(:read_file).with( + '/%s/test_artifact', + ).and_return(nil) + + store = instance.build do |store| + store.add_artifact(:test_artifact, '/%s/test_artifact', allow_missing: true) + end + + expect(store.test_artifact).to eq nil + end + end end context 'when running locally' do diff --git a/spec/presenters/openid_connect_certs_presenter_spec.rb b/spec/presenters/openid_connect_certs_presenter_spec.rb index 7babb6a127e..da2bc11c601 100644 --- a/spec/presenters/openid_connect_certs_presenter_spec.rb +++ b/spec/presenters/openid_connect_certs_presenter_spec.rb @@ -4,17 +4,23 @@ subject(:presenter) { OpenidConnectCertsPresenter.new } describe '#certs' do - it 'renders the server public key as a JWK set' do + it 'renders the server public keys as a JWK set' do json = presenter.certs - expect(json[:keys].size).to eq(1) + expect(json[:keys].size).to eq(2) expect(json[:keys].all? { |k| k[:alg] == 'RS256' }).to eq(true) expect(json[:keys].all? { |k| k[:use] == 'sig' }).to eq(true) - key_from_response = JWT::JWK.import(json[:keys].first).public_key - public_key = AppArtifacts.store.oidc_public_key + # Primary key should be first + primary_key_from_response, secondary_key_from_response = json[:keys].map do |key| + JWT::JWK.import(key).public_key + end - expect(key_from_response.to_pem).to eq(public_key.to_pem) + primary_public_key = Rails.application.config.oidc_public_key + expect(primary_key_from_response.to_pem).to eq(primary_public_key.to_pem) + + secondary_public_key = Rails.application.config.oidc_public_key_queue.last + expect(secondary_key_from_response.to_pem).to eq(secondary_public_key.to_pem) end end end diff --git a/spec/services/id_token_builder_spec.rb b/spec/services/id_token_builder_spec.rb index 23c666383bf..e70f247e656 100644 --- a/spec/services/id_token_builder_spec.rb +++ b/spec/services/id_token_builder_spec.rb @@ -37,7 +37,7 @@ let(:decoded_id_token) do JWT.decode( id_token, - AppArtifacts.store.oidc_public_key, + Rails.application.config.oidc_public_key, true, algorithm: 'RS256', ).map(&:with_indifferent_access) @@ -224,7 +224,9 @@ end it 'sets the kid for the signing key in the JWT headers' do - expect(decoded_headers[:kid]).to eq(JWT::JWK.new(AppArtifacts.store.oidc_private_key).kid) + expect(decoded_headers[:kid]).to eq( + JWT::JWK.new(AppArtifacts.store.oidc_primary_private_key).kid, + ) end end end diff --git a/spec/services/push_notification/http_push_spec.rb b/spec/services/push_notification/http_push_spec.rb index 8288fa9287b..b6b0288a695 100644 --- a/spec/services/push_notification/http_push_spec.rb +++ b/spec/services/push_notification/http_push_spec.rb @@ -48,14 +48,14 @@ jwt_payload, headers = JWT.decode( args[:jwt], - AppArtifacts.store.oidc_public_key, + Rails.application.config.oidc_public_key, true, algorithm: 'RS256', - kid: JWT::JWK.new(AppArtifacts.store.oidc_private_key).kid, + kid: JWT::JWK.new(AppArtifacts.store.oidc_primary_private_key).kid, ) expect(headers['typ']).to eq('secevent+jwt') - expect(headers['kid']).to eq(JWT::JWK.new(AppArtifacts.store.oidc_private_key).kid) + expect(headers['kid']).to eq(JWT::JWK.new(AppArtifacts.store.oidc_primary_private_key).kid) expect(jwt_payload['iss']).to eq(root_url) expect(jwt_payload['iat']).to eq(now.to_i) @@ -82,10 +82,10 @@ expect { deliver }.to have_enqueued_job(RiscDeliveryJob).with { |args| jwt_payload, _headers = JWT.decode( args[:jwt], - AppArtifacts.store.oidc_public_key, + Rails.application.config.oidc_public_key, true, algorithm: 'RS256', - kid: JWT::JWK.new(AppArtifacts.store.oidc_private_key).kid, + kid: JWT::JWK.new(AppArtifacts.store.oidc_primary_private_key).kid, ) expect(jwt_payload['events'][event.event_type]['subject']['sub']).to eq(agency_uuid) } diff --git a/spec/support/features/push_notifications_helper.rb b/spec/support/features/push_notifications_helper.rb index f4fc3ede131..b6dfd1c9330 100644 --- a/spec/support/features/push_notifications_helper.rb +++ b/spec/support/features/push_notifications_helper.rb @@ -3,7 +3,7 @@ def stub_push_notification_request(sp_push_notification_endpoint:, event_type:, stub_request(:post, sp_push_notification_endpoint).with do |request| parsed_jwt, _jwt_headers = JWT.decode( request.body, - AppArtifacts.store.oidc_public_key, + Rails.application.config.oidc_public_key, true, algorithm: 'RS256', ) diff --git a/spec/support/oidc_auth_helper.rb b/spec/support/oidc_auth_helper.rb index acfcfb75f79..347d53b0135 100644 --- a/spec/support/oidc_auth_helper.rb +++ b/spec/support/oidc_auth_helper.rb @@ -207,7 +207,7 @@ def oidc_decoded_token def oidc_decoded_id_token @oidc_decoded_id_token ||= JWT.decode( oidc_decoded_token[:id_token], - AppArtifacts.store.oidc_public_key, + Rails.application.config.oidc_public_key, true, algorithm: 'RS256', ).first.with_indifferent_access diff --git a/spec/support/private_key_file_helper.rb b/spec/support/private_key_file_helper.rb index 3d9d99e2f4e..b623efaaae4 100644 --- a/spec/support/private_key_file_helper.rb +++ b/spec/support/private_key_file_helper.rb @@ -1,5 +1,5 @@ module PrivateKeyFileHelper - # Returns the private key in AppArtifacts.store.oidc_private_key if + # Returns the private key in AppArtifacts.store.oidc_primary_private_key if # Identity::Hostdata.in_datacenter? or if the private key file does # not exist; otherwise, the private key from the file is returned. def private_key_from_store_or(file_name:) @@ -12,7 +12,7 @@ def private_key_from_store_or(file_name:) if File.exist?(file_name) OpenSSL::PKey::RSA.new(File.read(file_name)) else - return AppArtifacts.store.oidc_private_key + return AppArtifacts.store.oidc_primary_private_key end end From bf52ee7952b6ee830dd560bd5cb536665d05ff49 Mon Sep 17 00:00:00 2001 From: Stephen Shelton Date: Fri, 13 Dec 2024 13:45:41 -0500 Subject: [PATCH 08/19] changelog: Internal, CI, Update image source from dockerhub to AWS Public ECR (#11641) --- dockerfiles/idp_deploy.Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/dockerfiles/idp_deploy.Dockerfile b/dockerfiles/idp_deploy.Dockerfile index 9b525d3433c..0c8f56db320 100644 --- a/dockerfiles/idp_deploy.Dockerfile +++ b/dockerfiles/idp_deploy.Dockerfile @@ -6,7 +6,7 @@ # avoid having build-essential and the large-files token be in the # main image. ######################################################################### -FROM ruby:3.3.4-slim as builder +FROM public.ecr.aws/docker/library/ruby:3.3.4-slim as builder # Set environment variables ENV RAILS_ROOT /app @@ -140,7 +140,7 @@ RUN openssl req -x509 -sha256 -nodes -newkey rsa:2048 -days 1825 \ ######################################################################### # This is the main image. ######################################################################### -FROM ruby:3.3.4-slim as main +FROM public.ecr.aws/docker/library/ruby:3.3.4-slim as main # Set environment variables ENV RAILS_ROOT /app From 6d01689715633f74325059a6b20e1b4ac17f72cb Mon Sep 17 00:00:00 2001 From: Gina <125507397+gina-yamada@users.noreply.github.com> Date: Fri, 13 Dec 2024 13:20:24 -0700 Subject: [PATCH 09/19] Document all of the remaining analytic events (IPP) (#11634) * Remove allowed_extra_analytics changelog: Internal, Analytics, Document analytics events * Document analytics attributes * document analytic attr * Remove allowed_extra_analytics for recaptcha * update param documentation * document analytic attri for reCAPTCHA * restore original recaptcha args * delete allowed_extra_analytics in recaptcha spec * use allowed_extra_analytics to test extra props --------- Co-authored-by: Andrew Duthie --- app/services/analytics_events.rb | 265 ++++++++++++++---- ...get_proofing_results_job_scenarios_spec.rb | 2 +- ...et_usps_ready_proofing_results_job_spec.rb | 2 +- ..._usps_waiting_proofing_results_job_spec.rb | 2 +- 4 files changed, 221 insertions(+), 50 deletions(-) diff --git a/app/services/analytics_events.rb b/app/services/analytics_events.rb index 8db2741e1f5..6cdd25ce73f 100644 --- a/app/services/analytics_events.rb +++ b/app/services/analytics_events.rb @@ -3310,6 +3310,11 @@ def idv_in_person_usps_proofing_enrollment_code_email_received( # @param [Integer] enrollments_failed number of enrollments which failed identity proofing # @param [Integer] enrollments_in_progress number of enrollments which did not have any change # @param [Integer] enrollments_passed number of enrollments which passed identity proofing + # @param [Integer] enrollments_network_error + # @param [Integer] enrollments_cancelled + # @param [Float] percent_enrollments_errored + # @param [Float] percent_enrollments_network_error + # @param [String] job_name def idv_in_person_usps_proofing_results_job_completed( duration_seconds:, enrollments_checked:, @@ -3318,17 +3323,27 @@ def idv_in_person_usps_proofing_results_job_completed( enrollments_failed:, enrollments_in_progress:, enrollments_passed:, + enrollments_network_error:, + enrollments_cancelled:, + percent_enrollments_errored:, + percent_enrollments_network_error:, + job_name:, **extra ) track_event( 'GetUspsProofingResultsJob: Job completed', - duration_seconds: duration_seconds, - enrollments_checked: enrollments_checked, - enrollments_errored: enrollments_errored, - enrollments_expired: enrollments_expired, - enrollments_failed: enrollments_failed, - enrollments_in_progress: enrollments_in_progress, - enrollments_passed: enrollments_passed, + duration_seconds:, + enrollments_checked:, + enrollments_errored:, + enrollments_expired:, + enrollments_failed:, + enrollments_in_progress:, + enrollments_passed:, + enrollments_network_error:, + enrollments_cancelled:, + percent_enrollments_errored:, + percent_enrollments_network_error:, + job_name:, **extra, ) end @@ -3353,27 +3368,57 @@ def idv_in_person_usps_proofing_results_job_deadline_passed_email_exception( end # Tracks deadline email initiated during GetUspsProofingResultsJob + # @param [String] enrollment_code # @param [String] enrollment_id + # @param [Time] timestamp + # @param [String] service_provider + # @param [Integer] wait_until + # @param [String] job_name def idv_in_person_usps_proofing_results_job_deadline_passed_email_initiated( + enrollment_code:, enrollment_id:, + timestamp:, + service_provider:, + wait_until:, + job_name:, **extra ) track_event( 'GetUspsProofingResultsJob: deadline passed email initiated', - enrollment_id: enrollment_id, + enrollment_code:, + enrollment_id:, + timestamp:, + service_provider:, + wait_until:, + job_name:, **extra, ) end # Tracks emails that are initiated during GetUspsProofingResultsJob # @param [String] email_type success, failed or failed fraud + # @param [String] enrollment_code + # @param [Time] timestamp + # @param [String] service_provider + # @param [Integer] wait_until + # @param [String] job_name def idv_in_person_usps_proofing_results_job_email_initiated( email_type:, + enrollment_code:, + timestamp:, + service_provider:, + wait_until:, + job_name:, **extra ) track_event( 'GetUspsProofingResultsJob: Success or failure email initiated', - email_type: email_type, + email_type:, + enrollment_code:, + timestamp:, + service_provider:, + wait_until:, + job_name:, **extra, ) end @@ -3404,11 +3449,31 @@ def idv_in_person_usps_proofing_results_job_enrollment_incomplete( # @param [String] enrollment_code # @param [String] enrollment_id # @param [Float] minutes_since_established + # @param [Float] minutes_since_last_status_check + # @param [Float] minutes_since_last_status_check_completed + # @param [Float] minutes_since_last_status_update + # @param [Float] minutes_to_completion + # @param [Boolean] fraud_suspected + # @param [String] primary_id_type + # @param [String] secondary_id_type + # @param [String] failure_reason + # @param [String] transaction_end_date_time + # @param [String] transaction_start_date_time + # @param [String] status + # @param [String] assurance_level + # @param [String] proofing_post_office + # @param [String] proofing_city + # @param [String] proofing_state + # @param [String] scan_count + # @param [String] response_message # @param [Boolean] passed did this enrollment pass or fail? # @param [String] reason why did this enrollment pass or fail? # @param [String] tmx_status the tmx_status of the enrollment profile profile # @param [Integer] profile_age_in_seconds How many seconds have passed since profile created - # @param [Boolean] fraud_suspected + # @param [Boolean] response_present + # @param [String] job_name + # @param [Boolean] enhanced_ipp + # @param [String] issuer def idv_in_person_usps_proofing_results_job_enrollment_updated( enrollment_code:, enrollment_id:, @@ -3417,19 +3482,59 @@ def idv_in_person_usps_proofing_results_job_enrollment_updated( reason:, tmx_status:, profile_age_in_seconds:, + minutes_since_last_status_check:, + minutes_since_last_status_check_completed:, + minutes_since_last_status_update:, + minutes_to_completion:, + response_present:, + job_name:, + enhanced_ipp:, + issuer:, fraud_suspected: nil, + primary_id_type: nil, + secondary_id_type: nil, + failure_reason: nil, + transaction_end_date_time: nil, + transaction_start_date_time: nil, + status: nil, + assurance_level: nil, + proofing_post_office: nil, + proofing_city: nil, + proofing_state: nil, + scan_count: nil, + response_message: nil, **extra ) track_event( 'GetUspsProofingResultsJob: Enrollment status updated', - enrollment_code: enrollment_code, - enrollment_id: enrollment_id, - minutes_since_established: minutes_since_established, - passed: passed, - reason: reason, - tmx_status: tmx_status, - profile_age_in_seconds: profile_age_in_seconds, - fraud_suspected: fraud_suspected, + enrollment_code:, + enrollment_id:, + minutes_since_established:, + passed:, + reason:, + tmx_status:, + profile_age_in_seconds:, + minutes_since_last_status_check:, + minutes_since_last_status_check_completed:, + minutes_since_last_status_update:, + minutes_to_completion:, + fraud_suspected:, + primary_id_type:, + secondary_id_type:, + failure_reason:, + transaction_end_date_time:, + transaction_start_date_time:, + status:, + assurance_level:, + proofing_post_office:, + proofing_city:, + proofing_state:, + scan_count:, + response_present:, + response_message:, + job_name:, + enhanced_ipp:, + issuer:, **extra, ) end @@ -3442,6 +3547,7 @@ def idv_in_person_usps_proofing_results_job_enrollment_updated( # @param [String] enrollment_code # @param [Float] minutes_since_established # @param [Float] minutes_since_last_status_check + # @param [Float] minutes_since_last_status_check_completed # @param [Float] minutes_since_last_status_update # @param [Float] minutes_to_completion # @param [Boolean] fraud_suspected @@ -3456,8 +3562,11 @@ def idv_in_person_usps_proofing_results_job_enrollment_updated( # @param [String] proofing_city # @param [String] proofing_state # @param [String] scan_count + # @param [Boolean] response_present # @param [String] response_message # @param [Integer] response_status_code + # @param [String] job_name + # @param [String] issuer def idv_in_person_usps_proofing_results_job_exception( reason:, enrollment_id:, @@ -3466,6 +3575,7 @@ def idv_in_person_usps_proofing_results_job_exception( exception_message: nil, enrollment_code: nil, minutes_since_last_status_check: nil, + minutes_since_last_status_check_completed: nil, minutes_since_last_status_update: nil, minutes_to_completion: nil, fraud_suspected: nil, @@ -3480,45 +3590,67 @@ def idv_in_person_usps_proofing_results_job_exception( proofing_city: nil, proofing_state: nil, scan_count: nil, + response_present: nil, response_message: nil, response_status_code: nil, + job_name: nil, + issuer: nil, **extra ) track_event( 'GetUspsProofingResultsJob: Exception raised', - reason: reason, - enrollment_id: enrollment_id, - exception_class: exception_class, - exception_message: exception_message, - enrollment_code: enrollment_code, - minutes_since_established: minutes_since_established, - minutes_since_last_status_check: minutes_since_last_status_check, - minutes_since_last_status_update: minutes_since_last_status_update, - minutes_to_completion: minutes_to_completion, - fraud_suspected: fraud_suspected, - primary_id_type: primary_id_type, - secondary_id_type: secondary_id_type, - failure_reason: failure_reason, - transaction_end_date_time: transaction_end_date_time, - transaction_start_date_time: transaction_start_date_time, - status: status, - assurance_level: assurance_level, - proofing_post_office: proofing_post_office, - proofing_city: proofing_city, - proofing_state: proofing_state, - scan_count: scan_count, - response_message: response_message, - response_status_code: response_status_code, + reason:, + enrollment_id:, + exception_class:, + exception_message:, + enrollment_code:, + minutes_since_established:, + minutes_since_last_status_check:, + minutes_since_last_status_check_completed:, + minutes_since_last_status_update:, + minutes_to_completion:, + fraud_suspected:, + primary_id_type:, + secondary_id_type:, + failure_reason:, + transaction_end_date_time:, + transaction_start_date_time:, + status:, + assurance_level:, + proofing_post_office:, + proofing_city:, + proofing_state:, + scan_count:, + response_present:, + response_message:, + response_status_code:, + job_name:, + issuer:, **extra, ) end # Tracks please call emails that are initiated during GetUspsProofingResultsJob + # @param [String] enrollment_code + # @param [String] job_name + # @param [String] service_provider + # @param [Time] timestamp + # @param [Integer] wait_until def idv_in_person_usps_proofing_results_job_please_call_email_initiated( + enrollment_code:, + job_name:, + service_provider:, + timestamp:, + wait_until:, **extra ) track_event( :idv_in_person_usps_proofing_results_job_please_call_email_initiated, + enrollment_code:, + job_name:, + service_provider:, + timestamp:, + wait_until:, **extra, ) end @@ -3546,36 +3678,75 @@ def idv_in_person_usps_proofing_results_job_started( # @param [String] enrollment_code # @param [String] enrollment_id # @param [Float] minutes_since_established + # @param [Float] minutes_since_last_status_check + # @param [Float] minutes_since_last_status_check_completed + # @param [Float] minutes_since_last_status_update + # @param [Float] minutes_to_completion + # @param [String] issuer + # @param [String] job_name # @param [String] response_message # @param [String] reason why was this error unexpected? def idv_in_person_usps_proofing_results_job_unexpected_response( enrollment_code:, enrollment_id:, minutes_since_established:, + minutes_since_last_status_check:, + minutes_since_last_status_check_completed:, + minutes_since_last_status_update:, + minutes_to_completion:, + issuer:, + job_name:, response_message:, reason:, **extra ) track_event( 'GetUspsProofingResultsJob: Unexpected response received', - enrollment_code: enrollment_code, - enrollment_id: enrollment_id, - minutes_since_established: minutes_since_established, - response_message: response_message, - reason: reason, + enrollment_code:, + enrollment_id:, + minutes_since_established:, + response_message:, + reason:, + minutes_since_last_status_check:, + minutes_since_last_status_check_completed:, + minutes_since_last_status_update:, + minutes_to_completion:, + issuer:, + job_name:, **extra, ) end # A user has been moved to fraud review after completing proofing at the USPS + # @param [String] enrollment_code # @param [String] enrollment_id + # @param [Float] minutes_since_established + # @param [Float] minutes_since_last_status_check + # @param [Float] minutes_since_last_status_check_completed + # @param [Float] minutes_since_last_status_update + # @param [Float] minutes_to_completion + # @param [String] issuer def idv_in_person_usps_proofing_results_job_user_sent_to_fraud_review( + enrollment_code:, enrollment_id:, + minutes_since_established:, + minutes_since_last_status_check:, + minutes_since_last_status_check_completed:, + minutes_since_last_status_update:, + minutes_to_completion:, + issuer:, **extra ) track_event( :idv_in_person_usps_proofing_results_job_user_sent_to_fraud_review, - enrollment_id: enrollment_id, + enrollment_code:, + enrollment_id:, + minutes_since_established:, + minutes_since_last_status_check:, + minutes_since_last_status_check_completed:, + minutes_since_last_status_update:, + minutes_to_completion:, + issuer:, **extra, ) end diff --git a/spec/features/idv/get_proofing_results_job_scenarios_spec.rb b/spec/features/idv/get_proofing_results_job_scenarios_spec.rb index f28bc7fe37c..610e08c0614 100644 --- a/spec/features/idv/get_proofing_results_job_scenarios_spec.rb +++ b/spec/features/idv/get_proofing_results_job_scenarios_spec.rb @@ -1,7 +1,7 @@ require 'rails_helper' require 'axe-rspec' -RSpec.feature 'GetUspsProofingResultsJob Scenarios', js: true, allowed_extra_analytics: [:*] do +RSpec.feature 'GetUspsProofingResultsJob Scenarios', js: true do include OidcAuthHelper include UspsIppHelper include ActiveJob::TestHelper diff --git a/spec/jobs/get_usps_ready_proofing_results_job_spec.rb b/spec/jobs/get_usps_ready_proofing_results_job_spec.rb index 4c070bd93e2..7eb3b528917 100644 --- a/spec/jobs/get_usps_ready_proofing_results_job_spec.rb +++ b/spec/jobs/get_usps_ready_proofing_results_job_spec.rb @@ -1,6 +1,6 @@ require 'rails_helper' -RSpec.describe GetUspsReadyProofingResultsJob, allowed_extra_analytics: [:*] do +RSpec.describe GetUspsReadyProofingResultsJob do include UspsIppHelper let(:reprocess_delay_minutes) { 2.0 } diff --git a/spec/jobs/get_usps_waiting_proofing_results_job_spec.rb b/spec/jobs/get_usps_waiting_proofing_results_job_spec.rb index 3a2b2078e8a..cf9ee72558b 100644 --- a/spec/jobs/get_usps_waiting_proofing_results_job_spec.rb +++ b/spec/jobs/get_usps_waiting_proofing_results_job_spec.rb @@ -1,6 +1,6 @@ require 'rails_helper' -RSpec.describe GetUspsWaitingProofingResultsJob, allowed_extra_analytics: [:*] do +RSpec.describe GetUspsWaitingProofingResultsJob do include UspsIppHelper let(:reprocess_delay_minutes) { 2.0 } From ffbf1b0cf34a3c830e063ae90e11b84d661174e1 Mon Sep 17 00:00:00 2001 From: Andrew Duthie <1779930+aduth@users.noreply.github.com> Date: Mon, 16 Dec 2024 07:19:43 -0500 Subject: [PATCH 10/19] Remove support for wildcard allowed_extra_analytics (#11643) changelog: Internal, Analytics, Remove support for wildcard allowed_extra_analytics --- spec/support/fake_analytics.rb | 27 +-------------------------- spec/support/fake_analytics_spec.rb | 19 ------------------- 2 files changed, 1 insertion(+), 45 deletions(-) diff --git a/spec/support/fake_analytics.rb b/spec/support/fake_analytics.rb index 450bbbbbbb2..84ebb4f713f 100644 --- a/spec/support/fake_analytics.rb +++ b/spec/support/fake_analytics.rb @@ -102,7 +102,7 @@ def track_event(event, original_attributes = {}) extra_keywords -= Array(allowed_extra_analytics) - if extra_keywords.present? && !allowed_extra_analytics.include?(:*) + if extra_keywords.present? raise UndocumentedParams, <<~ERROR event :#{method_name} called with undocumented params #{extra_keywords.inspect} (if these params are for specs only, use :allowed_extra_analytics metadata) @@ -194,29 +194,4 @@ def reset! FakeAnalytics::UndocumentedParamsChecker.allowed_extra_analytics = [] FakeAnalytics::UndocumentedParamsChecker.checked_extra_analytics = [] end - - c.after(:all) do |_ex| - next if c.world.all_examples.count != c.world.example_count - - groups.group_by(&:first).each do |group, pairs| - allowed_extra_analytics = group.metadata[:allowed_extra_analytics] - next if allowed_extra_analytics.blank? - all_checked_extra_analytics = pairs.map(&:last).flatten.uniq - if allowed_extra_analytics.include?(:*) - expect(all_checked_extra_analytics).to( - be_present, - "Unnecessary allowed_extra_analytics on example group #{group} (in #{group.id})", - ) - else - unchecked_extra_analytics = allowed_extra_analytics - all_checked_extra_analytics - expect(unchecked_extra_analytics).to( - be_blank, - "Unnecessary allowed_extra_analytics keywords on example group #{group}: " \ - "#{unchecked_extra_analytics} (in #{group.id})", - ) - end - end - ensure - groups = [] - end end diff --git a/spec/support/fake_analytics_spec.rb b/spec/support/fake_analytics_spec.rb index 30717e1529e..b16f5e265a9 100644 --- a/spec/support/fake_analytics_spec.rb +++ b/spec/support/fake_analytics_spec.rb @@ -605,25 +605,6 @@ ) end - it 'does not error when undocumented params are allowed via *', allowed_extra_analytics: [:*] do - analytics.idv_phone_confirmation_otp_submitted( - success: true, - errors: true, - code_expired: true, - code_matches: true, - otp_delivery_preference: :sms, - second_factor_attempts_count: true, - second_factor_locked_at: true, - proofing_components: true, - fun_level: 1000, - ) - - expect(analytics).to have_logged_event( - 'IdV: phone confirmation otp submitted', - hash_including(:fun_level), - ) - end - it 'does not error when string tags are documented as options' do analytics.idv_doc_auth_submitted_image_upload_vendor( success: nil, From 329db5d0231df69096d40b435a1c9f102faecc47 Mon Sep 17 00:00:00 2001 From: Mitchell Henke Date: Mon, 16 Dec 2024 10:35:56 -0600 Subject: [PATCH 11/19] Update simpleidn and faker gems (#11646) changelog: Internal, Maintenance, Update simpleidn and faker gems --- Gemfile.lock | 8 ++------ spec/forms/idv/state_id_form_spec.rb | 6 +++--- 2 files changed, 5 insertions(+), 9 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 7dc21388bc9..8f0e33dd62b 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -323,7 +323,7 @@ GEM factory_bot_rails (6.4.3) factory_bot (~> 6.4) railties (>= 5.0.0) - faker (3.4.2) + faker (3.5.1) i18n (>= 1.8.11, < 2) faraday (2.10.0) faraday-net_http (>= 2.0, < 3.2) @@ -674,8 +674,7 @@ GEM simplecov (~> 0.19) simplecov-html (0.12.3) simplecov_json_formatter (0.1.4) - simpleidn (0.2.1) - unf (~> 0.1.4) + simpleidn (0.2.3) smart_properties (1.17.0) sqlite3 (2.1.0) mini_portile2 (~> 2.8.0) @@ -695,9 +694,6 @@ GEM openssl-signature_algorithm (~> 1.0) tzinfo (2.0.6) concurrent-ruby (~> 1.0) - unf (0.1.4) - unf_ext - unf_ext (0.0.9.1) unicode-display_width (2.5.0) uniform_notifier (1.16.0) uri (0.13.0) diff --git a/spec/forms/idv/state_id_form_spec.rb b/spec/forms/idv/state_id_form_spec.rb index 86e28bbdea2..66e97ce16cc 100644 --- a/spec/forms/idv/state_id_form_spec.rb +++ b/spec/forms/idv/state_id_form_spec.rb @@ -35,7 +35,7 @@ identity_doc_address_state: Faker::Address.state_abbr, same_address_as_id: same_address_as_id, state_id_jurisdiction: 'AL', - state_id_number: Faker::IDNumber.valid, + state_id_number: Faker::IdNumber.valid, } end let(:dob_min_age_name_error_params) do @@ -50,7 +50,7 @@ identity_doc_address_state: Faker::Address.state_abbr, same_address_as_id: same_address_as_id, state_id_jurisdiction: 'AL', - state_id_number: Faker::IDNumber.valid, + state_id_number: Faker::IdNumber.valid, } end let(:invalid_char) { '1' } @@ -66,7 +66,7 @@ identity_doc_address_state: Faker::Address.state_abbr, same_address_as_id: same_address_as_id, state_id_jurisdiction: 'AL', - state_id_number: Faker::IDNumber.valid, + state_id_number: Faker::IdNumber.valid, } end let(:pii) { nil } From f598efd4a7692ad90cc44a140c522b8cfb59b345 Mon Sep 17 00:00:00 2001 From: Mitchell Henke Date: Mon, 16 Dec 2024 10:46:59 -0600 Subject: [PATCH 12/19] Simplify OIDC Logout validation (#11644) * Simplify OIDC Logout validation changelog: Internal, OpenID Connect, Simplify OIDC Logout validation * Update spec/forms/openid_connect_logout_form_spec.rb Co-authored-by: Andrew Duthie <1779930+aduth@users.noreply.github.com> --------- Co-authored-by: Andrew Duthie <1779930+aduth@users.noreply.github.com> --- app/controllers/openid_connect/certs_controller.rb | 4 +++- app/forms/openid_connect_logout_form.rb | 5 ++--- spec/forms/openid_connect_logout_form_spec.rb | 13 +++++++++++++ 3 files changed, 18 insertions(+), 4 deletions(-) diff --git a/app/controllers/openid_connect/certs_controller.rb b/app/controllers/openid_connect/certs_controller.rb index f0640b723be..f06cd531d68 100644 --- a/app/controllers/openid_connect/certs_controller.rb +++ b/app/controllers/openid_connect/certs_controller.rb @@ -6,10 +6,12 @@ class CertsController < ApplicationController prepend_before_action :skip_session_expiration skip_before_action :disable_caching + JSON = OpenidConnectCertsPresenter.new.certs.freeze + def index expires_in 1.week, public: true - render json: OpenidConnectCertsPresenter.new.certs + render json: JSON end end end diff --git a/app/forms/openid_connect_logout_form.rb b/app/forms/openid_connect_logout_form.rb index 34c7c3391c2..68dc9c30ac5 100644 --- a/app/forms/openid_connect_logout_form.rb +++ b/app/forms/openid_connect_logout_form.rb @@ -94,14 +94,13 @@ def identity_from_token_hint(id_token_hint) return nil if id_token_hint.blank? payload, _headers = nil - Rails.application.config.oidc_public_key_queue.compact.find do |key| + begin payload, _headers = JWT.decode( - id_token_hint, key, true, + id_token_hint, Rails.application.config.oidc_public_key_queue, true, algorithm: 'RS256', leeway: Float::INFINITY ).map(&:with_indifferent_access) rescue JWT::DecodeError - next end if payload diff --git a/spec/forms/openid_connect_logout_form_spec.rb b/spec/forms/openid_connect_logout_form_spec.rb index 78e3af831a8..9d9a601ecdd 100644 --- a/spec/forms/openid_connect_logout_form_spec.rb +++ b/spec/forms/openid_connect_logout_form_spec.rb @@ -162,6 +162,19 @@ end end + context 'with a payload that was signed with an invalid key' do + let(:id_token_hint) do + JWT.encode( + { sub: identity.uuid, aud: identity.service_provider }, + OpenSSL::PKey::RSA.new(2048), 'RS256' + ) + end + + it 'is invalid' do + expect(valid?).to eq(false) + end + end + context 'with a payload that does not correspond to an identity' do let(:id_token_hint) do JWT.encode( From d59e458695ae3250b5631add7ef985cbc62296e0 Mon Sep 17 00:00:00 2001 From: Andrew Duthie <1779930+aduth@users.noreply.github.com> Date: Mon, 16 Dec 2024 11:58:39 -0500 Subject: [PATCH 13/19] Remove all supports for allowed extra analytics (#11647) changelog: Internal, Analytics, Remove support for allowed_extra_analytics --- spec/forms/recaptcha_enterprise_form_spec.rb | 6 ++-- spec/forms/recaptcha_form_spec.rb | 6 ++-- spec/support/fake_analytics.rb | 34 ++------------------ spec/support/fake_analytics_spec.rb | 20 ------------ 4 files changed, 9 insertions(+), 57 deletions(-) diff --git a/spec/forms/recaptcha_enterprise_form_spec.rb b/spec/forms/recaptcha_enterprise_form_spec.rb index 7d54b9df6f3..f6c0f805c7c 100644 --- a/spec/forms/recaptcha_enterprise_form_spec.rb +++ b/spec/forms/recaptcha_enterprise_form_spec.rb @@ -390,8 +390,8 @@ end end - context 'with extra analytics properties', allowed_extra_analytics: [:extra] do - let(:extra_analytics_properties) { { extra: true } } + context 'with extra analytics properties' do + let(:extra_analytics_properties) { { phone_country_code: true } } it 'logs analytics of the body' do result @@ -409,7 +409,7 @@ score_threshold: score_threshold, form_class: 'RecaptchaEnterpriseForm', recaptcha_action:, - extra: true, + phone_country_code: true, ) end end diff --git a/spec/forms/recaptcha_form_spec.rb b/spec/forms/recaptcha_form_spec.rb index eeb833905f5..468abf900de 100644 --- a/spec/forms/recaptcha_form_spec.rb +++ b/spec/forms/recaptcha_form_spec.rb @@ -309,8 +309,8 @@ ) end - context 'with extra analytics properties', allowed_extra_analytics: [:extra] do - let(:extra_analytics_properties) { { extra: true } } + context 'with extra analytics properties' do + let(:extra_analytics_properties) { { phone_country_code: true } } it 'logs analytics of the body' do result @@ -328,7 +328,7 @@ score_threshold: score_threshold, form_class: 'RecaptchaForm', recaptcha_action:, - extra: true, + phone_country_code: true, ) end end diff --git a/spec/support/fake_analytics.rb b/spec/support/fake_analytics.rb index 84ebb4f713f..ce3ee4b6170 100644 --- a/spec/support/fake_analytics.rb +++ b/spec/support/fake_analytics.rb @@ -71,8 +71,6 @@ def track_event(event, original_attributes = {}) UndocumentedParams = Class.new(StandardError).freeze module UndocumentedParamsChecker - mattr_accessor :allowed_extra_analytics - mattr_accessor :checked_extra_analytics mattr_accessor :asts mattr_accessor :docstrings @@ -98,16 +96,9 @@ def track_event(event, original_attributes = {}) - option_param_names(analytics_method) if extra_keywords.present? - @@checked_extra_analytics = checked_extra_analytics.to_a.concat(extra_keywords) - - extra_keywords -= Array(allowed_extra_analytics) - - if extra_keywords.present? - raise UndocumentedParams, <<~ERROR - event :#{method_name} called with undocumented params #{extra_keywords.inspect} - (if these params are for specs only, use :allowed_extra_analytics metadata) - ERROR - end + raise UndocumentedParams, <<~ERROR + event :#{method_name} called with undocumented params #{extra_keywords.inspect} + ERROR end end @@ -176,22 +167,3 @@ def reset! @events = Hash.new end end - -RSpec.configure do |c| - groups = [] - - c.around do |ex| - keys = Array(ex.metadata[:allowed_extra_analytics]) - FakeAnalytics::UndocumentedParamsChecker.allowed_extra_analytics = keys - ex.run - - if keys.present? - group = ex.example_group - group = group.superclass until [nil, RSpec::Core::ExampleGroup].include?(group.superclass) - groups << [group, FakeAnalytics::UndocumentedParamsChecker.checked_extra_analytics.to_a] - end - ensure - FakeAnalytics::UndocumentedParamsChecker.allowed_extra_analytics = [] - FakeAnalytics::UndocumentedParamsChecker.checked_extra_analytics = [] - end -end diff --git a/spec/support/fake_analytics_spec.rb b/spec/support/fake_analytics_spec.rb index b16f5e265a9..aacd56fbdcf 100644 --- a/spec/support/fake_analytics_spec.rb +++ b/spec/support/fake_analytics_spec.rb @@ -585,26 +585,6 @@ end.to raise_error(FakeAnalytics::UndocumentedParams, /some_new_undocumented_keyword/) end - it 'does not error when undocumented params are allowed', - allowed_extra_analytics: [:fun_level] do - analytics.idv_phone_confirmation_otp_submitted( - success: true, - errors: true, - code_expired: true, - code_matches: true, - otp_delivery_preference: :sms, - second_factor_attempts_count: true, - second_factor_locked_at: true, - proofing_components: true, - fun_level: 1000, - ) - - expect(analytics).to have_logged_event( - 'IdV: phone confirmation otp submitted', - hash_including(:fun_level), - ) - end - it 'does not error when string tags are documented as options' do analytics.idv_doc_auth_submitted_image_upload_vendor( success: nil, From 02ddf473e391428c91d9795474d6a09475d3e0f1 Mon Sep 17 00:00:00 2001 From: Mitchell Henke Date: Mon, 16 Dec 2024 11:17:18 -0600 Subject: [PATCH 14/19] Update to Ruby 3.3.6 and Node 22 (#11605) * Internal, Maintenance, Update to Ruby 3.3.6 and Node 22 changelog: Internal, Maintenance, Update to Ruby 3.3.6 and Node 22 * Update more Node 20 references * Explicitly define project as CommonJS Otherwise Mocha will attempt (and fail) to parse as ESM * Refactor device specs to use useDefineProperty helper Node.js now defines global.navigator * Force override global navigator with JSDOM navigator * Sync yarn.lock * update gems * update more gems * update image * add current path checks * update letter_opener --------- Co-authored-by: Andrew Duthie --- .gitlab-ci.yml | 2 +- .nvmrc | 2 +- .ruby-version | 2 +- Brewfile | 2 +- Gemfile.lock | 118 +++---- app/javascript/packages/device/index.js | 4 +- dockerfiles/idp_ci.Dockerfile | 4 +- dockerfiles/idp_deploy.Dockerfile | 4 +- dockerfiles/idp_review_app.Dockerfile | 4 +- docs/local-development.md | 2 +- package.json | 5 +- spec/features/idv/end_to_end_idv_spec.rb | 5 +- spec/javascript/packages/device/index-spec.js | 304 ++++++++++-------- spec/javascript/spec_helper.js | 1 + .../idv_examples/sp_requested_attributes.rb | 2 +- yarn.lock | 18 +- 16 files changed, 263 insertions(+), 216 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 0dfcf3388a2..4dcf6078669 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -8,7 +8,7 @@ variables: FF_SCRIPT_SECTIONS: 'true' JUNIT_OUTPUT: 'true' ECR_REGISTRY: '${AWS_ACCOUNT_ID}.dkr.ecr.${AWS_REGION}.amazonaws.com' - IDP_CI_SHA: 'sha256:5c4953f8efba18b7a6d6a9a961cb77ba7143059cbb2176499432b4275fbe67db' + IDP_CI_SHA: 'sha256:37766e5b4aaeaad72dc8d18aa73236558ae5abd478073f5005783c44d6d6e87e' PKI_IMAGE_TAG: 'main' DASHBOARD_IMAGE_TAG: 'main' APPLICATION_MANIFEST: dockerfiles/application.yaml diff --git a/.nvmrc b/.nvmrc index 209e3ef4b62..2bd5a0a98a3 100644 --- a/.nvmrc +++ b/.nvmrc @@ -1 +1 @@ -20 +22 diff --git a/.ruby-version b/.ruby-version index a0891f563f3..9c25013dbb8 100644 --- a/.ruby-version +++ b/.ruby-version @@ -1 +1 @@ -3.3.4 +3.3.6 diff --git a/Brewfile b/Brewfile index 2018d5ff118..f087878fea3 100644 --- a/Brewfile +++ b/Brewfile @@ -1,6 +1,6 @@ brew 'postgresql@14' brew 'redis' -brew 'node@20' +brew 'node@22' brew 'yarn' brew 'openssl@1.1' brew 'jq' diff --git a/Gemfile.lock b/Gemfile.lock index 8f0e33dd62b..6ffcee2c82b 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -198,12 +198,14 @@ GEM aws-sigv4 (~> 1.1) aws-sigv4 (1.9.1) aws-eventstream (~> 1, >= 1.0.2) - axe-core-api (4.10.0) + axe-core-api (4.10.2) dumb_delegator + ostruct virtus - axe-core-rspec (4.10.0) - axe-core-api (= 4.10.0) + axe-core-rspec (4.10.2) + axe-core-api (= 4.10.2) dumb_delegator + ostruct virtus axiom-types (0.1.1) descendants_tracker (~> 0.0.4) @@ -212,7 +214,7 @@ GEM barby (0.6.8) base32-crockford (0.1.0) base64 (0.2.0) - bcrypt (3.1.19) + bcrypt (3.1.20) benchmark (0.4.0) benchmark-ips (2.12.0) better_errors (2.10.1) @@ -230,13 +232,14 @@ GEM bindata (2.4.15) bootsnap (1.18.3) msgpack (~> 1.2) - brakeman (6.1.0) + brakeman (6.2.2) + racc browser (6.0.0) builder (3.3.0) bullet (7.2.0) activesupport (>= 3.0.0) uniform_notifier (~> 1.11) - bundler-audit (0.9.1) + bundler-audit (0.9.2) bundler (>= 1.2.0, < 3) thor (~> 1.0) byebug (11.1.3) @@ -255,6 +258,8 @@ GEM nokogiri (~> 1.10, >= 1.10.4) rubyzip (>= 1.3.0, < 3) cbor (0.5.9.8) + childprocess (5.1.0) + logger (~> 1.5) chunky_png (1.4.0) coderay (1.1.3) coercible (1.0.0) @@ -273,7 +278,7 @@ GEM cssbundling-rails (1.4.0) railties (>= 6.0.0) csv (3.2.8) - date (3.3.4) + date (3.4.1) dead_end (4.0.0) derailed_benchmarks (2.1.2) benchmark-ips (~> 2) @@ -303,9 +308,9 @@ GEM i18n drb (2.2.1) dumb_delegator (1.0.0) - email_spec (2.2.2) + email_spec (2.3.0) htmlentities (~> 4.3.3) - launchy (~> 2.1) + launchy (>= 2.1, < 4.0) mail (~> 2.7) erb_lint (0.7.0) activesupport @@ -318,23 +323,24 @@ GEM erubi (1.13.0) et-orbi (1.2.11) tzinfo - factory_bot (6.4.6) + factory_bot (6.5.0) activesupport (>= 5.0.0) - factory_bot_rails (6.4.3) - factory_bot (~> 6.4) + factory_bot_rails (6.4.4) + factory_bot (~> 6.5) railties (>= 5.0.0) faker (3.5.1) i18n (>= 1.8.11, < 2) - faraday (2.10.0) - faraday-net_http (>= 2.0, < 3.2) + faraday (2.12.2) + faraday-net_http (>= 2.0, < 3.5) + json logger - faraday-net_http (3.1.1) - net-http + faraday-net_http (3.4.0) + net-http (>= 0.5.0) faraday-retry (2.0.0) faraday (~> 2.0) - ffi (1.15.5) - ffi-compiler (1.0.1) - ffi (>= 1.0.0) + ffi (1.17.0) + ffi-compiler (1.3.2) + ffi (>= 1.15.5) rake foundation_emails (2.2.1.0) fugit (1.11.1) @@ -352,10 +358,10 @@ GEM fugit (>= 1.11.0) railties (>= 6.1.0) thor (>= 1.0.0) - google-protobuf (4.28.2) + google-protobuf (4.29.1) bigdecimal rake (>= 13) - hashdiff (1.1.0) + hashdiff (1.1.2) heapy (0.2.0) thor highline (3.1.0) @@ -377,8 +383,8 @@ GEM rainbow (>= 2.2.2, < 4.0) terminal-table (>= 1.5.1) ice_nine (0.11.2) - io-console (0.7.2) - irb (1.14.1) + io-console (0.8.0) + irb (1.14.2) rdoc (>= 4.0.0) reline (>= 0.4.2) jmespath (1.6.2) @@ -390,14 +396,15 @@ GEM knapsack (4.0.0) rake language_server-protocol (3.17.0.3) - launchy (2.5.2) + launchy (3.0.1) addressable (~> 2.8) - letter_opener (1.8.1) - launchy (>= 2.2, < 3) + childprocess (~> 5.0) + letter_opener (1.10.0) + launchy (>= 2.2, < 4) listen (3.8.0) rb-fsevent (~> 0.10, >= 0.10.3) rb-inotify (~> 0.9, >= 0.9.10) - logger (1.6.1) + logger (1.6.2) lograge (0.11.2) actionpack (>= 4) activesupport (>= 4) @@ -432,14 +439,14 @@ GEM mini_histogram (0.3.1) mini_mime (1.1.5) mini_portile2 (2.8.8) - minitest (5.25.1) - msgpack (1.7.2) + minitest (5.25.4) + msgpack (1.7.5) multiset (0.5.3) - net-http (0.4.1) + net-http (0.6.0) uri net-http-persistent (4.0.2) connection_pool (~> 2.2) - net-imap (0.5.0) + net-imap (0.5.1) date net-protocol net-pop (0.1.2) @@ -452,7 +459,7 @@ GEM net-protocol net-ssh (6.1.0) newrelic_rpm (9.7.0) - nio4r (2.7.3) + nio4r (2.7.4) nokogiri (1.16.8) mini_portile2 (~> 2.8.2) racc (~> 1.4) @@ -462,11 +469,12 @@ GEM openssl-signature_algorithm (1.2.1) openssl (> 2.0, < 3.1) orm_adapter (0.5.0) + ostruct (0.6.1) parallel (1.26.3) parser (3.3.4.2) ast (~> 2.4.1) racc - pg (1.5.6) + pg (1.5.9) pg_query (5.1.0) google-protobuf (>= 3.22.3) phonelib (0.9.1) @@ -498,7 +506,8 @@ GEM yard (~> 0.9.11) pry-rails (0.3.11) pry (>= 0.13.0) - psych (5.1.2) + psych (5.2.1) + date stringio public_suffix (6.0.1) puma (6.4.3) @@ -565,16 +574,16 @@ GEM rb-fsevent (0.11.2) rb-inotify (0.10.1) ffi (~> 1.0) - rdoc (6.7.0) + rdoc (6.8.1) psych (>= 4.0.0) redacted_struct (2.0.0) redcarpet (3.6.0) - redis (5.2.0) + redis (5.3.0) redis-client (>= 0.22.0) - redis-client (0.22.2) + redis-client (0.23.0) connection_pool regexp_parser (2.9.3) - reline (0.5.9) + reline (0.5.12) io-console (~> 0.5) request_store (1.5.1) rack (>= 1.4) @@ -593,7 +602,7 @@ GEM rspec-core (~> 3.13.0) rspec-expectations (~> 3.13.0) rspec-mocks (~> 3.13.0) - rspec-core (3.13.1) + rspec-core (3.13.2) rspec-support (~> 3.13.0) rspec-expectations (3.13.3) diff-lcs (>= 1.2.0, < 2.0) @@ -611,7 +620,7 @@ GEM rspec-support (~> 3.13) rspec-retry (0.6.2) rspec-core (> 3.3) - rspec-support (3.13.1) + rspec-support (3.13.2) rspec_junit_formatter (0.6.0) rspec-core (>= 2, < 4, != 2.12.0) rubocop (1.69.1) @@ -648,10 +657,11 @@ GEM errbase (>= 0.1.1) safety_net_attestation (0.4.0) jwt (~> 2.0) - scrypt (3.0.7) + scrypt (3.0.8) ffi-compiler (>= 1.0, < 2.0) - securerandom (0.3.1) - selenium-webdriver (4.22.0) + rake (>= 9, < 14) + securerandom (0.4.0) + selenium-webdriver (4.27.0) base64 (~> 0.2) logger (~> 1.4) rexml (~> 3.2, >= 3.2.5) @@ -676,18 +686,18 @@ GEM simplecov_json_formatter (0.1.4) simpleidn (0.2.3) smart_properties (1.17.0) - sqlite3 (2.1.0) + sqlite3 (2.4.1) mini_portile2 (~> 2.8.0) stringex (2.8.5) - stringio (3.1.1) + stringio (3.1.2) strong_migrations (2.0.0) activerecord (>= 6.1) tableparser (1.0.1) terminal-table (3.0.2) unicode-display_width (>= 1.1.1, < 3) - thor (1.3.1) + thor (1.3.2) thread_safe (0.3.6) - timeout (0.4.1) + timeout (0.4.2) tpm-key_attestation (0.11.0) bindata (~> 2.4) openssl (> 2.0, < 3.1) @@ -697,7 +707,7 @@ GEM unicode-display_width (2.5.0) uniform_notifier (1.16.0) uri (0.13.0) - useragent (0.16.10) + useragent (0.16.11) view_component (3.9.0) activesupport (>= 5.2.0, < 8.0) concurrent-ruby (~> 1.0) @@ -717,12 +727,12 @@ GEM openssl (>= 2.2, < 3.1) safety_net_attestation (~> 0.4.0) tpm-key_attestation (~> 0.11.0) - webmock (3.18.1) + webmock (3.24.0) addressable (>= 2.8.0) crack (>= 0.3.2) hashdiff (>= 0.4.0, < 2.0.0) - webrick (1.8.2) - websocket (1.2.10) + webrick (1.9.1) + websocket (1.2.11) websocket-driver (0.7.6) websocket-extensions (>= 0.1.0) websocket-extensions (0.1.5) @@ -739,7 +749,7 @@ GEM nokogiri (~> 1.8) yard (0.9.37) zeitwerk (2.7.1) - zlib (3.0.0) + zlib (3.2.0) zonebie (0.6.1) zxcvbn (0.1.12) @@ -874,7 +884,7 @@ DEPENDENCIES zxcvbn (= 0.1.12) RUBY VERSION - ruby 3.3.4p94 + ruby 3.3.6p108 BUNDLED WITH - 2.5.6 + 2.5.23 diff --git a/app/javascript/packages/device/index.js b/app/javascript/packages/device/index.js index 2fe070f0b9e..fd68d08512b 100644 --- a/app/javascript/packages/device/index.js +++ b/app/javascript/packages/device/index.js @@ -7,7 +7,7 @@ * @return {boolean} */ export function isIPad() { - const { userAgent, maxTouchPoints } = window.navigator; + const { userAgent, maxTouchPoints } = navigator; return /ipad/i.test(userAgent) || (/macintosh/i.test(userAgent) && maxTouchPoints === 5); } @@ -18,7 +18,7 @@ export function isIPad() { * @return {boolean} */ export function isLikelyMobile() { - return isIPad() || /iphone|android/i.test(window.navigator.userAgent); + return isIPad() || /iphone|android/i.test(navigator.userAgent); } /** diff --git a/dockerfiles/idp_ci.Dockerfile b/dockerfiles/idp_ci.Dockerfile index d09f0814808..4c7a8edc18e 100644 --- a/dockerfiles/idp_ci.Dockerfile +++ b/dockerfiles/idp_ci.Dockerfile @@ -1,6 +1,6 @@ -FROM public.ecr.aws/docker/library/ruby:3.3.4-bullseye +FROM public.ecr.aws/docker/library/ruby:3.3.6-bullseye -ENV NODE_MAJOR 20 +ENV NODE_MAJOR 22 RUN mkdir -p /etc/apt/keyrings RUN curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | gpg --dearmor -o /etc/apt/keyrings/nodesource.gpg diff --git a/dockerfiles/idp_deploy.Dockerfile b/dockerfiles/idp_deploy.Dockerfile index 0c8f56db320..5ccf5df7da8 100644 --- a/dockerfiles/idp_deploy.Dockerfile +++ b/dockerfiles/idp_deploy.Dockerfile @@ -6,7 +6,7 @@ # avoid having build-essential and the large-files token be in the # main image. ######################################################################### -FROM public.ecr.aws/docker/library/ruby:3.3.4-slim as builder +FROM public.ecr.aws/docker/library/ruby:3.3.6-slim as builder # Set environment variables ENV RAILS_ROOT /app @@ -16,7 +16,7 @@ ENV RAILS_LOG_TO_STDOUT true ENV RAILS_LOG_LEVEL debug ENV BUNDLE_PATH /app/vendor/bundle ENV YARN_VERSION 1.22.5 -ENV NODE_VERSION 20.10.0 +ENV NODE_VERSION 22.11.0 ENV BUNDLER_VERSION 2.5.6 # Install dependencies diff --git a/dockerfiles/idp_review_app.Dockerfile b/dockerfiles/idp_review_app.Dockerfile index f868dd044c7..95187310cd7 100644 --- a/dockerfiles/idp_review_app.Dockerfile +++ b/dockerfiles/idp_review_app.Dockerfile @@ -1,4 +1,4 @@ -FROM ruby:3.3.4-slim +FROM ruby:3.3.6-slim # Set environment variables ENV RAILS_ROOT /app @@ -10,7 +10,7 @@ ENV LOGIN_CONFIG_FILE $RAILS_ROOT/tmp/application.yml ENV RAILS_LOG_LEVEL debug ENV BUNDLE_PATH /usr/local/bundle ENV YARN_VERSION 1.22.5 -ENV NODE_VERSION 20.10.0 +ENV NODE_VERSION 22.11.0 ENV BUNDLER_VERSION 2.5.6 ENV POSTGRES_SSLMODE prefer ENV POSTGRES_NAME idp diff --git a/docs/local-development.md b/docs/local-development.md index de3579432ea..dafdbf7daa0 100644 --- a/docs/local-development.md +++ b/docs/local-development.md @@ -24,7 +24,7 @@ If not using macOS: - Ruby. Choose the version [in the `.ruby-version` file](../.ruby-version) - [PostgreSQL](http://www.postgresql.org/download/) - [Redis 7+](http://redis.io/) - - [Node.js v20](https://nodejs.org) + - [Node.js v22](https://nodejs.org) - [Yarn](https://yarnpkg.com/en/) - [chromedriver](https://formulae.brew.sh/cask/chromedriver) diff --git a/package.json b/package.json index a76a4584f11..9467e2175b3 100644 --- a/package.json +++ b/package.json @@ -2,8 +2,9 @@ "name": "@18f/identity-idp", "version": "0.0.1", "private": true, + "type": "commonjs", "engines": { - "node": ">=20" + "node": ">=22" }, "workspaces": [ "app/javascript/packages/*" @@ -57,7 +58,7 @@ "@types/dirty-chai": "^2.0.2", "@types/grecaptcha": "^3.0.4", "@types/mocha": "^10.0.0", - "@types/node": "^20.2.5", + "@types/node": "^22.10.1", "@types/react": "^17.0.39", "@types/react-dom": "^17.0.11", "@types/sinon": "^10.0.13", diff --git a/spec/features/idv/end_to_end_idv_spec.rb b/spec/features/idv/end_to_end_idv_spec.rb index 505e181763e..492356f2291 100644 --- a/spec/features/idv/end_to_end_idv_spec.rb +++ b/spec/features/idv/end_to_end_idv_spec.rb @@ -135,6 +135,7 @@ complete_all_in_person_proofing_steps(user) test_restart_in_person_flow(user) complete_otp_verification_page(user) + expect(page).to have_current_path(idv_enter_password_path) test_go_back_in_person_flow @@ -429,7 +430,7 @@ def test_go_back_from_agreement def test_go_back_from_hybrid_handoff go_back - expect(current_path).to eql(idv_agreement_path) + expect(page).to have_current_path(idv_agreement_path) expect(page).to have_checked_field( t('doc_auth.instructions.consent', app_name: APP_NAME), visible: :all, @@ -515,7 +516,9 @@ def test_go_back_from_request_letter def test_go_back_in_person_flow go_back + expect(page).to have_current_path(idv_otp_verification_path) go_back + expect(page).to have_current_path(idv_phone_path) go_back expect(page).to have_current_path(idv_in_person_verify_info_path) # can't go back further with in person controllers (yet) diff --git a/spec/javascript/packages/device/index-spec.js b/spec/javascript/packages/device/index-spec.js index 7df25cf03dc..f03c1950fcf 100644 --- a/spec/javascript/packages/device/index-spec.js +++ b/spec/javascript/packages/device/index-spec.js @@ -4,183 +4,215 @@ import { isCameraCapableMobile, isIPad, } from '@18f/identity-device'; +import { useDefineProperty } from '@18f/identity-test-helpers'; describe('isIPad', () => { - let originalUserAgent; - let originalTouchPoints; - - beforeEach(() => { - originalUserAgent = navigator.userAgent; - originalTouchPoints = navigator.maxTouchPoints; - navigator.maxTouchPoints = 0; - Object.defineProperty(navigator, 'userAgent', { - configurable: true, - writable: true, - }); - Object.defineProperty(navigator, 'maxTouchPoints', { - writable: true, + const defineProperty = useDefineProperty(); + + context('ipad is in the user agent string (old format)', () => { + beforeEach(() => { + defineProperty(navigator, 'userAgent', { + configurable: true, + value: + 'Mozilla/5.0(iPad; U; CPU iPhone OS 3_2 like Mac OS X; en-us) AppleWebKit/531.21.10 (KHTML, like Gecko) Version/4.0.4 Mobile/7B314 Safari/531.21.10', + }); }); - }); - - afterEach(() => { - navigator.userAgent = originalUserAgent; - navigator.maxTouchPoints = originalTouchPoints; - }); - - it('returns true if ipad is in the user agent string (old format)', () => { - navigator.userAgent = - 'Mozilla/5.0(iPad; U; CPU iPhone OS 3_2 like Mac OS X; en-us) AppleWebKit/531.21.10 (KHTML, like Gecko) Version/4.0.4 Mobile/7B314 Safari/531.21.10'; - expect(isIPad()).to.be.true(); + it('returns true', () => { + expect(isIPad()).to.be.true(); + }); }); - it('returns false if the user agent is Macintosh but with 0 maxTouchPoints', () => { - navigator.userAgent = - 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36'; - - expect(isIPad()).to.be.false(); - }); + context('user agent is Macintosh', () => { + beforeEach(() => { + defineProperty(navigator, 'userAgent', { + configurable: true, + value: + 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36', + }); + }); - it('returns true if the user agent is Macintosh but with 5 maxTouchPoints', () => { - navigator.userAgent = - 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36'; - navigator.maxTouchPoints = 5; + context('with 0 maxTouchPoints', () => { + beforeEach(() => { + defineProperty(navigator, 'maxTouchPoints', { + configurable: true, + value: + 'Mozilla/5.0(iPad; U; CPU iPhone OS 3_2 like Mac OS X; en-us) AppleWebKit/531.21.10 (KHTML, like Gecko) Version/4.0.4 Mobile/7B314 Safari/531.21.10', + }); + }); + + it('returns false', () => { + expect(isIPad()).to.be.false(); + }); + }); - expect(isIPad()).to.be.true(); + context('with 5 maxTouchPoints', () => { + beforeEach(() => { + defineProperty(navigator, 'maxTouchPoints', { + configurable: true, + value: 5, + }); + }); + + it('returns true', () => { + expect(isIPad()).to.be.true(); + }); + }); }); - it('returns false for non-Apple userAgent, even with 5 macTouchPoints', () => { - navigator.userAgent = - 'Mozilla/5.0 (Linux; Android 13) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.58 Mobile Safari/537.36'; - navigator.maxTouchPoints = 5; + context('with non-Apple userAgent and 5 maxTouchPoints', () => { + beforeEach(() => { + defineProperty(navigator, 'userAgent', { + configurable: true, + value: + 'Mozilla/5.0 (Linux; Android 13) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.58 Mobile Safari/537.36', + }); + defineProperty(navigator, 'maxTouchPoints', { + configurable: true, + value: 5, + }); + }); - expect(isIPad()).to.be.false(); + it('returns false', () => { + expect(isIPad()).to.be.false(); + }); }); }); describe('isLikelyMobile', () => { - let originalUserAgent; - let originalTouchPoints; - - beforeEach(() => { - originalUserAgent = navigator.userAgent; - originalTouchPoints = navigator.maxTouchPoints; - navigator.maxTouchPoints = 0; - Object.defineProperty(navigator, 'userAgent', { - configurable: true, - writable: true, - }); - Object.defineProperty(navigator, 'maxTouchPoints', { - writable: true, + const defineProperty = useDefineProperty(); + + context('not mobile and has no touchpoints', () => { + beforeEach(() => { + defineProperty(navigator, 'userAgent', { + configurable: true, + value: + 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36', + }); + defineProperty(navigator, 'maxTouchPoints', { + configurable: true, + value: 0, + }); }); - }); - - afterEach(() => { - navigator.userAgent = originalUserAgent; - navigator.maxTouchPoints = originalTouchPoints; - }); - it('returns false if not mobile and has no touchpoints', () => { - navigator.userAgent = - 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36'; - navigator.maxTouchPoints = 0; - - expect(isLikelyMobile()).to.be.false(); + it('returns false', () => { + expect(isLikelyMobile()).to.be.false(); + }); }); - it('returns true if there is an Apple user agent and 5 maxTouchPoints', () => { - navigator.userAgent = - 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36'; - navigator.maxTouchPoints = 5; + context('Apple user agent and 5 maxTouchPoints', () => { + beforeEach(() => { + defineProperty(navigator, 'userAgent', { + configurable: true, + value: + 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36', + }); + defineProperty(navigator, 'maxTouchPoints', { + configurable: true, + value: 5, + }); + }); - expect(isLikelyMobile()).to.be.true(); + it('returns true', () => { + expect(isLikelyMobile()).to.be.true(); + }); }); - it('returns true if likely mobile', () => { - navigator.userAgent = - 'Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148'; + context('with likely-mobile user agent', () => { + beforeEach(() => { + defineProperty(navigator, 'userAgent', { + configurable: true, + value: + 'Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148', + }); + }); - expect(isLikelyMobile()).to.be.true(); + it('returns true', () => { + expect(isLikelyMobile()).to.be.true(); + }); }); }); describe('hasMediaAccess', () => { - let originalMediaDevices; - beforeEach(() => { - originalMediaDevices = navigator.mediaDevices; - Object.defineProperty(navigator, 'mediaDevices', { - configurable: true, - writable: true, + const defineProperty = useDefineProperty(); + + context('without media device API access', () => { + beforeEach(() => { + defineProperty(navigator, 'mediaDevices', { + configurable: true, + value: undefined, + }); }); - }); - afterEach(() => { - if (originalMediaDevices === undefined) { - delete navigator.mediaDevices; - } else { - navigator.mediaDevices = originalMediaDevices; - } - }); - - it('returns false if no media device API access', () => { - delete navigator.mediaDevices; - - expect(hasMediaAccess()).to.be.false(); + it('returns false', () => { + expect(hasMediaAccess()).to.be.false(); + }); }); - it('returns true if media device API access', () => { - navigator.mediaDevices = {}; + context('with media device API access', () => { + beforeEach(() => { + defineProperty(navigator, 'mediaDevices', { + configurable: true, + value: {}, + }); + }); - expect(hasMediaAccess()).to.be.true(); + it('returns true', () => { + expect(hasMediaAccess()).to.be.true(); + }); }); }); describe('isCameraCapableMobile', () => { - let originalUserAgent; - let originalMediaDevices; - beforeEach(() => { - originalUserAgent = navigator.userAgent; - originalMediaDevices = navigator.mediaDevices; - Object.defineProperty(navigator, 'userAgent', { - configurable: true, - writable: true, - }); - Object.defineProperty(navigator, 'mediaDevices', { - configurable: true, - writable: true, + const defineProperty = useDefineProperty(); + + context('not mobile', () => { + beforeEach(() => { + defineProperty(navigator, 'userAgent', { + configurable: true, + value: + 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36', + }); }); - }); - - afterEach(() => { - navigator.userAgent = originalUserAgent; - if (originalMediaDevices === undefined) { - delete navigator.mediaDevices; - } else { - navigator.mediaDevices = originalMediaDevices; - } - }); - it('returns false if not mobile', () => { - navigator.userAgent = - 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.125 Safari/537.36'; - navigator.mediaDevices = {}; - - expect(isCameraCapableMobile()).to.be.false(); + it('returns false', () => { + expect(isCameraCapableMobile()).to.be.false(); + }); }); - it('returns false if no media device API access', () => { - navigator.userAgent = - 'Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148'; - delete navigator.mediaDevices; - - expect(isCameraCapableMobile()).to.be.false(); - }); + context('likely mobile', () => { + beforeEach(() => { + defineProperty(navigator, 'userAgent', { + configurable: true, + value: + 'Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148', + }); + }); - it('returns true if likely mobile and media device API access', () => { - navigator.userAgent = - 'Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148'; - navigator.mediaDevices = {}; + context('without media device API access', () => { + beforeEach(() => { + defineProperty(navigator, 'mediaDevices', { + configurable: true, + value: undefined, + }); + }); + + it('returns false', () => { + expect(isCameraCapableMobile()).to.be.false(); + }); + }); - expect(isCameraCapableMobile()).to.be.true(); + context('with media device API access', () => { + beforeEach(() => { + defineProperty(navigator, 'mediaDevices', { + configurable: true, + value: {}, + }); + }); + + it('returns true', () => { + expect(isCameraCapableMobile()).to.be.true(); + }); + }); }); }); diff --git a/spec/javascript/spec_helper.js b/spec/javascript/spec_helper.js index 71c90d0d1e1..1cd0d9e71bb 100644 --- a/spec/javascript/spec_helper.js +++ b/spec/javascript/spec_helper.js @@ -20,6 +20,7 @@ global.expect = chai.expect; const dom = createDOM(); global.jsdom = dom; global.window = dom.window; +Object.assign(global.navigator, dom.window.navigator); const windowGlobals = Object.fromEntries( Object.getOwnPropertyNames(window) .filter((key) => !(key in global)) diff --git a/spec/support/idv_examples/sp_requested_attributes.rb b/spec/support/idv_examples/sp_requested_attributes.rb index d2ee8560579..ac7641780bb 100644 --- a/spec/support/idv_examples/sp_requested_attributes.rb +++ b/spec/support/idv_examples/sp_requested_attributes.rb @@ -67,7 +67,7 @@ expect(current_url).to include('http://localhost:7654/auth/result') elsif sp == :saml if javascript_enabled? - expect(current_path).to eq(test_saml_decode_assertion_path) + expect(page).to have_current_path(test_saml_decode_assertion_path) else expect(current_url).to include(api_saml_auth_url(path_year: PATH_YEAR)) end diff --git a/yarn.lock b/yarn.lock index 1111af3e87b..ec103eca0b4 100644 --- a/yarn.lock +++ b/yarn.lock @@ -1462,12 +1462,12 @@ resolved "https://registry.yarnpkg.com/@types/mocha/-/mocha-10.0.0.tgz#3d9018c575f0e3f7386c1de80ee66cc21fbb7a52" integrity sha512-rADY+HtTOA52l9VZWtgQfn4p+UDVM2eDVkMZT1I6syp0YKxW2F9v+0pbRZLsvskhQv/vMb6ZfCay81GHbz5SHg== -"@types/node@*", "@types/node@^20.2.5": - version "20.14.7" - resolved "https://registry.yarnpkg.com/@types/node/-/node-20.14.7.tgz#342cada27f97509eb8eb2dbc003edf21ce8ab5a8" - integrity sha512-uTr2m2IbJJucF3KUxgnGOZvYbN0QgkGyWxG6973HCpMYFy2KfcgYuIwkJQMQkt1VbBMlvWRbpshFTLxnxCZjKQ== +"@types/node@*", "@types/node@^22.10.1": + version "22.10.1" + resolved "https://registry.yarnpkg.com/@types/node/-/node-22.10.1.tgz#41ffeee127b8975a05f8c4f83fb89bcb2987d766" + integrity sha512-qKgsUwfHZV2WCWLAnVP1JqnpE6Im6h3Y0+fYgMTasNQ7V++CBX5OT1as0g0f+OyubbFqhf6XVNIsmN4IIhEgGQ== dependencies: - undici-types "~5.26.4" + undici-types "~6.20.0" "@types/prop-types@*": version "15.7.3" @@ -5927,10 +5927,10 @@ unbox-primitive@^1.0.2: has-symbols "^1.0.3" which-boxed-primitive "^1.0.2" -undici-types@~5.26.4: - version "5.26.5" - resolved "https://registry.yarnpkg.com/undici-types/-/undici-types-5.26.5.tgz#bcd539893d00b56e964fd2657a4866b221a65617" - integrity sha512-JlCMO+ehdEIKqlFxk6IfVoAUVmgz7cU7zD/h9XZ0qzeosSHmUJVOzSQvvYSYWXkFXC+IfLKSIffhv0sVZup6pA== +undici-types@~6.20.0: + version "6.20.0" + resolved "https://registry.yarnpkg.com/undici-types/-/undici-types-6.20.0.tgz#8171bf22c1f588d1554d55bf204bc624af388433" + integrity sha512-Ny6QZ2Nju20vw1SRHe3d9jVu6gJ+4e3+MMpqu7pqE5HT6WsTSlce++GQmK5UXS8mzV8DSYHrQH+Xrf2jVcuKNg== unicode-canonical-property-names-ecmascript@^1.0.4: version "1.0.4" From ad8b9a95bfb3455880ba17e08c6db44592ff746c Mon Sep 17 00:00:00 2001 From: Jonathan Hooper Date: Mon, 16 Dec 2024 13:19:36 -0500 Subject: [PATCH 15/19] Modify the step-indicator page such that the "Re-enter password" step is not marked complete (#11625) We received feedback from a partner that users may think that they are done with the identity verification workflow on the personal key page because all of the steps on the step indicator are marked complete. This commit modifies the step indicator on the personal key page so the "Re-enter password" step is not complete on that page. Since there is not longer a case where all step indicator steps are complete this change also removes the `complete` status from the `StepIndicatorComponent`. [skip changelog] --- app/components/step_indicator_component.rb | 4 ---- .../idv/personal_key_controller.rb | 11 +++++---- .../step_indicator_component_spec.rb | 23 ------------------- spec/features/idv/end_to_end_idv_spec.rb | 3 +-- 4 files changed, 8 insertions(+), 33 deletions(-) diff --git a/app/components/step_indicator_component.rb b/app/components/step_indicator_component.rb index 72e64dae105..c3e4fabd79f 100644 --- a/app/components/step_indicator_component.rb +++ b/app/components/step_indicator_component.rb @@ -3,8 +3,6 @@ class StepIndicatorComponent < BaseComponent attr_reader :current_step, :locale_scope, :tag_options - ALL_STEPS_COMPLETE = :all_steps_complete - def initialize(steps:, current_step:, locale_scope: nil, **tag_options) @steps = steps @current_step = current_step @@ -23,8 +21,6 @@ def steps private def step_status(step) - return :complete if current_step == ALL_STEPS_COMPLETE - if step[:name] == current_step :current elsif step_index(step[:name]) < step_index(current_step) diff --git a/app/controllers/idv/personal_key_controller.rb b/app/controllers/idv/personal_key_controller.rb index 8599d8291b8..31933e2955e 100644 --- a/app/controllers/idv/personal_key_controller.rb +++ b/app/controllers/idv/personal_key_controller.rb @@ -129,10 +129,13 @@ def redirect_to_retrieve_pii end def step_indicator_step - return :secure_account if idv_session.verify_by_mail? - return :go_to_the_post_office if in_person_proofing? - - StepIndicatorComponent::ALL_STEPS_COMPLETE + if gpo_address_verification? + :secure_account + elsif in_person_proofing? + :go_to_the_post_office + else + :re_enter_password + end end helper_method :step_indicator_step end diff --git a/spec/components/step_indicator_component_spec.rb b/spec/components/step_indicator_component_spec.rb index 34dbd9e3947..bde0dd203d3 100644 --- a/spec/components/step_indicator_component_spec.rb +++ b/spec/components/step_indicator_component_spec.rb @@ -115,29 +115,6 @@ ) end end - - context 'all steps complete' do - let(:current_step) { StepIndicatorComponent::ALL_STEPS_COMPLETE } - - it 'renders current step' do - expect(rendered).not_to have_css('.step-indicator__step--current') - end - - it 'renders all steps completed' do - expect(rendered).to have_css( - '.step-indicator__step--complete', - text: t('step_indicator.flows.example.one'), - ) - expect(rendered).to have_css( - '.step-indicator__step--complete', - text: t('step_indicator.flows.example.two'), - ) - expect(rendered).to have_css( - '.step-indicator__step--complete', - text: t('step_indicator.flows.example.three'), - ) - end - end end describe 'locale_scope' do diff --git a/spec/features/idv/end_to_end_idv_spec.rb b/spec/features/idv/end_to_end_idv_spec.rb index 492356f2291..eef9d8baadd 100644 --- a/spec/features/idv/end_to_end_idv_spec.rb +++ b/spec/features/idv/end_to_end_idv_spec.rb @@ -366,10 +366,9 @@ def validate_personal_key_page text: t('step_indicator.flows.idv.verify_phone'), ) expect(page).to have_css( - '.step-indicator__step--complete', + '.step-indicator__step--current', text: t('step_indicator.flows.idv.re_enter_password'), ) - expect(page).not_to have_css('.step-indicator__step--current') expect(page).not_to have_content(t('step_indicator.flows.idv.verify_address')) # Refreshing shows same page (BUT with new personal key, we should warn the user) From 1ec6cccdc7c7bf58e7afa4c52030f9def7491a3b Mon Sep 17 00:00:00 2001 From: voidlily Date: Mon, 16 Dec 2024 11:19:52 -0800 Subject: [PATCH 16/19] missed a spot in ruby dockerfile (#11649) [skip changelog] --- dockerfiles/idp_deploy.Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dockerfiles/idp_deploy.Dockerfile b/dockerfiles/idp_deploy.Dockerfile index 5ccf5df7da8..fd0a900d5e5 100644 --- a/dockerfiles/idp_deploy.Dockerfile +++ b/dockerfiles/idp_deploy.Dockerfile @@ -140,7 +140,7 @@ RUN openssl req -x509 -sha256 -nodes -newkey rsa:2048 -days 1825 \ ######################################################################### # This is the main image. ######################################################################### -FROM public.ecr.aws/docker/library/ruby:3.3.4-slim as main +FROM public.ecr.aws/docker/library/ruby:3.3.6-slim as main # Set environment variables ENV RAILS_ROOT /app From 5dc905b85c55f09affcf82a8090f1f276dfa836b Mon Sep 17 00:00:00 2001 From: Jonathan Hooper Date: Tue, 17 Dec 2024 08:54:39 -0500 Subject: [PATCH 17/19] LG-15280 Update the alert for successful document capture (#11650) * LG-15280 Update the alert for successful document capture When a user successfully complete document capture we showed an alert on the next screen that says "We successfully verified your ID". We received feedback that this may lead people to believe that they are finished with IdV. This commit updates the language to prevent any confusion. [skip changelog] * cleanup french apostrophe --- config/locales/en.yml | 2 +- config/locales/es.yml | 2 +- config/locales/zh.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/config/locales/en.yml b/config/locales/en.yml index cde8b2451ec..89b9f965ec0 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -590,7 +590,7 @@ doc_auth.headers.underage: Age requirement not met doc_auth.headers.unreadable_id: We could not read your ID doc_auth.headings.address: Update your mailing address doc_auth.headings.back: Back of your driver’s license or state ID -doc_auth.headings.capture_complete: We verified your ID +doc_auth.headings.capture_complete: We verified your identity document doc_auth.headings.capture_scan_warning_html: We couldn’t read the barcode on your ID. If the information below is incorrect, please %{link_html} of your state‑issued ID. doc_auth.headings.capture_scan_warning_link: upload new photos doc_auth.headings.document_capture: Add photos of your driver’s license or state ID card diff --git a/config/locales/es.yml b/config/locales/es.yml index 432d79dfa10..cda68a9429a 100644 --- a/config/locales/es.yml +++ b/config/locales/es.yml @@ -601,7 +601,7 @@ doc_auth.headers.underage: No se cumplió con el requisito de edad doc_auth.headers.unreadable_id: No pudimos leer su identificación doc_auth.headings.address: Actualice su dirección postal doc_auth.headings.back: Reverso de su licencia de conducir o identificación estatal -doc_auth.headings.capture_complete: Verificamos su identificación +doc_auth.headings.capture_complete: Verificamos su documento de identidad doc_auth.headings.capture_scan_warning_html: No pudimos leer el código de barras en su identificación. Si la información que aparece a continuación es incorrecta, %{link_html} de su identificación emitida por el estado. doc_auth.headings.capture_scan_warning_link: cargue nuevas fotos doc_auth.headings.document_capture: Añade fotos de tu licencia de conducir o credencial de identificación oficial diff --git a/config/locales/zh.yml b/config/locales/zh.yml index 38951fa9ead..71d9f687ed1 100644 --- a/config/locales/zh.yml +++ b/config/locales/zh.yml @@ -601,7 +601,7 @@ doc_auth.headers.underage: 不符合年龄规定 doc_auth.headers.unreadable_id: 我们无法读取你的身份证件 doc_auth.headings.address: 更新你的邮政地址 doc_auth.headings.back: 驾照或州政府颁发身份证件的背面。 -doc_auth.headings.capture_complete: 我们验证了你的身份证件 +doc_auth.headings.capture_complete: 我们验证了你的身份文件 doc_auth.headings.capture_scan_warning_html: 我们读取不到你身份证件上的条形码。如果以下信息不正确,请将州政府颁发的身份证件%{link_html}。 doc_auth.headings.capture_scan_warning_link: 上传新照片 doc_auth.headings.document_capture: 添加你身份证件的照片 From e57b5bcb5c306feda09c0a4da132af29193a6e54 Mon Sep 17 00:00:00 2001 From: Malick Diarra Date: Tue, 17 Dec 2024 11:05:40 -0500 Subject: [PATCH 18/19] LG-14998: Update add email to change email on completion screen (#11594) * changelog: User-Facing Improvements, Authentication with SP, change link from add email to change email * make url options default * fix unnecessary spacing * update url options * change so all flows go to select email page * update completions presenter spec * update show link for a checking enabled and disabled functionality --- app/presenters/completions_presenter.rb | 4 ---- app/views/sign_up/completions/show.html.erb | 6 +---- .../sign_up/completions/show.html.erb_spec.rb | 24 ++----------------- 3 files changed, 3 insertions(+), 31 deletions(-) diff --git a/app/presenters/completions_presenter.rb b/app/presenters/completions_presenter.rb index 55f8cadb77a..2311d7276d1 100644 --- a/app/presenters/completions_presenter.rb +++ b/app/presenters/completions_presenter.rb @@ -105,10 +105,6 @@ def pii end end - def multiple_emails? - current_user.confirmed_email_addresses.many? - end - private def first_time_signing_in? diff --git a/app/views/sign_up/completions/show.html.erb b/app/views/sign_up/completions/show.html.erb index b40f9ce2a3c..15dfc999cb9 100644 --- a/app/views/sign_up/completions/show.html.erb +++ b/app/views/sign_up/completions/show.html.erb @@ -46,11 +46,7 @@
<%= attribute_value.to_s %>

- <% if @presenter.multiple_emails? %> - <%= link_to t('help_text.requested_attributes.change_email_link'), sign_up_select_email_path %> - <% else %> - <%= link_to t('account.index.email_add'), add_email_path(in_select_email_flow: true) %> - <% end %> + <%= link_to t('help_text.requested_attributes.change_email_link'), sign_up_select_email_path %>

<% else %> diff --git a/spec/views/sign_up/completions/show.html.erb_spec.rb b/spec/views/sign_up/completions/show.html.erb_spec.rb index 352e3e293e1..a6ac0d96a0e 100644 --- a/spec/views/sign_up/completions/show.html.erb_spec.rb +++ b/spec/views/sign_up/completions/show.html.erb_spec.rb @@ -68,38 +68,18 @@ ).and_return(false) end - it 'does not show a link to select different email' do - create(:email_address, user: user) - user.reload - render - - expect(rendered).to_not include(t('help_text.requested_attributes.change_email_link')) - expect(rendered).to_not include(t('account.index.email_add')) - end - - it 'does not show a link to add another email' do + it 'does not show change link' do render expect(rendered).to_not include(t('help_text.requested_attributes.change_email_link')) - expect(rendered).to_not include(t('account.index.email_add')) end end context 'select email to send to partner' do - it 'does not show a link to select different email' do - create(:email_address, user: user) - user.reload + it 'shows email change link' do render expect(rendered).to include(t('help_text.requested_attributes.change_email_link')) - expect(rendered).to_not include(t('account.index.email_add')) - end - - it 'does not show a link to add another email' do - render - - expect(rendered).to_not include(t('help_text.requested_attributes.change_email_link')) - expect(rendered).to include(t('account.index.email_add')) end end From 31db4c54d37883ff63c9e4e860f60d91db9b0563 Mon Sep 17 00:00:00 2001 From: Gina <125507397+gina-yamada@users.noreply.github.com> Date: Tue, 17 Dec 2024 09:51:28 -0700 Subject: [PATCH 19/19] LG-15148 Add Translation to Pending In Person Warning for Password Reset Instructions (#11645) * Add translations for IPP PW reset * changelog: User-Facing Improvements, In-Person proofing, Add translations for IPP Password Reset Email * fix linter error * Remove key from allowed_untranslated list --- config/locales/es.yml | 2 +- config/locales/fr.yml | 2 +- config/locales/zh.yml | 2 +- spec/i18n_spec.rb | 1 - 4 files changed, 3 insertions(+), 4 deletions(-) diff --git a/config/locales/es.yml b/config/locales/es.yml index cda68a9429a..e790124af69 100644 --- a/config/locales/es.yml +++ b/config/locales/es.yml @@ -1978,7 +1978,7 @@ user_mailer.reset_password_instructions.footer: Este vínculo vence en %{expires user_mailer.reset_password_instructions.gpo_letter_description: Si restablece su contraseña, el código de verificación que recibió en su carta ya no funcionará y tendrá que volver a verificar su identidad. user_mailer.reset_password_instructions.gpo_letter_header: Su carta está en camino user_mailer.reset_password_instructions.header: Para terminar de restablecer su contraseña, haga clic en el enlace de abajo o copie y pegue el enlace completo en su navegador. -user_mailer.reset_password_instructions.in_person_warning_description_html: If you reset your password now, your barcode will not work at the Post Office. You’ll have to restart the identity verification process from the beginning. +user_mailer.reset_password_instructions.in_person_warning_description_html: Si restablece su contraseña ahora, su código de barras no funcionará en la oficina de correos. Tendrá que volver a iniciar el proceso de verificación de identidad desde el principio. user_mailer.reset_password_instructions.link_text: Restablezca su contraseña user_mailer.reset_password_instructions.subject: Restablezca su contraseña user_mailer.signup_with_your_email.help_html: Si usted no solicitó una cuenta nueva o sospecha que hubo un error, visite la %{help_link_html} de %{app_name_html} o %{contact_link_html}. diff --git a/config/locales/fr.yml b/config/locales/fr.yml index c744644e554..6775afb05c9 100644 --- a/config/locales/fr.yml +++ b/config/locales/fr.yml @@ -1966,7 +1966,7 @@ user_mailer.reset_password_instructions.footer: Ce lien expire dans %{expires} h user_mailer.reset_password_instructions.gpo_letter_description: Si vous réinitialisez votre mot de passe, le code de vérification contenu dans votre lettre ne fonctionnera plus et vous devrez reconfirmer votre identité. user_mailer.reset_password_instructions.gpo_letter_header: Votre lettre est en route user_mailer.reset_password_instructions.header: Pour terminer la réinitialisation de votre mot de passe, veuillez cliquer sur le lien ci-dessous ou copier et coller le lien complet dans votre navigateur. -user_mailer.reset_password_instructions.in_person_warning_description_html: If you reset your password now, your barcode will not work at the Post Office. You’ll have to restart the identity verification process from the beginning. +user_mailer.reset_password_instructions.in_person_warning_description_html: Si vous réinitialisez maintenant votre mot de passe, votre code-barres ne fonctionnera pas au bureau de poste. Vous devrez recommencer la procédure de vérification d’identité depuis le début. user_mailer.reset_password_instructions.link_text: Réinitialiser votre mot de passe user_mailer.reset_password_instructions.subject: Réinitialiser votre mot de passe user_mailer.signup_with_your_email.help_html: Si vous n’avez pas demandé un nouveau compte ou soupçonnez qu’une erreur s’est produite, veuillez visiter le %{help_link_html} de %{app_name_html} ou %{contact_link_html}. diff --git a/config/locales/zh.yml b/config/locales/zh.yml index 71d9f687ed1..aaebc735fad 100644 --- a/config/locales/zh.yml +++ b/config/locales/zh.yml @@ -1979,7 +1979,7 @@ user_mailer.reset_password_instructions.footer: 这一链接 %{expires} 小时 user_mailer.reset_password_instructions.gpo_letter_description: 如果你重设密码,信件中的一次性代码就会失效,你需要再次验证身份。 user_mailer.reset_password_instructions.gpo_letter_header: 你的信件已寄出。 user_mailer.reset_password_instructions.header: 要完成重设密码,请点击下面的链接或把整个链接复制并黏贴进浏览器。 -user_mailer.reset_password_instructions.in_person_warning_description_html: If you reset your password now, your barcode will not work at the Post Office. You’ll have to restart the identity verification process from the beginning. +user_mailer.reset_password_instructions.in_person_warning_description_html: 如果你现在重设密码,你的条形码在邮局将无法使用。你会不得不从头开始身份验证流程。 user_mailer.reset_password_instructions.link_text: 重设你的密码 user_mailer.reset_password_instructions.subject: 重设你的密码 user_mailer.signup_with_your_email.help_html: 如果你没有要求一封新电邮或怀疑有错, 请访问 %{app_name_html}的 %{help_link_html} 或者 %{contact_link_html}。 diff --git a/spec/i18n_spec.rb b/spec/i18n_spec.rb index 105eab71d2f..3921ab7c8d3 100644 --- a/spec/i18n_spec.rb +++ b/spec/i18n_spec.rb @@ -74,7 +74,6 @@ class BaseTask { key: 'time.formats.event_timestamp', locales: %i[zh] }, { key: 'time.formats.full_date', locales: %i[es] }, # format is the same in Spanish and English { key: 'time.formats.sms_date' }, # for us date format - { key: 'user_mailer.reset_password_instructions.in_person_warning_description_html', locales: %i[es fr zh] }, # Temporary until spanish, french, and chinese translations come in. { key: 'webauthn_platform_recommended.cta' }, # English-only A/B test { key: 'webauthn_platform_recommended.description_private_html' }, # English-only A/B test { key: 'webauthn_platform_recommended.description_secure_account' }, # English-only A/B test