LG-15321: relax vendor redirect in test mode

app/controllers/concerns/idv/document_capture_concern.rb

@@ -59,6 +59,10 @@ def selfie_requirement_met?
     end
 
     def redirect_to_correct_vendor(vendor, in_hybrid_mobile)
+      return if IdentityConfig.store.doc_auth_selfie_desktop_test_mode &&
+                !(vendor == Idp::Constants::Vendors::SOCURE &&
+                resolved_authn_context_result.facial_match?)
+
       expected_doc_auth_vendor = doc_auth_vendor
       return if vendor == expected_doc_auth_vendor
       return if vendor == Idp::Constants::Vendors::LEXIS_NEXIS &&

app/controllers/idv/socure/document_capture_controller.rb

@@ -99,8 +99,7 @@ def self.step_info
               idv_session.skip_doc_auth_from_handoff ||
               idv_session.skip_hybrid_handoff ||
               idv_session.skip_doc_auth_from_how_to_verify ||
-              !idv_session.selfie_check_required ||
-              idv_session.desktop_selfie_test_mode_enabled?)
+              !idv_session.selfie_check_required)
           },
           undo_step: ->(idv_session:, user:) do
             idv_session.pii_from_doc = nil

spec/controllers/idv/document_capture_controller_spec.rb

@@ -20,6 +20,7 @@
   # selfie related test flags
   let(:sp_selfie_enabled) { false }
   let(:flow_path) { 'standard' }
+  let(:doc_auth_selfie_desktop_test_mode) { false }
 
   before do
     stub_sign_in(user)
@@ -41,6 +42,9 @@
     allow(IdentityConfig.store).to receive(:doc_auth_vendor_default).and_return(
       Idp::Constants::Vendors::LEXIS_NEXIS,
     )
+
+    allow(IdentityConfig.store).to receive(:doc_auth_selfie_desktop_test_mode)
+      .and_return(doc_auth_selfie_desktop_test_mode)
   end
 
   describe '#step_info' do
@@ -64,11 +68,6 @@
       describe 'with sp selfie enabled' do
         let(:sp_selfie_enabled) { true }
 
-        before do
-          allow(IdentityConfig.store).to receive(:doc_auth_selfie_desktop_test_mode)
-            .and_return(false)
-        end
-
         it 'does satisfy precondition' do
           expect(Idv::DocumentCaptureController.step_info.preconditions.is_a?(Proc))
           expect(subject).not_to receive(:render).with(:show, locals: an_instance_of(Hash))
@@ -179,13 +178,8 @@
 
     context 'when a selfie is requested' do
       let(:sp_selfie_enabled) { true }
-      let(:desktop_selfie_enabled) { false }
-      before do
-        allow(IdentityConfig.store).to receive(:doc_auth_selfie_desktop_test_mode)
-          .and_return(desktop_selfie_enabled)
-      end
+
       describe 'when desktop selfie disabled' do
-        let(:desktop_selfie_enabled) { false }
         it 'redirect back to handoff page' do
           expect(subject).not_to receive(:render).with(
             :show,
@@ -202,7 +196,7 @@
       end
 
       describe 'when desktop selfie enabled' do
-        let(:desktop_selfie_enabled) { true }
+        let(:doc_auth_selfie_desktop_test_mode) { true }
         it 'allows capture' do
           expect(subject).to receive(:render).with(
             :show,
@@ -321,7 +315,6 @@
       let(:sp_selfie_enabled) { true }
 
       before do
-        allow(IdentityConfig.store).to receive(:doc_auth_selfie_desktop_test_mode).and_return(false)
         allow(Idv::InPersonConfig).to receive(:enabled_for_issuer?).with(anything).and_return(false)
       end
 

spec/controllers/idv/hybrid_mobile/document_capture_controller_spec.rb

@@ -25,6 +25,7 @@
 
     allow(IdentityConfig.store).to receive(:doc_auth_vendor).and_return(idv_vendor)
     allow(IdentityConfig.store).to receive(:doc_auth_vendor_default).and_return(idv_vendor)
+    allow(IdentityConfig.store).to receive(:doc_auth_selfie_desktop_test_mode).and_return(false)
   end
 
   describe 'before_actions' do

spec/controllers/idv/hybrid_mobile/socure/document_capture_controller_spec.rb

@@ -29,6 +29,7 @@
     allow(IdentityConfig.store).to receive(:doc_auth_vendor_default).and_return(idv_vendor)
     allow(IdentityConfig.store).to receive(:doc_auth_vendor_switching_enabled)
       .and_return(vendor_switching_enabled)
+    allow(IdentityConfig.store).to receive(:doc_auth_selfie_desktop_test_mode).and_return(false)
 
     allow(subject).to receive(:stored_result).and_return(stored_result)
 

spec/controllers/idv/socure/document_capture_controller_spec.rb

@@ -28,6 +28,7 @@
   end
 
   let(:socure_docv_verification_data_test_mode) { false }
+  let(:doc_auth_selfie_desktop_test_mode) { false }
 
   before do
     allow(IdentityConfig.store).to receive(:socure_docv_enabled)
@@ -39,7 +40,8 @@
     allow(IdentityConfig.store).to receive(:doc_auth_vendor_switching_enabled)
       .and_return(vendor_switching_enabled)
     allow_any_instance_of(ApplicationController).to receive(:current_user).and_return(user)
-
+    allow(IdentityConfig.store).to receive(:doc_auth_selfie_desktop_test_mode)
+      .and_return(doc_auth_selfie_desktop_test_mode)
     allow(subject).to receive(:stored_result).and_return(stored_result)
 
     user_session = {}
@@ -120,7 +122,15 @@
 
         it 'redirects to the LN/mock controller' do
           get :show
-          expect(response).to redirect_to idv_document_capture_url
+          expect(response).to redirect_to idv_hybrid_handoff_url
+        end
+
+        context 'when desktop test mode is enabled' do
+          let(:doc_auth_selfie_desktop_test_mode) { true }
+          it 'redirects to the LN/mock controller' do
+            get :show
+            expect(response).to redirect_to idv_document_capture_url
+          end
         end
       end
     end

spec/features/idv/doc_auth/socure_document_capture_spec.rb

@@ -25,6 +25,8 @@
       .and_return(fake_socure_docv_document_request_endpoint)
     allow(IdentityConfig.store).to receive(:socure_docv_webhook_repeat_endpoints)
       .and_return(socure_docv_webhook_repeat_endpoints)
+    allow(IdentityConfig.store).to receive(:doc_auth_selfie_desktop_test_mode)
+      .and_return(true, false)
     socure_docv_webhook_repeat_endpoints.each { |endpoint| stub_request(:post, endpoint) }
     allow(IdentityConfig.store).to receive(:ruby_workers_idv_enabled).and_return(false)
     allow_any_instance_of(ApplicationController).to receive(:analytics).and_return(fake_analytics)
@@ -198,6 +200,8 @@
           before do
             allow_any_instance_of(Faraday::Connection).to receive(:post)
               .and_raise(Faraday::ConnectionFailed)
+            allow(IdentityConfig.store).to receive(:doc_auth_selfie_desktop_test_mode)
+              .and_return(true, false)
           end
 
           it 'shows the network error page', js: true do

spec/features/idv/hybrid_mobile/entry_spec.rb

@@ -24,6 +24,8 @@
   context 'valid link' do
     before do
       allow(IdentityConfig.store).to receive(:socure_docv_enabled).and_return(true)
+      allow(IdentityConfig.store).to receive(:doc_auth_selfie_desktop_test_mode)
+        .and_return(true, false)
     end
 
     it 'puts the user on the document capture page' do

spec/features/idv/hybrid_mobile/hybrid_socure_mobile_spec.rb

@@ -491,9 +491,12 @@
     end
   end
 
-  context 'invalid request', allow_browser_log: true do
+  # this does not test the hybrid mobile flow
+  xcontext 'invalid request', allow_browser_log: true do
     context 'getting the capture path w wrong api key' do
       before do
+        # allow(IdentityConfig.store).to receive(:socure_docv_verification_data_test_mode)
+        #   .and_return(true, false)
         user = user_with_2fa
         visit_idp_from_oidc_sp_with_ial2
         sign_in_and_2fa_user(user)