Merge pull request #10845 from 18F/stages/rc-2024-06-20

Deploy RC 391 to Production

app/assets/stylesheets/email.css.scss

@@ -177,6 +177,10 @@ h6 {
   @include u-border(1px);
 }
 
+.border-top-width-0 {
+  border-top: 0;
+}
+
 .border-primary-light {
   @include u-border('primary-light');
 }
@@ -221,6 +225,10 @@ h6 {
   @include u-margin-bottom(2);
 }
 
+.margin-bottom-3 {
+  @include u-margin-bottom(3);
+}
+
 .margin-bottom-4 {
   @include u-margin-bottom(4);
 }
@@ -253,10 +261,22 @@ h6 {
   @include u-padding(4);
 }
 
+.padding-x-4 {
+  @include u-padding-x(4);
+}
+
+.padding-bottom-0 {
+  @include u-padding-bottom(0);
+}
+
 .padding-bottom-4 {
   @include u-padding-bottom(4);
 }
 
+.padding-top-4 {
+  @include u-padding-top(4);
+}
+
 .radius-lg {
   @include u-radius('lg');
 }

app/controllers/concerns/idv/verify_info_concern.rb

@@ -26,7 +26,6 @@ def shared_update
 
       Idv::Agent.new(pii).proof_resolution(
         document_capture_session,
-        should_proof_state_id: aamva_state?,
         trace_id: amzn_trace_id,
         user_id: current_user.id,
         threatmetrix_session_id: idv_session.threatmetrix_session_id,
@@ -43,10 +42,6 @@ def ipp_enrollment_in_progress?
       current_user.has_in_person_enrollment?
     end
 
-    def aamva_state?
-      IdentityConfig.store.aamva_supported_jurisdictions.include?(pii['state_id_jurisdiction'])
-    end
-
     def resolution_rate_limiter
       @resolution_rate_limiter ||= RateLimiter.new(
         user: current_user,

app/controllers/idv/by_mail/enter_code_controller.rb

@@ -45,7 +45,7 @@ def create
 
         @gpo_verify_form = build_gpo_verify_form
 
-        result = @gpo_verify_form.submit
+        result = @gpo_verify_form.submit(resolved_authn_context_result.enhanced_ipp?)
         analytics.idv_verify_by_mail_enter_code_submitted(**result.to_h)
 
         if !result.success?

app/controllers/idv/enter_password_controller.rb

@@ -124,8 +124,10 @@ def gpo_mail_service
     end
 
     def init_profile
-      idv_session.create_profile_from_applicant_with_password(password)
-
+      idv_session.create_profile_from_applicant_with_password(
+        password,
+        resolved_authn_context_result.enhanced_ipp?,
+      )
       if idv_session.verify_by_mail?
         current_user.send_email_to_all_addresses(:verify_by_mail_letter_requested)
         analytics.idv_gpo_address_letter_enqueued(

app/controllers/idv/in_person/ready_to_verify_controller.rb

@@ -17,9 +17,12 @@ class ReadyToVerifyController < ApplicationController
       before_action :confirm_in_person_session
 
       def show
-        @is_eipp = resolved_authn_context_result.enhanced_ipp?
+        @is_enhanced_ipp = resolved_authn_context_result.enhanced_ipp?
         analytics.idv_in_person_ready_to_verify_visit(**opt_in_analytics_properties)
-        @presenter = ReadyToVerifyPresenter.new(enrollment: enrollment, is_eipp: @is_eipp)
+        @presenter = ReadyToVerifyPresenter.new(
+          enrollment: enrollment,
+          is_enhanced_ipp: @is_enhanced_ipp,
+        )
       end
 
       private

app/forms/gpo_verify_form.rb

@@ -17,15 +17,15 @@ def initialize(user:, pii:, otp: nil)
     @otp = otp
   end
 
-  def submit
+  def submit(is_enhanced_ipp)
     result = valid?
     fraud_check_failed = pending_profile&.fraud_pending_reason.present?
 
     if result
       pending_profile&.remove_gpo_deactivation_reason
 
       if user.has_establishing_in_person_enrollment_safe?
-        schedule_in_person_enrollment_and_deactivate_profile
+        schedule_in_person_enrollment_and_deactivate_profile(is_enhanced_ipp)
       elsif fraud_check_failed && threatmetrix_enabled?
         pending_profile&.deactivate_for_fraud_review
       elsif fraud_check_failed
@@ -63,8 +63,12 @@ def gpo_confirmation_code
     pending_profile.gpo_confirmation_codes.first_with_otp(otp)
   end
 
-  def schedule_in_person_enrollment_and_deactivate_profile
-    UspsInPersonProofing::EnrollmentHelper.schedule_in_person_enrollment(user, pii)
+  def schedule_in_person_enrollment_and_deactivate_profile(is_enhanced_ipp)
+    UspsInPersonProofing::EnrollmentHelper.schedule_in_person_enrollment(
+      user:,
+      pii:,
+      is_enhanced_ipp:,
+    )
     pending_profile&.deactivate_for_in_person_verification
   end
 

app/javascript/packages/phone-input/package.json

@@ -4,7 +4,7 @@
   "version": "1.0.0",
   "dependencies": {
     "intl-tel-input": "^17.0.19",
-    "libphonenumber-js": "^1.11.3"
+    "libphonenumber-js": "^1.11.4"
   },
   "sideEffects": [
     "./index.ts"

app/jobs/resolution_proofing_job.rb

@@ -20,12 +20,13 @@ def perform(
     result_id:,
     encrypted_arguments:,
     trace_id:,
-    should_proof_state_id:,
     ipp_enrollment_in_progress:,
     user_id: nil,
     service_provider_issuer: nil,
     threatmetrix_session_id: nil,
-    request_ip: nil
+    request_ip: nil,
+    # DEPRECATED ARGUMENTS
+    should_proof_state_id: false # rubocop:disable Lint/UnusedMethodArgument
   )
     timer = JobHelpers::Timer.new
 
@@ -49,11 +50,17 @@ def perform(
       applicant_pii: applicant_pii,
       threatmetrix_session_id: threatmetrix_session_id,
       request_ip: request_ip,
-      should_proof_state_id: should_proof_state_id,
       ipp_enrollment_in_progress: ipp_enrollment_in_progress,
       current_sp: current_sp,
     )
 
+    ssn_is_unique = Idv::DuplicateSsnFinder.new(
+      ssn: applicant_pii[:ssn],
+      user: user,
+    ).ssn_is_unique?
+
+    callback_log_data.result[:ssn_is_unique] = ssn_is_unique
+
     document_capture_session = DocumentCaptureSession.new(result_id: result_id)
     document_capture_session.store_proofing_result(callback_log_data.result)
   ensure
@@ -77,7 +84,6 @@ def make_vendor_proofing_requests(
     applicant_pii:,
     threatmetrix_session_id:,
     request_ip:,
-    should_proof_state_id:,
     ipp_enrollment_in_progress:,
     current_sp:
   )
@@ -86,7 +92,6 @@ def make_vendor_proofing_requests(
       user_email: user.confirmed_email_addresses.first.email,
       threatmetrix_session_id: threatmetrix_session_id,
       request_ip: request_ip,
-      should_proof_state_id: should_proof_state_id,
       ipp_enrollment_in_progress: ipp_enrollment_in_progress,
       timer: timer,
       current_sp: current_sp,

app/jobs/risc_delivery_job.rb

@@ -14,10 +14,15 @@ class RiscDeliveryJob < ApplicationJob
     *NETWORK_ERRORS,
     wait: :polynomially_longer,
     attempts: 2,
-  )
+  ) do |_job, _exception|
+    # Don't bubble up the exception when retries are exhausted
+  end
+
   retry_on RedisRateLimiter::LimitError,
            wait: :polynomially_longer,
-           attempts: 10
+           attempts: 10 do |_job, _exception|
+             # Don't bubble up the exception when retries are exhausted
+           end
 
   def self.warning_error_classes
     NETWORK_ERRORS + [RedisRateLimiter::LimitError]

app/mailers/user_mailer.rb

@@ -293,7 +293,7 @@ def in_person_deadline_passed(enrollment:)
     end
   end
 
-  def in_person_ready_to_verify(enrollment:)
+  def in_person_ready_to_verify(enrollment:, is_enhanced_ipp:)
     attachments.inline['barcode.png'] = BarcodeOutputter.new(
       code: enrollment.enrollment_code,
     ).image_data
@@ -302,11 +302,14 @@ def in_person_ready_to_verify(enrollment:)
       @hide_title = IdentityConfig.store.in_person_outage_message_enabled &&
                     IdentityConfig.store.in_person_outage_emailed_by_date.present? &&
                     IdentityConfig.store.in_person_outage_expected_update_date.present?
-      @header = t('in_person_proofing.headings.barcode')
+      @header = is_enhanced_ipp ?
+        t('in_person_proofing.headings.barcode_eipp') : t('in_person_proofing.headings.barcode')
       @presenter = Idv::InPerson::ReadyToVerifyPresenter.new(
         enrollment: enrollment,
         barcode_image_url: attachments['barcode.png'].url,
+        is_enhanced_ipp: is_enhanced_ipp,
       )
+      @is_enhanced_ipp = is_enhanced_ipp
       mail(
         to: email_address.email,
         subject: t('user_mailer.in_person_ready_to_verify.subject', app_name: APP_NAME),

app/presenters/idv/in_person/ready_to_verify_presenter.rb

@@ -11,11 +11,11 @@ class ReadyToVerifyPresenter
 
       delegate :selected_location_details, :enrollment_code, to: :enrollment
 
-      def initialize(enrollment:, barcode_image_url: nil, sp_name: nil, is_eipp: false)
+      def initialize(enrollment:, barcode_image_url: nil, sp_name: nil, is_enhanced_ipp: false)
         @enrollment = enrollment
         @barcode_image_url = barcode_image_url
         @sp_name = sp_name
-        @is_eipp = is_eipp
+        @is_enhanced_ipp = is_enhanced_ipp
       end
 
       # Reminder is exclusive of the day the email is sent (1 less than days_to_due_date)
@@ -68,23 +68,23 @@ def outage_dates_present?
       end
 
       def barcode_heading_text
-        if @is_eipp
+        if @is_enhanced_ipp
           t('in_person_proofing.headings.barcode_eipp')
         else
           t('in_person_proofing.headings.barcode')
         end
       end
 
       def state_id_heading_text
-        if @is_eipp
+        if @is_enhanced_ipp
           t('in_person_proofing.process.state_id.heading_eipp')
         else
           t('in_person_proofing.process.state_id.heading')
         end
       end
 
       def state_id_info
-        if @is_eipp
+        if @is_enhanced_ipp
           t('in_person_proofing.process.state_id.info_eipp')
         else
           t('in_person_proofing.process.state_id.info')

app/services/idv/agent.rb

@@ -8,7 +8,6 @@ def initialize(applicant)
 
     def proof_resolution(
       document_capture_session,
-      should_proof_state_id:,
       trace_id:,
       user_id:,
       threatmetrix_session_id:,
@@ -23,14 +22,15 @@ def proof_resolution(
 
       job_arguments = {
         encrypted_arguments: encrypted_arguments,
-        should_proof_state_id: should_proof_state_id,
         trace_id: trace_id,
         result_id: document_capture_session.result_id,
         user_id: user_id,
         service_provider_issuer: document_capture_session.issuer,
         threatmetrix_session_id: threatmetrix_session_id,
         request_ip: request_ip,
         ipp_enrollment_in_progress: ipp_enrollment_in_progress,
+        # This argument is intended to be removed
+        should_proof_state_id: false,
       }
 
       if IdentityConfig.store.ruby_workers_idv_enabled

app/services/idv/session.rb

@@ -62,7 +62,7 @@ def respond_to_missing?(method_sym, include_private)
       VALID_SESSION_ATTRIBUTES.include?(attr_name_sym) || super
     end
 
-    def create_profile_from_applicant_with_password(user_password)
+    def create_profile_from_applicant_with_password(user_password, is_enhanced_ipp)
       profile_maker = build_profile_maker(user_password)
       profile = profile_maker.save_profile(
         fraud_pending_reason: threatmetrix_fraud_pending_reason,
@@ -87,9 +87,10 @@ def create_profile_from_applicant_with_password(user_password)
         create_gpo_entry(profile_maker.pii_attributes, profile)
       elsif profile.in_person_verification_pending?
         UspsInPersonProofing::EnrollmentHelper.schedule_in_person_enrollment(
-          current_user,
-          profile_maker.pii_attributes,
-          opt_in_param,
+          user: current_user,
+          pii: profile_maker.pii_attributes,
+          is_enhanced_ipp: is_enhanced_ipp,
+          opt_in: opt_in_param,
         )
       end
     end

app/services/proofing/resolution/progressive_proofer.rb

@@ -10,7 +10,6 @@ module Resolution
     class ProgressiveProofer
       attr_reader :applicant_pii,
                   :request_ip,
-                  :should_proof_state_id,
                   :threatmetrix_session_id,
                   :timer,
                   :user_email,
@@ -20,16 +19,13 @@ class ProgressiveProofer
       # @param [Boolean] ipp_enrollment_in_progress flag that indicates if user will have
       #   both state id address and current residential address verified
       # @param [String] request_ip IP address for request
-      # @param [Boolean] should_proof_state_id based on state id jurisdiction, indicates if
-      #   there should be a state id proofing request made to aamva
       # @param [String] threatmetrix_session_id identifies the threatmetrix session
       # @param [JobHelpers::Timer] timer indicates time elapsed to obtain results
       # @param [String] user_email email address for applicant
       # @return [ResultAdjudicator] object which contains the logic to determine proofing's result
       def proof(
         applicant_pii:,
         request_ip:,
-        should_proof_state_id:,
         threatmetrix_session_id:,
         timer:,
         user_email:,
@@ -38,7 +34,6 @@ def proof(
       )
         @applicant_pii = applicant_pii
         @request_ip = request_ip
-        @should_proof_state_id = should_proof_state_id
         @threatmetrix_session_id = threatmetrix_session_id
         @timer = timer
         @user_email = user_email
@@ -54,7 +49,7 @@ def proof(
           device_profiling_result: device_profiling_result,
           ipp_enrollment_in_progress: ipp_enrollment_in_progress,
           resolution_result: instant_verify_result,
-          should_proof_state_id: should_proof_state_id,
+          should_proof_state_id: aamva_supports_state_id_jurisdiction?,
           state_id_result: state_id_result,
           residential_resolution_result: residential_instant_verify_result,
           same_address_as_id: applicant_pii[:same_address_as_id],
@@ -126,7 +121,7 @@ def proof_id_address_with_lexis_nexis_if_needed
       end
 
       def should_proof_state_id_with_aamva?
-        return false unless should_proof_state_id
+        return false unless aamva_supports_state_id_jurisdiction?
         # If the user is in in-person-proofing and they have changed their address then
         # they are not eligible for get-to-yes
         if !ipp_enrollment_in_progress? || same_address_as_id?
@@ -136,6 +131,11 @@ def should_proof_state_id_with_aamva?
         end
       end
 
+      def aamva_supports_state_id_jurisdiction?
+        state_id_jurisdiction = applicant_pii[:state_id_jurisdiction]
+        IdentityConfig.store.aamva_supported_jurisdictions.include?(state_id_jurisdiction)
+      end
+
       def proof_id_with_aamva_if_needed
         return out_of_aamva_jurisdiction_result unless should_proof_state_id_with_aamva?
 

app/services/proofing/resolution/result_adjudicator.rb

@@ -39,7 +39,6 @@ def adjudicated_result
               device_profiling_adjudication_reason: device_profiling_reason,
               resolution_adjudication_reason: resolution_reason,
               should_proof_state_id: should_proof_state_id?,
-              sp_costs_added: true,
               stages: {
                 resolution: resolution_result.to_h,
                 residential_address: residential_resolution_result.to_h,