Deploy RC 187 to Production

Gemfile

@@ -92,7 +92,7 @@ group :development, :test do
   gem 'erb_lint', '~> 0.1.0', require: false
   gem 'i18n-tasks', '>= 0.9.31'
   gem 'knapsack'
-  gem 'nokogiri', '~> 1.13.2'
+  gem 'nokogiri', '~> 1.13.4'
   gem 'parallel_tests'
   gem 'pg_query', require: false
   gem 'pry-byebug'

Gemfile.lock

@@ -386,7 +386,7 @@ GEM
     net-ssh (6.1.0)
     newrelic_rpm (8.5.0)
     nio4r (2.5.8)
-    nokogiri (1.13.3)
+    nokogiri (1.13.4)
       mini_portile2 (~> 2.8.0)
       racc (~> 1.4)
     notiffany (0.1.3)
@@ -732,7 +732,7 @@ DEPENDENCIES
   multiset
   net-sftp
   newrelic_rpm (~> 8.0)
-  nokogiri (~> 1.13.2)
+  nokogiri (~> 1.13.4)
   octokit
   parallel_tests
   pg

Makefile

@@ -15,7 +15,6 @@ ARTIFACT_DESTINATION_FILE ?= ./tmp/idp.tar.gz
 	brakeman \
 	build_artifact \
 	check \
-	check_asset_strings \
 	docker_setup \
 	fast_setup \
 	fast_test \
@@ -77,8 +76,6 @@ lint: ## Runs all lint tests
 	@echo "--- es5-safe ---"
 	NODE_ENV=production yarn build && yarn es5-safe
 	# Other
-	@echo "--- asset check ---"
-	make check_asset_strings
 	@echo "--- lint yaml ---"
 	make lint_yaml
 	@echo "--- check assets are optimized ---"
@@ -164,9 +161,6 @@ update_pinpoint_supported_countries: ## Updates list of countries supported by P
 lint_country_dialing_codes: update_pinpoint_supported_countries ## Checks that countries supported by Pinpoint for voice and SMS are up to date
 	(! git diff --name-only | grep config/country_dialing_codes.yml) || (echo "Error: Run 'make update_pinpoint_supported_countries' to update country codes"; exit 1)
 
-check_asset_strings: ## Checks for strings
-	find ./app/javascript -name "*.js*" | xargs ./scripts/check-assets
-
 build_artifact $(ARTIFACT_DESTINATION_FILE): ## Builds zipped tar file artifact with IDP source code and Ruby/JS dependencies
 	@echo "Building artifact into $(ARTIFACT_DESTINATION_FILE)"
 	bundle config set --local cache_all true

app/assets/stylesheets/components/_step-indicator.scss

@@ -2,7 +2,8 @@ $step-indicator-current-step-border-width: 3px;
 $step-indicator-line-height: 4px;
 $step-indicator-pending-color: #a8b6c6;
 
-.step-indicator {
+lg-step-indicator {
+  display: block;
   border-bottom: 1px solid color('primary-light');
   box-shadow: 0 2px 2px rgba(0, 0, 0, 0.1);
   margin-bottom: units(4);

app/assets/stylesheets/components/_troubleshooting-options.scss

@@ -13,6 +13,10 @@
     height: 4px;
     width: 5rem;
   }
+
+  &.troubleshooting-options--no-bar::before {
+    content: none;
+  }
 }
 
 .troubleshooting-options__heading {

app/assets/stylesheets/components/all.scss

@@ -5,6 +5,7 @@
 @import 'card';
 @import 'container';
 @import 'file-input';
+@import 'form-steps';
 @import 'footer';
 @import 'form';
 @import 'hr';

app/components/clipboard_button_component.rb

@@ -12,6 +12,6 @@ def call
   end
 
   def content
-    t('links.copy')
+    t('components.clipboard_button.label')
   end
 end

app/components/clipboard_button_component.ts

@@ -0,0 +1 @@
+import '@18f/identity-clipboard-button';

app/components/password_toggle_component.html.erb

@@ -1,5 +1,15 @@
 <%= content_tag(:'lg-password-toggle', class: css_class) do %>
-  <%= render field if toggle_position == :bottom %>
+  <%= render ValidatedFieldComponent.new(
+        form: form,
+        name: :password,
+        type: :password,
+        label: label,
+        **field_options,
+        input_html: field_options[:input_html].to_h.merge(
+          id: input_id,
+          class: ['password-toggle__input', *field_options.dig(:input_html, :class)],
+        ),
+      ) %>
   <div class="password-toggle__toggle-wrapper js">
     <input
       id="<%= toggle_id %>"
@@ -14,5 +24,4 @@
       <%= toggle_label %>
     </label>
   </div>
-  <%= render field if toggle_position == :top %>
 <% end %>

app/components/password_toggle_component.rb

@@ -29,18 +29,4 @@ def toggle_id
   def input_id
     "password-toggle-input-#{unique_id}"
   end
-
-  def field
-    ValidatedFieldComponent.new(
-      form: form,
-      name: :password,
-      type: :password,
-      label: label,
-      **field_options,
-      input_html: field_options[:input_html].to_h.merge(
-        id: input_id,
-        class: ['password-toggle__input', *field_options.dig(:input_html, :class)],
-      ),
-    )
-  end
 end

app/components/print_button_component.rb

@@ -0,0 +1,15 @@
+class PrintButtonComponent < ButtonComponent
+  attr_reader :tag_options
+
+  def initialize(**tag_options)
+    super(**tag_options, type: :button, icon: :print)
+  end
+
+  def call
+    content_tag(:'lg-print-button', super)
+  end
+
+  def content
+    t('components.print_button.label')
+  end
+end

app/components/print_button_component.ts

@@ -0,0 +1 @@
+import '@18f/identity-print-button';

app/components/troubleshooting_options_component.html.erb

@@ -1,4 +1,10 @@
 <%= tag.section(**tag_options, class: css_class) do %>
+  <% if new_features? %>
+    <span class="usa-tag bg-accent-cool-darker text-uppercase display-inline-block">
+      <%= t('components.troubleshooting_options.new_feature') %>
+    </span>
+  <% end %>
+
   <%= header %>
   <ul class="troubleshooting-options__options">
     <% options.each do |option| %>

app/components/troubleshooting_options_component.rb

@@ -4,16 +4,25 @@ class TroubleshootingOptionsComponent < BaseComponent
 
   attr_reader :tag_options
 
-  def initialize(**tag_options)
-    @tag_options = tag_options
+  def initialize(new_features: false, **tag_options)
+    @new_features = new_features
+    @tag_options = tag_options.dup
   end
 
   def render?
     options?
   end
 
+  def new_features?
+    @new_features
+  end
+
   def css_class
-    ['troubleshooting-options', *tag_options[:class]]
+    [
+      'troubleshooting-options',
+      new_features? && 'troubleshooting-options--no-bar',
+      *tag_options[:class],
+    ].select(&:present?)
   end
 
   class TroubleshootingOptionsHeadingComponent < BaseComponent

app/controllers/concerns/mfa_setup_concern.rb

@@ -1,6 +1,25 @@
 module MfaSetupConcern
   extend ActiveSupport::Concern
 
+  def user_next_authentication_setup_path!(final_path = nil)
+    case user_session[:selected_mfa_options]&.shift
+    when 'voice', 'sms', 'phone'
+      phone_setup_url
+    when 'auth_app'
+      authenticator_setup_url
+    when 'piv_cac'
+      setup_piv_cac_url
+    when 'webauthn'
+      webauthn_setup_url
+    when 'webauthn_platform'
+      webauthn_setup_url(platform: true)
+    when 'backup_code'
+      backup_code_setup_url
+    else
+      final_path
+    end
+  end
+
   def confirm_user_authenticated_for_2fa_setup
     authenticate_user!(force: true)
     return if user_fully_authenticated?

app/controllers/concerns/render_condition_concern.rb

@@ -0,0 +1,9 @@
+module RenderConditionConcern
+  extend ActiveSupport::Concern
+
+  module ClassMethods
+    def check_or_render_not_found(callable, **kwargs)
+      before_action(**kwargs) { render_not_found if !callable.call }
+    end
+  end
+end

app/controllers/event_disavowal_controller.rb

@@ -4,19 +4,17 @@ class EventDisavowalController < ApplicationController
   def new
     # Memoize the form for use in the views
     password_reset_from_disavowal_form
-    analytics.track_event(
-      Analytics::EVENT_DISAVOWAL,
-      FormResponse.new(
-        success: true,
-        extra: EventDisavowal::BuildDisavowedEventAnalyticsAttributes.call(disavowed_event),
-      ).to_h,
+    result = FormResponse.new(
+      success: true,
+      extra: EventDisavowal::BuildDisavowedEventAnalyticsAttributes.call(disavowed_event),
     )
+    analytics.event_disavowal(**result.to_h)
     @forbidden_passwords = forbidden_passwords
   end
 
   def create
     result = password_reset_from_disavowal_form.submit(password_reset_params)
-    analytics.track_event(Analytics::EVENT_DISAVOWAL_PASSWORD_RESET, result.to_h)
+    analytics.event_disavowal_password_reset(**result.to_h)
     if result.success?
       handle_successful_password_reset
     else

app/controllers/idv/address_controller.rb

@@ -6,12 +6,12 @@ class AddressController < ApplicationController
     before_action :confirm_pii_from_doc
 
     def new
-      analytics.track_event(Analytics::IDV_ADDRESS_VISIT)
+      analytics.idv_address_visit
     end
 
     def update
       form_result = idv_form.submit(profile_params)
-      analytics.track_event(Analytics::IDV_ADDRESS_SUBMITTED, form_result.to_h)
+      analytics.idv_address_submitted(**form_result.to_h)
       capture_address_edited(form_result)
       if form_result.success?
         success

app/controllers/idv/phone_controller.rb

@@ -32,6 +32,7 @@ def new
     def create
       result = idv_form.submit(step_params)
       analytics.track_event(Analytics::IDV_PHONE_CONFIRMATION_FORM, result.to_h)
+      flash[:error] = result.first_error_message if !result.success?
       return render :new, locals: { gpo_letter_available: gpo_letter_available } if !result.success?
       submit_proofing_attempt
       redirect_to idv_phone_path

app/controllers/two_factor_authentication/otp_verification_controller.rb

@@ -1,6 +1,7 @@
 module TwoFactorAuthentication
   class OtpVerificationController < ApplicationController
     include TwoFactorAuthenticatable
+    include MfaSetupConcern
 
     before_action :check_sp_required_mfa_bypass
     before_action :confirm_multiple_factors_enabled
@@ -16,7 +17,11 @@ def create
       result = OtpVerificationForm.new(current_user, sanitized_otp_code).submit
       post_analytics(result)
       if result.success?
-        handle_valid_otp
+        next_url = nil
+        if UserSessionContext.confirmation_context?(context)
+          next_url = user_next_authentication_setup_path!
+        end
+        handle_valid_otp(next_url)
       else
         handle_invalid_otp
       end

app/controllers/users/backup_code_setup_controller.rb

@@ -25,7 +25,7 @@ def edit; end
 
     def continue
       flash[:success] = t('notices.backup_codes_configured')
-      redirect_to after_mfa_setup_path
+      redirect_to user_next_authentication_setup_path!(after_mfa_setup_path)
     end
 
     def download

app/controllers/users/email_language_controller.rb

@@ -3,12 +3,12 @@ class EmailLanguageController < ApplicationController
     before_action :confirm_two_factor_authenticated
 
     def show
-      analytics.track_event(Analytics::EMAIL_LANGUAGE_VISITED)
+      analytics.email_language_visited
     end
 
     def update
       form_response = UpdateEmailLanguageForm.new(current_user).submit(update_email_params)
-      analytics.track_event(Analytics::EMAIL_LANGUAGE_UPDATED, form_response.to_h)
+      analytics.email_language_updated(**form_response.to_h)
 
       flash[:success] = I18n.t('account.email_language.updated') if form_response.success?
 

app/controllers/users/emails_controller.rb

@@ -43,7 +43,7 @@ def confirm_delete
 
     def delete
       result = DeleteUserEmailForm.new(current_user, email_address).submit
-      analytics.track_event(Analytics::EMAIL_DELETION_REQUEST, result.to_h)
+      analytics.email_deletion_request(**result.to_h)
       if result.success?
         handle_successful_delete
       else

app/controllers/users/piv_cac_authentication_setup_controller.rb

@@ -103,7 +103,8 @@ def process_valid_submission
       create_user_event(:piv_cac_enabled)
       Funnel::Registration::AddMfa.call(current_user.id, 'piv_cac')
       session[:needs_to_setup_piv_cac_after_sign_in] = false
-      redirect_to after_sign_in_path_for(current_user)
+      final_path = after_sign_in_path_for(current_user)
+      redirect_to user_next_authentication_setup_path!(final_path)
     end
 
     def piv_cac_enabled?

app/controllers/users/totp_setup_controller.rb

@@ -78,8 +78,8 @@ def process_valid_code
       mark_user_as_fully_authenticated
       handle_remember_device
       flash[:success] = t('notices.totp_configured')
-      redirect_to after_mfa_setup_path
       user_session.delete(:new_totp_secret)
+      redirect_to user_next_authentication_setup_path!(after_mfa_setup_path)
     end
 
     def handle_remember_device