Use shared examples to test cancelation behavior (#2094)

Use shared examples to test cancelation behavior **Why**: So that we can test that cancelation is consistent across IdV steps. Note that this tests the behavior with the different protocols because the difference between cancellation behavior with and without an SP is surprisingly different. Also, this commit adds some empty contexts for steps that don't have a cancel button with the assumption that we want to add a cancel button to those steps.
18F · Apr 13, 2018 · 2ae1b73 · 2ae1b73
1 parent 25fc1b8
commit 2ae1b73
Show file tree

Hide file tree

Showing 7 changed files with 166 additions and 60 deletions.
diff --git a/spec/features/idv/cancel_idv_step_spec.rb b/spec/features/idv/cancel_idv_step_spec.rb
@@ -0,0 +1,41 @@
+require 'rails_helper'
+
+feature 'cancel at IdV step', :idv_job do
+  include IdvStepHelper
+
+  context 'verify step' do
+    it_behaves_like 'cancel at idv step', :verify
+    it_behaves_like 'cancel at idv step', :verify, :oidc
+    it_behaves_like 'cancel at idv step', :verify, :saml
+  end
+
+  context 'profile step' do
+    it_behaves_like 'cancel at idv step', :profile
+    it_behaves_like 'cancel at idv step', :profile, :oidc
+    it_behaves_like 'cancel at idv step', :profile, :saml
+  end
+
+  context 'address step' do
+    it_behaves_like 'cancel at idv step', :address
+    it_behaves_like 'cancel at idv step', :address, :oidc
+    it_behaves_like 'cancel at idv step', :address, :saml
+  end
+
+  xcontext 'phone step' do
+    # Phone step doesn't have a cancel button :(
+  end
+
+  xcontext 'phone otp delivery method selection step' do
+    # Phone OTP delivery method step doesn't have a cancel button :(
+  end
+
+  context 'phone otp verification step' do
+    it_behaves_like 'cancel at idv step', :phone_otp_verification
+    it_behaves_like 'cancel at idv step', :phone_otp_verification, :oidc
+    it_behaves_like 'cancel at idv step', :phone_otp_verification, :saml
+  end
+
+  xcontext 'usps step' do
+    # USPS step does not have a cancel button :(
+  end
+end
diff --git a/spec/features/idv/flow_spec.rb b/spec/features/idv/flow_spec.rb
@@ -9,11 +9,6 @@
       visit verify_path
     end
 
-    scenario 'decline to verify identity' do
-      click_link t('links.cancel')
-      expect(page).to have_content(t('idv.titles.cancel'))
-    end
-
     scenario 'proceed to verify identity' do
       click_link 'Yes'
 
@@ -227,58 +222,6 @@
       end
     end
 
-    context 'cancel from USPS/Phone verification screen' do
-      context 'without js' do
-        it 'returns user to profile path' do
-          sign_in_and_2fa_user
-          loa3_sp_session
-          visit verify_session_path
-
-          fill_out_idv_form_ok
-          click_idv_continue
-
-          click_idv_cancel
-
-          expect(current_path).to eq(account_path)
-        end
-      end
-
-      context 'with js', js: true do
-        it 'redirects to profile from a modal' do
-          sign_in_and_2fa_user
-          loa3_sp_session
-          visit verify_session_path
-
-          fill_out_idv_form_ok
-          click_idv_continue
-
-          click_on t('links.cancel_idv')
-          click_idv_cancel_modal
-
-          expect(current_path).to eq(account_path)
-        end
-      end
-    end
-
-    scenario 'cancelling phone OTP verification redirects to verification cancel' do
-      allow(Figaro.env).to receive(:otp_delivery_blocklist_maxretry).and_return('4')
-      different_phone = '555-555-9876'
-
-      sign_in_and_2fa_user
-      visit verify_session_path
-
-      fill_out_idv_form_ok
-      click_idv_continue
-      click_idv_address_choose_phone
-      fill_out_phone_form_ok(different_phone)
-      click_idv_continue
-      choose_idv_otp_delivery_method_sms
-
-      click_on t('links.cancel')
-
-      expect(current_path).to eq verify_cancel_path
-    end
-
     scenario 'attempting to skip OTP phone confirmation redirects to OTP confirmation', :js do
       different_phone = '555-555-9876'
       user = sign_in_live_with_2fa

diff --git a/spec/features/idv/phone_input_spec.rb b/spec/features/idv/phone_input_spec.rb
@@ -4,6 +4,7 @@
   include IdvStepHelper
 
   before do
+    start_idv_from_sp
     complete_idv_steps_before_phone_step
   end
 

diff --git a/spec/support/features/idv_helper.rb b/spec/support/features/idv_helper.rb
@@ -1,4 +1,8 @@
 module IdvHelper
+  def self.included(base)
+    base.class_eval { include JavascriptDriverHelper }
+  end
+
   def max_attempts_less_one
     Idv::Attempter.idv_max_attempts - 1
   end
@@ -127,7 +131,14 @@ def complete_idv_profile_ok(user, password = user_password)
 
   def visit_idp_from_sp_with_loa3(sp)
     if sp == :saml
-      @saml_authn_request = auth_request.create(loa3_with_bundle_saml_settings)
+      settings = loa3_with_bundle_saml_settings
+      settings.security[:embed_sign] = false
+      if javascript_enabled?
+        idp_domain_name = "#{page.server.host}:#{page.server.port}"
+        settings.idp_sso_target_url = "http://#{idp_domain_name}/api/saml/auth"
+        settings.idp_slo_target_url = "http://#{idp_domain_name}/api/saml/logout"
+      end
+      @saml_authn_request = auth_request.create(settings)
       visit @saml_authn_request
     elsif sp == :oidc
       @state = SecureRandom.hex

diff --git a/spec/support/features/idv_step_helper.rb b/spec/support/features/idv_step_helper.rb
@@ -3,14 +3,27 @@ def self.included(base)
     base.class_eval { include IdvHelper }
   end
 
-  def start_idv_at_profile_step(user = user_with_2fa)
+  def start_idv_from_sp(sp = :oidc)
+    if sp.present?
+      visit_idp_from_sp_with_loa3(sp)
+      click_link t('links.sign_in')
+    else
+      visit root_path
+    end
+  end
+
+  def complete_idv_steps_before_verify_step(user = user_with_2fa)
     sign_in_and_2fa_user(user)
     visit verify_path unless current_path == verify_path
+  end
+
+  def complete_idv_steps_before_profile_step(user = user_with_2fa)
+    complete_idv_steps_before_verify_step(user)
     click_idv_begin
   end
 
   def complete_idv_steps_before_address_step(user = user_with_2fa)
-    start_idv_at_profile_step(user)
+    complete_idv_steps_before_profile_step(user)
     fill_out_idv_form_ok
     click_idv_continue
   end
@@ -19,4 +32,36 @@ def complete_idv_steps_before_phone_step(user = user_with_2fa)
     complete_idv_steps_before_address_step(user)
     click_idv_address_choose_phone
   end
+
+  def complete_idv_steps_before_usps_step(user = user_with_2fa)
+    complete_idv_steps_before_address_step(user)
+    click_idv_address_choose_usps
+  end
+
+  def complete_idv_steps_before_phone_otp_delivery_selection_step(user = user_with_2fa)
+    complete_idv_steps_before_phone_step(user)
+    fill_out_phone_form_ok('2341230638')
+    click_idv_continue
+  end
+
+  def complete_idv_steps_before_phone_otp_verification_step(user = user_with_2fa)
+    complete_idv_steps_before_phone_otp_delivery_selection_step(user)
+    choose_idv_otp_delivery_method_sms
+  end
+
+  def complete_idv_steps_before_review_step(user = user_with_2fa)
+    complete_idv_steps_before_phone_step(user)
+    fill_out_phone_form_ok(user.phone)
+    click_idv_continue
+  end
+
+  def complete_idv_steps_before_confirmation_step(user = user_with_2fa)
+    complete_idv_steps_before_review_step(user)
+    fill_in 'Password', with: password
+    click_continue
+  end
+
+  def complete_idv_steps_before_step(step, user = user_with_2fa)
+    send("complete_idv_steps_before_#{step}_step", user)
+  end
 end
diff --git a/spec/support/features/javascript_driver_helper.rb b/spec/support/features/javascript_driver_helper.rb
@@ -0,0 +1,5 @@
+module JavascriptDriverHelper
+  def javascript_enabled?
+    Capybara.current_driver == Capybara.javascript_driver
+  end
+end
diff --git a/spec/support/idv_examples/cancel_at_idv_step.rb b/spec/support/idv_examples/cancel_at_idv_step.rb
@@ -0,0 +1,60 @@
+shared_examples 'cancel at idv step' do |step, sp|
+  include SamlAuthHelper
+
+  before do
+    start_idv_from_sp(sp)
+    complete_idv_steps_before_step(step)
+  end
+
+  context 'without js' do
+    it 'sends the user to the account page', if: sp.present? do
+      click_idv_cancel
+      expect(current_url).to eq(account_url)
+    end
+
+    it 'shows the user a failure message with the option to go back to idv', if: sp.nil? do
+      click_link t('links.cancel')
+
+      expect(page).to have_content(t('idv.titles.cancel'))
+      expect(page).to have_content(t('idv.messages.cancel', app: 'login.gov'))
+      expect(current_path).to eq(verify_cancel_path)
+
+      click_link t('forms.buttons.back')
+
+      expect(current_url).to eq(verify_url)
+    end
+  end
+
+  context 'with js', :js do
+    it 'displays a modal with options to continue or return to account page', if: sp.present? do
+      # Clicking cancel displays the modal
+      click_on t('links.cancel_idv')
+      expect(page).to have_content(t('idv.cancel.modal_header'))
+
+      # Clicking continue should hide the modal
+      click_on t('idv.buttons.continue')
+      expect(page).to_not have_content(t('idv.cancel.modal_header'))
+
+      # Clicking cancel again reveals the modal
+      click_on t('links.cancel_idv')
+      expect(page).to have_content(t('idv.cancel.modal_header'))
+
+      # Clicking return to account takes us to the account page
+      page.find_button(t('idv.buttons.cancel')).trigger('click')
+      expect(page).to have_content(t('headings.account.login_info'))
+      expect(current_path).to eq(account_path)
+    end
+
+    it 'shows the user a failure message with the option to go back to idv', if: sp.nil? do
+      click_link t('links.cancel')
+
+      expect(page).to have_content(t('idv.titles.cancel'))
+      expect(page).to have_content(t('idv.messages.cancel', app: 'login.gov'))
+      expect(current_path).to eq(verify_cancel_path)
+
+      click_link t('forms.buttons.back')
+
+      expect(current_path).to eq(verify_path)
+    end
+  end
+end