LG-15393 Allow SPs to update the Post-IdV follow-up URL on the dashboard

In !165 we removed the ability for partners to make changes to post-IdV follow-up while we did some work on the IdP to make that attribute safe to use. The work on the IdP is captured in this pull request: 18F/identity-idp#11781

When that pull request is merged and deploy it will be safe to merge and deploy this change to allow partners to edit this value.

app/controllers/service_config_wizard_controller.rb

@@ -197,6 +197,7 @@ def wizard_step_params
       :metadata_url,
       :return_to_sp_url,
       :failure_to_proof_url,
+      :post_idv_follow_up_url,
       :push_notification_url,
       :signed_response_message_requested,
       :sp_initiated_login_url,
@@ -320,6 +321,7 @@ def clear_formatting(service_provider)
       sp_initiated_login_url
       return_to_sp_url
       failure_to_proof_url
+      post_idv_follow_up_url
       push_notification_url
       app_name
     ]

app/controllers/service_providers_controller.rb

@@ -195,6 +195,7 @@ def service_provider_params
       :metadata_url,
       :return_to_sp_url,
       :failure_to_proof_url,
+      :post_idv_follow_up_url,
       :push_notification_url,
       :signed_response_message_requested,
       :sp_initiated_login_url,
@@ -255,6 +256,7 @@ def clear_formatting(service_provider)
       sp_initiated_login_url
       return_to_sp_url
       failure_to_proof_url
+      post_idv_follow_up_url
       push_notification_url
       app_name
     ]

app/javascript/packs/service_provider_form.js

@@ -6,6 +6,7 @@ function ialOptionSetup() {
   const ialLevel = document.getElementById('service_provider_ial');
   const ialAttributesCheckboxes = document.querySelectorAll('.ial-attr-wrapper');
   const failureToProofURL = document.querySelector('.service_provider_failure_to_proof_url');
+  const postIdvFollowUpURL = document.querySelector('.service_provider_post_idv_follow_up_url');
   const ial1Attributes = ['email', 'all_emails', 'x509_subject', 'x509_presented', 'verified_at'];
   const failureToProofURLInput = failureToProofURL && failureToProofURL.querySelector('input');
 
@@ -34,14 +35,17 @@ function ialOptionSetup() {
     switch (ial) {
       case '1':
         hideElement(failureToProofURL);
+        hideElement(postIdvFollowUpURL);
         toggleIAL1Options();
         break;
       case '2':
         showElement(failureToProofURL);
+        showElement(postIdvFollowUpURL);
         toggleIAL2Options();
         break;
       default:
         showElement(failureToProofURL);
+        showElement(postIdvFollowUpURL);
         toggleIAL2Options();
     }
   };

app/models/wizard_step.rb

@@ -50,6 +50,7 @@ def has_field?(name)
       assertion_consumer_logout_service_url: '',
       block_encryption: DEFAULT_SAML_ENCRYPTION,
       failure_to_proof_url: '',
+      post_idv_follow_up_url: '',
       push_notification_url: '',
       redirect_uris: [],
       return_to_sp_url: '',
@@ -69,7 +70,6 @@ def has_field?(name)
       metadata_url: nil,
       service_provider_id: nil,
       service_provider_user_id: nil,
-      post_idv_follow_up_url: nil,
   }),
   }.with_indifferent_access.freeze
 
@@ -130,6 +130,9 @@ def has_field?(name)
   validates_with IdentityValidations::UriValidator,
     attribute: :failure_to_proof_url,
     on: 'redirects'
+  validates_with IdentityValidations::UriValidator,
+    attribute: :post_idv_follow_up_url,
+    on: 'redirects'
   validates_with IdentityValidations::UriValidator,
     attribute: :push_notification_url,
     on: 'redirects'

app/views/service_config_wizard/_redirects_oidc.html.erb

@@ -11,6 +11,10 @@
                    label: accessible_label(form, 'Failure to Proof URL', :failure_to_proof_url),
                    hint: I18n.t('service_provider_form.failure_to_proof_url'),
                    required: true %>
+    <%= form.input :post_idv_follow_up_url,
+                   input_html: { class: 'usa-input' },
+                   label: accessible_label(form, 'Post IdV Follow-up URL', :post_idv_follow_up_url),
+                   hint: I18n.t('service_provider_form.post_idv_follow_up_url') %>
   <% end %>
   <%= render(WizardFieldsetComponent.new(
     form:,

app/views/service_config_wizard/_redirects_saml.html.erb

@@ -53,6 +53,10 @@
                    label: accessible_label(form, 'Failure to Proof URL', :failure_to_proof_url),
                    hint: I18n.t('service_provider_form.failure_to_proof_url'),
                    required: true %>
+    <%= form.input :post_idv_follow_up_url,
+                   input_html: { class: 'usa-input' },
+                   label: accessible_label(form, 'Post IdV Follow-up URL', :post_idv_follow_up_url),
+                   hint: I18n.t('service_provider_form.post_idv_follow_up_url') %>
   <% end %>
   <%= render(WizardFieldsetComponent.new(
     form:,

app/views/service_providers/_form.html.erb

@@ -263,6 +263,11 @@ B7xxt8BVc69rHV15A0qyx77CLSj3tCx2IUXVqRs5mlvA==
                  hint: I18n.t('service_provider_form.failure_to_proof_url'),
                  required: true %>
 
+  <%= form.input :post_idv_follow_up_url,
+                 input_html: { class: 'usa-input' },
+                 label: 'Post IdV Follow-Up URL',
+                 hint: I18n.t('service_provider_form.post_idv_follow_up_url') %>
+
   <%= form.input :push_notification_url,
                  input_html: { class: 'usa-input' },
                  label: 'Push notification URL',

config/locales/simple_form.en.yml

@@ -41,6 +41,7 @@ en:
         identity_protocol: Identity Protocol
         issuer: Issuer
         logo_file: Logo file
+        post_idv_follow_up_url: Post IdV Follow-up URL
         push_notification_url: Push notification URL
         public_certificate: Public certificate
         production: Ready for Production

spec/controllers/service_providers_controller_spec.rb

@@ -261,6 +261,7 @@
             sp_initiated_login_url: '  https://login.me  ',
             return_to_sp_url: ' https://returntospurl.biz  ',
             failure_to_proof_url: '  https://failuretoproof.com  ',
+            post_idv_follow_up_url: '  https://postidvfollowupurl.com  ',
             push_notification_url: ' https://pushnotifications.com  ',
             app_name: '   app name  ',
             help_text: init_help_params,
@@ -275,6 +276,7 @@
         expect(sp.sp_initiated_login_url).to eq('https://login.me')
         expect(sp.return_to_sp_url).to eq('https://returntospurl.biz')
         expect(sp.failure_to_proof_url).to eq('https://failuretoproof.com')
+        expect(sp.post_idv_follow_up_url).to eq('https://postidvfollowupurl.com')
         expect(sp.push_notification_url).to eq('https://pushnotifications.com')
         expect(sp.app_name).to eq('app name')
       end

spec/features/service_config_wizard_spec.rb

@@ -395,6 +395,32 @@
       end
     end
 
+    it 'renders Post IdV Follow-up URL input if IAL2 is selected' do
+      existing_config = create(:service_provider,
+                               :ready_to_activate_ial_2,
+                               team:)
+      visit service_provider_path(existing_config)
+      click_on 'Edit'
+      visit service_config_wizard_path('redirects')
+
+      expect(page).to have_content(
+        t('simple_form.labels.service_provider.post_idv_follow_up_url'),
+      )
+    end
+
+    it 'does not render Post IdV Follow-up URL input if IAL1 is selected' do
+      existing_config = create(:service_provider,
+                               :ready_to_activate_ial_1,
+                               team:)
+      visit service_provider_path(existing_config)
+      click_on 'Edit'
+      visit service_config_wizard_path('redirects')
+
+      expect(page).to_not have_content(
+        t('simple_form.labels.service_provider.post_idv_follow_up_url'),
+      )
+    end
+
     it 'renders Help text as expected' do
       IdentityConfig.store[:service_config_wizard_enabled] = true
       visit service_config_wizard_path('help_text')