Lg-14794 reuse valid capture app url

app/controllers/idv/hybrid_mobile/socure/document_capture_controller.rb

@@ -17,6 +17,14 @@ def show
           Funnel::DocAuth::RegisterStep.new(document_capture_user.id, sp_session[:issuer]).
             call('hybrid_mobile_socure_document_capture', :view, true)
 
+          document_capture_session = DocumentCaptureSession.find_by(
+            uuid: document_capture_session_uuid,
+          )
+          if document_capture_session.socure_docv_capture_app_url.present?
+            @url = document_capture_session.socure_docv_capture_app_url
+            return
+          end
+
           # document request
           document_request = DocAuth::Socure::Requests::DocumentRequest.new(
             redirect_url: idv_hybrid_mobile_socure_document_capture_update_url,
@@ -31,9 +39,6 @@ def show
           # placeholder until we get an error page for url not being present
           return redirect_to idv_unavailable_url if @url.nil?
 
-          document_capture_session = DocumentCaptureSession.find_by(
-            uuid: document_capture_session_uuid,
-          )
           document_capture_session.socure_docv_transaction_token = document_response.dig(
             :data,
             :docvTransactionToken,

app/controllers/idv/socure/document_capture_controller.rb

@@ -27,6 +27,15 @@ def show
         Funnel::DocAuth::RegisterStep.new(current_user.id, sp_session[:issuer]).
           call('socure_document_capture', :view, true)
 
+        document_capture_session = DocumentCaptureSession.find_by(
+          uuid: document_capture_session_uuid,
+        )
+
+        if document_capture_session.socure_docv_capture_app_url.present?
+          @url = document_capture_session.socure_docv_capture_app_url
+          return
+        end
+
         # document request
         document_request = DocAuth::Socure::Requests::DocumentRequest.new(
           redirect_url: idv_socure_document_capture_update_url,
@@ -42,10 +51,6 @@ def show
         # placeholder until we get an error page for url not being present
         return redirect_to idv_unavailable_url if @url.nil?
 
-        document_capture_session = DocumentCaptureSession.find_by(
-          uuid: document_capture_session_uuid,
-        )
-
         document_capture_session.socure_docv_transaction_token = document_response.dig(
           :data,
           :docvTransactionToken,

spec/controllers/idv/hybrid_mobile/socure/document_capture_controller_spec.rb

@@ -256,6 +256,40 @@
         expect(response).to redirect_to(idv_unavailable_path)
       end
     end
+    context 'reuse of valid capture app urls when appropriate' do
+      let(:fake_capture_app_url) { 'https://verify.socure.test/fake_capture_app' }
+      let(:socure_capture_app_url) { 'https://verify.socure.test/' }
+      let(:docv_transaction_token) { '176dnc45d-2e34-46f3-82217-6f540ae90673' }
+      let(:response_body) do
+        {
+          referenceId: '123ab45d-2e34-46f3-8d17-6f540ae90303',
+          data: {
+            eventId: 'zoYgIxEZUbXBoocYAnbb5DrT',
+            docvTransactionToken: docv_transaction_token,
+            qrCode: 'data:image/png;base64,iVBO......K5CYII=',
+            url: socure_capture_app_url,
+          },
+        }
+      end
+
+      before do
+        allow(request_class).to receive(:new).and_call_original
+        allow(I18n).to receive(:locale).and_return(expected_language)
+        allow(DocumentCaptureSession).to receive(:find_by).and_return(document_capture_session)
+      end
+
+      it 'does not create a DocumentRequest when valid capture app exists' do
+        document_capture_session.socure_docv_capture_app_url = fake_capture_app_url
+        document_capture_session.save
+        get(:show)
+        expect(request_class).not_to have_received(:new).
+          with(
+            redirect_url: idv_socure_document_capture_update_url,
+            language: expected_language,
+          )
+        expect(document_capture_session.socure_docv_capture_app_url).to eq(fake_capture_app_url)
+      end
+    end
   end
 
   describe '#update' do

spec/controllers/idv/socure/document_capture_controller_spec.rb

@@ -269,6 +269,41 @@
         expect(response).to redirect_to(idv_unavailable_path)
       end
     end
+
+    context 'reuse of valid capture app urls when appropriate' do
+      let(:fake_capture_app_url) { 'https://verify.socure.test/fake_capture_app' }
+      let(:socure_capture_app_url) { 'https://verify.socure.test/' }
+      let(:docv_transaction_token) { '176dnc45d-2e34-46f3-82217-6f540ae90673' }
+      let(:response_body) do
+        {
+          referenceId: '123ab45d-2e34-46f3-8d17-6f540ae90303',
+          data: {
+            eventId: 'zoYgIxEZUbXBoocYAnbb5DrT',
+            docvTransactionToken: docv_transaction_token,
+            qrCode: 'data:image/png;base64,iVBO......K5CYII=',
+            url: socure_capture_app_url,
+          },
+        }
+      end
+
+      before do
+        allow(request_class).to receive(:new).and_call_original
+        allow(I18n).to receive(:locale).and_return(expected_language)
+        allow(DocumentCaptureSession).to receive(:find_by).and_return(document_capture_session)
+      end
+
+      it 'does not create a DocumentRequest when valid capture app exists' do
+        document_capture_session.socure_docv_capture_app_url = fake_capture_app_url
+        document_capture_session.save
+        get(:show)
+        expect(request_class).not_to have_received(:new).
+          with(
+            redirect_url: idv_socure_document_capture_update_url,
+            language: expected_language,
+          )
+        expect(document_capture_session.socure_docv_capture_app_url).to eq(fake_capture_app_url)
+      end
+    end
   end
 
   describe '#update' do

spec/features/idv/doc_auth/socure_document_capture_spec.rb

@@ -87,6 +87,99 @@
       end
     end
 
+    context 'reuses valid capture app urls when appropriate', allow_browser_log: true do
+      before do
+        allow(IdentityConfig.store).to receive(:doc_auth_max_attempts).and_return(max_attempts)
+        (max_attempts - 1).times do
+          socure_docv_upload_documents(docv_transaction_token: @docv_transaction_token)
+        end
+      end
+
+      context 'successfully erases capture app url when flow is complete' do
+        before do
+          DocAuth::Mock::DocAuthMockClient.reset!
+        end
+
+        it 'proceeds to the next page with valid info' do
+          document_capture_session = DocumentCaptureSession.find_by(user_id: @user.id)
+          expect(page).to have_current_path(fake_socure_document_capture_app_url)
+          visit idv_socure_document_capture_path
+          expect(page).to have_current_path(idv_socure_document_capture_path)
+          document_capture_session.reload
+          expect(document_capture_session.socure_docv_capture_app_url).
+            to eq(fake_socure_document_capture_app_url)
+          socure_docv_upload_documents(
+            docv_transaction_token: @docv_transaction_token,
+          )
+          document_capture_session.reload
+          expect(document_capture_session.socure_docv_capture_app_url).to be_nil
+        end
+
+        it 'submits front ID, exits app, reuse capture app url' do
+          document_capture_session = DocumentCaptureSession.find_by(user_id: @user.id)
+          expect(page).to have_current_path(fake_socure_document_capture_app_url)
+          visit idv_socure_document_capture_path
+          expect(page).to have_current_path(idv_socure_document_capture_path)
+          document_capture_session.reload
+          expect(document_capture_session.socure_docv_capture_app_url).
+            to eq(fake_socure_document_capture_app_url)
+          socure_docv_send_webhook(
+            docv_transaction_token: @docv_transaction_token,
+            event_type: 'DOCUMENT_FRONT_UPLOADED',
+          )
+          document_capture_session.reload
+          expect(document_capture_session.socure_docv_capture_app_url).
+            to eq(fake_socure_document_capture_app_url)
+          visit idv_socure_document_capture_path
+          expect(page).to have_current_path(idv_socure_document_capture_path)
+          document_capture_session.reload
+          expect(document_capture_session.socure_docv_capture_app_url).
+            to eq(fake_socure_document_capture_app_url)
+        end
+
+        it 'decline TOS making session expire, generates new capture app' do
+          document_capture_session = DocumentCaptureSession.find_by(user_id: @user.id)
+          expect(page).to have_current_path(fake_socure_document_capture_app_url)
+          visit idv_socure_document_capture_path
+          expect(page).to have_current_path(idv_socure_document_capture_path)
+          document_capture_session.reload
+          expect(document_capture_session.socure_docv_capture_app_url).
+            to eq(fake_socure_document_capture_app_url)
+          socure_docv_send_webhook(
+            docv_transaction_token: @docv_transaction_token,
+            event_type: 'SESSION_EXPIRED',
+          )
+          document_capture_session.reload
+          expect(document_capture_session.socure_docv_capture_app_url).to be_nil
+          visit idv_socure_document_capture_path
+          expect(page).to have_current_path(idv_socure_document_capture_path)
+          document_capture_session.reload
+          expect(document_capture_session.socure_docv_capture_app_url).
+            to eq(fake_socure_document_capture_app_url)
+        end
+        it 'cancel idv making session complete, generates new capture app' do
+          document_capture_session = DocumentCaptureSession.find_by(user_id: @user.id)
+          expect(page).to have_current_path(fake_socure_document_capture_app_url)
+          visit idv_socure_document_capture_path
+          expect(page).to have_current_path(idv_socure_document_capture_path)
+          document_capture_session.reload
+          expect(document_capture_session.socure_docv_capture_app_url).
+            to eq(fake_socure_document_capture_app_url)
+          socure_docv_send_webhook(
+            docv_transaction_token: @docv_transaction_token,
+            event_type: 'SESSION_COMPLETE',
+          )
+          document_capture_session.reload
+          expect(document_capture_session.socure_docv_capture_app_url).to be_nil
+          visit idv_socure_document_capture_path
+          expect(page).to have_current_path(idv_socure_document_capture_path)
+          document_capture_session.reload
+          expect(document_capture_session.socure_docv_capture_app_url).
+            to eq(fake_socure_document_capture_app_url)
+        end
+      end
+    end
+
     # ToDo post LG-14010
     context 'network connection errors' do
       xit 'catches network connection errors on document request', allow_browser_log: true do
@@ -131,6 +224,11 @@
         socure_docv_upload_documents(
           docv_transaction_token: @docv_transaction_token,
         )
+        document_capture_session = DocumentCaptureSession.find_by(user_id: @user.id)
+        expect(document_capture_session).not_to be_nil
+        Rails.logger.debug do
+          "Cpature app url: #{document_capture_session.socure_docv_capture_app_url}"
+        end
         visit idv_socure_document_capture_update_path
         expect(page).to have_current_path(idv_ssn_url)