diff --git a/package.json b/package.json
index ac86eb3f..85f1b276 100644
--- a/package.json
+++ b/package.json
@@ -147,4 +147,4 @@
"jsonwebtoken": ">=9.0.0",
"browserify-sign": ">=4.2.2"
}
-}
\ No newline at end of file
+}
diff --git a/src/SPConfig.js b/src/SPConfig.js
index 281487c1..13972b90 100644
--- a/src/SPConfig.js
+++ b/src/SPConfig.js
@@ -39,6 +39,8 @@ export default class SPConfig {
this.failureFlash = true;
this.category = argv.category || "id_me";
this.signupLinkEnabled = argv.spIdpSignupLinkEnabled;
+ this.dsLogonEnabled = argv.dsLogonEnabled ?? true;
+ this.mhvLogonEnabled = argv.mhvLogonEnabled ?? true;
}
getMetadataParams(req) {
diff --git a/src/Template.test.js b/src/Template.test.js
new file mode 100644
index 00000000..e7a0a4d5
--- /dev/null
+++ b/src/Template.test.js
@@ -0,0 +1,45 @@
+import { renderFile } from "ejs";
+import { join } from "path";
+
+describe("button configuration renders correctly", () => {
+ const templatePath = join(__dirname, "..", "views", "login_selection.ejs");
+
+ test("does not render element", async () => {
+ renderFile(
+ templatePath,
+ {
+ login_gov_enabled: false,
+ mhv_logon_enabled: false,
+ ds_logon_enabled: false,
+ id_me_login_link: "something",
+ },
+ (err, html) => {
+ expect(html).not.toMatch(/DS Logon/);
+ expect(html).not.toMatch(/My HealtheVet/);
+ expect(html).not.toMatch(/
Login.gov<\/title>/);
+ expect(html).not.toMatch(/Other ways to verify/);
+ }
+ );
+ });
+
+ test("does render element", async () => {
+ renderFile(
+ templatePath,
+ {
+ login_gov_enabled: true,
+ mhv_logon_enabled: true,
+ ds_logon_enabled: true,
+ id_me_login_link: "something",
+ mhv_login_link: "something",
+ dslogon_login_link: "something",
+ login_gov_login_link: "something",
+ },
+ (err, html) => {
+ expect(html).toMatch(/DS Logon/);
+ expect(html).toMatch(/My HealtheVet/);
+ expect(html).toMatch(/Login.gov<\/title>/);
+ expect(html).toMatch(/Other ways to verify/);
+ }
+ );
+ });
+});
diff --git a/src/cli/index.js b/src/cli/index.js
index a18ba0ca..3038ebb0 100644
--- a/src/cli/index.js
+++ b/src/cli/index.js
@@ -518,6 +518,18 @@ export function processArgs() {
boolean: true,
default: false,
},
+ dsLogonEnabled: {
+ description: "Enables DS Logon signin option, enabled by default",
+ required: false,
+ boolean: true,
+ default: true,
+ },
+ mhvLogonEnabled: {
+ description: "Enables MHV signin option, enabled by default",
+ required: false,
+ boolean: true,
+ default: true,
+ },
},
})
.example(
diff --git a/src/routes/handlers.js b/src/routes/handlers.js
index 10daf639..9df129a4 100644
--- a/src/routes/handlers.js
+++ b/src/routes/handlers.js
@@ -122,12 +122,16 @@ export const samlLogin = function (template) {
});
});
}, Promise.resolve({}))
- .then((authOptions) => {
- authOptions.body = template;
- authOptions.login_gov_enabled = login_gov_enabled;
- authOptions.login_gov_signup_link_enabled =
+ .then((loginViewModel) => {
+ loginViewModel.mhv_logon_enabled = !!req.sps?.options?.id_me
+ ?.mhvLogonEnabled;
+ loginViewModel.ds_logon_enabled = !!req.sps?.options?.id_me
+ ?.dsLogonEnabled;
+ loginViewModel.body = template;
+ loginViewModel.login_gov_enabled = login_gov_enabled;
+ loginViewModel.login_gov_signup_link_enabled =
login_gov_enabled && req.sps.options.logingov.signupLinkEnabled;
- res.render("layout", authOptions);
+ res.render("layout", loginViewModel);
logger.info("User arrived from Okta. Rendering IDP login template.", {
action: "parseSamlRequest",
result: "success",
diff --git a/src/routes/handlers.test.ts b/src/routes/handlers.test.ts
index 97e07f49..904b33aa 100644
--- a/src/routes/handlers.test.ts
+++ b/src/routes/handlers.test.ts
@@ -112,6 +112,8 @@ describe("samlLogin", () => {
const spOptionsJustIdMe = {
id_me: {
+ dsLogonEnabled: true,
+ mhvLogonEnabled: true,
idpLoginLink:
"https://api.idmelabs.com/saml/SingleSignOnService?SAMLRequest=fVJNTwIxED37Lza9s13BaGxYAoGYkOBHQD14G8sITfqxdmYR%2F73dZSEc1GQP3c57M%2B%2B96ZDA2UpNat76JX7WSJztnfWk2kIp6uhVADKkPDgkxVqtJvcL1c8LVcXAQQcrzij%2FM4AII5vgRTaflWI8ns%2FG43QmqnHuicFzKfpFv%2BgVt71i8Hx5ra7Sd%2FsmsovJkTsNnmqHcYVxZzS%2BLBel2DJXSkobNNhtIFY3RVHI1kMM%2B29JVfsjiYK4mCWXxkPT68CkRIXK5Gbt0MI75Tq4A35l%2FMbiymz8o%2B%2FmiewVI7XcZElkdyFqbAMsBccaxWjYUFVrKo5OGvIdbMIuX%2BNuKM8Bw8MKHlJY89lTsEZ%2FNz0d8P9ZNjdm3ftooapqNBGjZ5FNrA1f04jA2EmSxyndjnHdCk5JMu45mwZXQTTUeMI9aD56OEdNbdreEj9GXdYpLPCwQZdm5smZ9CQToo7gNaZNgBx0Rn%2Ftcqj9oehUPX%2BYox8%3D&RelayState=%2F&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=crqsP27LiAeJpKx7%2Bjshr4OeqHvFnp1rYmkP4rHTYXdEIjp6iIo7Zu3uwzXfkm%2BJp0ShXPAy7R6855y1dMBmOz3eVjdvdm8rQ7%2B044hTw3Cxmcuf836up4rsKLeT4vIHc3%2FA3qtDK3ut%2FXiArNLZJ%2FwOrC6KNWAuhJQ8fZIPv18uiCw1eNBJA2iCUD6KKtI%2FDgwA%2B1MtpRCsHNcpX23XQryIPkH8l6MsRDw1ZM3vttF7UZa6OkIsxFEXFJ4VZMal%2BciNZV%2FiB0%2FK3QvmbbKX8k%2BuJKL8rmIJr0XhNw%2BYLcMTNnpL%2FTQloi0xS18gu3J6GY%2BTEsG1CeJRNHkuJyF3LQ%3D%3D",
getResponseParams: () => {
@@ -135,6 +137,8 @@ describe("samlLogin", () => {
const spOptionsJustwithLoginGov = {
id_me: {
+ dsLogonEnabled: true,
+ mhvLogonEnabled: true,
idpLoginLink:
"https://api.idmelabs.com/saml/SingleSignOnService?SAMLRequest=fVJNTwIxED37Lza9s13BaGxYAoGYkOBHQD14G8sITfqxdmYR%2F73dZSEc1GQP3c57M%2B%2B96ZDA2UpNat76JX7WSJztnfWk2kIp6uhVADKkPDgkxVqtJvcL1c8LVcXAQQcrzij%2FM4AII5vgRTaflWI8ns%2FG43QmqnHuicFzKfpFv%2BgVt71i8Hx5ra7Sd%2FsmsovJkTsNnmqHcYVxZzS%2BLBel2DJXSkobNNhtIFY3RVHI1kMM%2B29JVfsjiYK4mCWXxkPT68CkRIXK5Gbt0MI75Tq4A35l%2FMbiymz8o%2B%2FmiewVI7XcZElkdyFqbAMsBccaxWjYUFVrKo5OGvIdbMIuX%2BNuKM8Bw8MKHlJY89lTsEZ%2FNz0d8P9ZNjdm3ftooapqNBGjZ5FNrA1f04jA2EmSxyndjnHdCk5JMu45mwZXQTTUeMI9aD56OEdNbdreEj9GXdYpLPCwQZdm5smZ9CQToo7gNaZNgBx0Rn%2Ftcqj9oehUPX%2BYox8%3D&RelayState=%2F&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=crqsP27LiAeJpKx7%2Bjshr4OeqHvFnp1rYmkP4rHTYXdEIjp6iIo7Zu3uwzXfkm%2BJp0ShXPAy7R6855y1dMBmOz3eVjdvdm8rQ7%2B044hTw3Cxmcuf836up4rsKLeT4vIHc3%2FA3qtDK3ut%2FXiArNLZJ%2FwOrC6KNWAuhJQ8fZIPv18uiCw1eNBJA2iCUD6KKtI%2FDgwA%2B1MtpRCsHNcpX23XQryIPkH8l6MsRDw1ZM3vttF7UZa6OkIsxFEXFJ4VZMal%2BciNZV%2FiB0%2FK3QvmbbKX8k%2BuJKL8rmIJr0XhNw%2BYLcMTNnpL%2FTQloi0xS18gu3J6GY%2BTEsG1CeJRNHkuJyF3LQ%3D%3D",
getResponseParams: () => {
@@ -155,6 +159,8 @@ describe("samlLogin", () => {
},
},
logingov: {
+ dsLogonEnabled: true,
+ mhvLogonEnabled: true,
idpLoginLink:
"https://idp.int.identitysandbox.gov/api/saml/metadata2021?SAMLRequest=fVJNTwIxED37Lza9s13BaGxYAoGYkOBHQD14G8sITfqxdmYR%2F73dZSEc1GQP3c57M%2B%2B96ZDA2UpNat76JX7WSJztnfWk2kIp6uhVADKkPDgkxVqtJvcL1c8LVcXAQQcrzij%2FM4AII5vgRTaflWI8ns%2FG43QmqnHuicFzKfpFv%2BgVt71i8Hx5ra7Sd%2FsmsovJkTsNnmqHcYVxZzS%2BLBel2DJXSkobNNhtIFY3RVHI1kMM%2B29JVfsjiYK4mCWXxkPT68CkRIXK5Gbt0MI75Tq4A35l%2FMbiymz8o%2B%2FmiewVI7XcZElkdyFqbAMsBccaxWjYUFVrKo5OGvIdbMIuX%2BNuKM8Bw8MKHlJY89lTsEZ%2FNz0d8P9ZNjdm3ftooapqNBGjZ5FNrA1f04jA2EmSxyndjnHdCk5JMu45mwZXQTTUeMI9aD56OEdNbdreEj9GXdYpLPCwQZdm5smZ9CQToo7gNaZNgBx0Rn%2Ftcqj9oehUPX%2BYox8%3D&RelayState=%2F&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=crqsP27LiAeJpKx7%2Bjshr4OeqHvFnp1rYmkP4rHTYXdEIjp6iIo7Zu3uwzXfkm%2BJp0ShXPAy7R6855y1dMBmOz3eVjdvdm8rQ7%2B044hTw3Cxmcuf836up4rsKLeT4vIHc3%2FA3qtDK3ut%2FXiArNLZJ%2FwOrC6KNWAuhJQ8fZIPv18uiCw1eNBJA2iCUD6KKtI%2FDgwA%2B1MtpRCsHNcpX23XQryIPkH8l6MsRDw1ZM3vttF7UZa6OkIsxFEXFJ4VZMal%2BciNZV%2FiB0%2FK3QvmbbKX8k%2BuJKL8rmIJr0XhNw%2BYLcMTNnpL%2FTQloi0xS18gu3J6GY%2BTEsG1CeJRNHkuJyF3LQ%3D%3D",
getResponseParams: () => {
@@ -206,6 +212,8 @@ describe("samlLogin", () => {
"https://identityProviderUrl.com?SAMLRequest=utrequest&RelayState=&op=signup",
login_gov_enabled: false,
login_gov_signup_link_enabled: false,
+ ds_logon_enabled: true,
+ mhv_logon_enabled: true,
};
const expected_authoptions = {
@@ -220,6 +228,8 @@ describe("samlLogin", () => {
"https://identityProviderUrl.com?SAMLRequest=utrequest&RelayState=&op=signup",
login_gov_enabled: false,
login_gov_signup_link_enabled: false,
+ ds_logon_enabled: true,
+ mhv_logon_enabled: true,
};
const expected_authoptions_failure_to_proof = {
@@ -234,6 +244,8 @@ describe("samlLogin", () => {
"https://identityProviderUrl.com?SAMLRequest=utrequest&RelayState=&op=signup",
login_gov_enabled: false,
login_gov_signup_link_enabled: false,
+ ds_logon_enabled: true,
+ mhv_logon_enabled: true,
};
const expected_authoptions_login_gov_enabled = {
body: "login_selection",
@@ -251,6 +263,8 @@ describe("samlLogin", () => {
login_gov_signup_link_enabled: true,
login_gov_signup_link:
"https://identityProviderUrl.com?SAMLRequest=utrequest&RelayState=",
+ ds_logon_enabled: true,
+ mhv_logon_enabled: true,
};
const mockGetSamlRequestUrl = jest
diff --git a/views/login_selection.ejs b/views/login_selection.ejs
index 4c6b544b..e31832f9 100644
--- a/views/login_selection.ejs
+++ b/views/login_selection.ejs
@@ -80,30 +80,36 @@
Learn more about creating a Login.gov or ID.me account
- Other ways to verify
-
- My HealtheVet
-
- Available through January 31, 2025
-
-
-
- You’ll still be able to use My HealtheVet after this date.
- You’ll just need to verify yourself with Login.gov or ID.me.
-
-
- My HealtheVet
-
-
- DS Logon
-
- Available through September 30, 2025
-
-
-
- You’ll still be able to use DS Logon for Defense Department websites after this date.
-
- DS Logon
+ <% if (ds_logon_enabled || mhv_logon_enabled) { %>
+ Other ways to verify
+ <% } %>
+ <% if (mhv_logon_enabled) { %>
+
+ My HealtheVet
+
+ Available through January 31, 2025
+
+
+
+ You’ll still be able to use My HealtheVet after this date.
+ You’ll just need to verify yourself with Login.gov or ID.me.
+
+
+ My HealtheVet
+
+ <% } %>
+ <% if (ds_logon_enabled) { %>
+
+ DS Logon
+
+ Available through September 30, 2025
+
+
+
+ You’ll still be able to use DS Logon for Defense Department websites after this date.
+
+ DS Logon
+ <% } %>