diff --git a/package.json b/package.json index ac86eb3f..85f1b276 100644 --- a/package.json +++ b/package.json @@ -147,4 +147,4 @@ "jsonwebtoken": ">=9.0.0", "browserify-sign": ">=4.2.2" } -} \ No newline at end of file +} diff --git a/src/SPConfig.js b/src/SPConfig.js index 281487c1..13972b90 100644 --- a/src/SPConfig.js +++ b/src/SPConfig.js @@ -39,6 +39,8 @@ export default class SPConfig { this.failureFlash = true; this.category = argv.category || "id_me"; this.signupLinkEnabled = argv.spIdpSignupLinkEnabled; + this.dsLogonEnabled = argv.dsLogonEnabled ?? true; + this.mhvLogonEnabled = argv.mhvLogonEnabled ?? true; } getMetadataParams(req) { diff --git a/src/Template.test.js b/src/Template.test.js new file mode 100644 index 00000000..e7a0a4d5 --- /dev/null +++ b/src/Template.test.js @@ -0,0 +1,45 @@ +import { renderFile } from "ejs"; +import { join } from "path"; + +describe("button configuration renders correctly", () => { + const templatePath = join(__dirname, "..", "views", "login_selection.ejs"); + + test("does not render element", async () => { + renderFile( + templatePath, + { + login_gov_enabled: false, + mhv_logon_enabled: false, + ds_logon_enabled: false, + id_me_login_link: "something", + }, + (err, html) => { + expect(html).not.toMatch(/DS Logon/); + expect(html).not.toMatch(/My HealtheVet/); + expect(html).not.toMatch(/Login.gov<\/title>/); + expect(html).not.toMatch(/Other ways to verify/); + } + ); + }); + + test("does render element", async () => { + renderFile( + templatePath, + { + login_gov_enabled: true, + mhv_logon_enabled: true, + ds_logon_enabled: true, + id_me_login_link: "something", + mhv_login_link: "something", + dslogon_login_link: "something", + login_gov_login_link: "something", + }, + (err, html) => { + expect(html).toMatch(/DS Logon/); + expect(html).toMatch(/My HealtheVet/); + expect(html).toMatch(/<title>Login.gov<\/title>/); + expect(html).toMatch(/Other ways to verify/); + } + ); + }); +}); diff --git a/src/cli/index.js b/src/cli/index.js index a18ba0ca..3038ebb0 100644 --- a/src/cli/index.js +++ b/src/cli/index.js @@ -518,6 +518,18 @@ export function processArgs() { boolean: true, default: false, }, + dsLogonEnabled: { + description: "Enables DS Logon signin option, enabled by default", + required: false, + boolean: true, + default: true, + }, + mhvLogonEnabled: { + description: "Enables MHV signin option, enabled by default", + required: false, + boolean: true, + default: true, + }, }, }) .example( diff --git a/src/routes/handlers.js b/src/routes/handlers.js index 10daf639..9df129a4 100644 --- a/src/routes/handlers.js +++ b/src/routes/handlers.js @@ -122,12 +122,16 @@ export const samlLogin = function (template) { }); }); }, Promise.resolve({})) - .then((authOptions) => { - authOptions.body = template; - authOptions.login_gov_enabled = login_gov_enabled; - authOptions.login_gov_signup_link_enabled = + .then((loginViewModel) => { + loginViewModel.mhv_logon_enabled = !!req.sps?.options?.id_me + ?.mhvLogonEnabled; + loginViewModel.ds_logon_enabled = !!req.sps?.options?.id_me + ?.dsLogonEnabled; + loginViewModel.body = template; + loginViewModel.login_gov_enabled = login_gov_enabled; + loginViewModel.login_gov_signup_link_enabled = login_gov_enabled && req.sps.options.logingov.signupLinkEnabled; - res.render("layout", authOptions); + res.render("layout", loginViewModel); logger.info("User arrived from Okta. Rendering IDP login template.", { action: "parseSamlRequest", result: "success", diff --git a/src/routes/handlers.test.ts b/src/routes/handlers.test.ts index 97e07f49..904b33aa 100644 --- a/src/routes/handlers.test.ts +++ b/src/routes/handlers.test.ts @@ -112,6 +112,8 @@ describe("samlLogin", () => { const spOptionsJustIdMe = { id_me: { + dsLogonEnabled: true, + mhvLogonEnabled: true, idpLoginLink: "https://api.idmelabs.com/saml/SingleSignOnService?SAMLRequest=fVJNTwIxED37Lza9s13BaGxYAoGYkOBHQD14G8sITfqxdmYR%2F73dZSEc1GQP3c57M%2B%2B96ZDA2UpNat76JX7WSJztnfWk2kIp6uhVADKkPDgkxVqtJvcL1c8LVcXAQQcrzij%2FM4AII5vgRTaflWI8ns%2FG43QmqnHuicFzKfpFv%2BgVt71i8Hx5ra7Sd%2FsmsovJkTsNnmqHcYVxZzS%2BLBel2DJXSkobNNhtIFY3RVHI1kMM%2B29JVfsjiYK4mCWXxkPT68CkRIXK5Gbt0MI75Tq4A35l%2FMbiymz8o%2B%2FmiewVI7XcZElkdyFqbAMsBccaxWjYUFVrKo5OGvIdbMIuX%2BNuKM8Bw8MKHlJY89lTsEZ%2FNz0d8P9ZNjdm3ftooapqNBGjZ5FNrA1f04jA2EmSxyndjnHdCk5JMu45mwZXQTTUeMI9aD56OEdNbdreEj9GXdYpLPCwQZdm5smZ9CQToo7gNaZNgBx0Rn%2Ftcqj9oehUPX%2BYox8%3D&RelayState=%2F&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=crqsP27LiAeJpKx7%2Bjshr4OeqHvFnp1rYmkP4rHTYXdEIjp6iIo7Zu3uwzXfkm%2BJp0ShXPAy7R6855y1dMBmOz3eVjdvdm8rQ7%2B044hTw3Cxmcuf836up4rsKLeT4vIHc3%2FA3qtDK3ut%2FXiArNLZJ%2FwOrC6KNWAuhJQ8fZIPv18uiCw1eNBJA2iCUD6KKtI%2FDgwA%2B1MtpRCsHNcpX23XQryIPkH8l6MsRDw1ZM3vttF7UZa6OkIsxFEXFJ4VZMal%2BciNZV%2FiB0%2FK3QvmbbKX8k%2BuJKL8rmIJr0XhNw%2BYLcMTNnpL%2FTQloi0xS18gu3J6GY%2BTEsG1CeJRNHkuJyF3LQ%3D%3D", getResponseParams: () => { @@ -135,6 +137,8 @@ describe("samlLogin", () => { const spOptionsJustwithLoginGov = { id_me: { + dsLogonEnabled: true, + mhvLogonEnabled: true, idpLoginLink: "https://api.idmelabs.com/saml/SingleSignOnService?SAMLRequest=fVJNTwIxED37Lza9s13BaGxYAoGYkOBHQD14G8sITfqxdmYR%2F73dZSEc1GQP3c57M%2B%2B96ZDA2UpNat76JX7WSJztnfWk2kIp6uhVADKkPDgkxVqtJvcL1c8LVcXAQQcrzij%2FM4AII5vgRTaflWI8ns%2FG43QmqnHuicFzKfpFv%2BgVt71i8Hx5ra7Sd%2FsmsovJkTsNnmqHcYVxZzS%2BLBel2DJXSkobNNhtIFY3RVHI1kMM%2B29JVfsjiYK4mCWXxkPT68CkRIXK5Gbt0MI75Tq4A35l%2FMbiymz8o%2B%2FmiewVI7XcZElkdyFqbAMsBccaxWjYUFVrKo5OGvIdbMIuX%2BNuKM8Bw8MKHlJY89lTsEZ%2FNz0d8P9ZNjdm3ftooapqNBGjZ5FNrA1f04jA2EmSxyndjnHdCk5JMu45mwZXQTTUeMI9aD56OEdNbdreEj9GXdYpLPCwQZdm5smZ9CQToo7gNaZNgBx0Rn%2Ftcqj9oehUPX%2BYox8%3D&RelayState=%2F&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=crqsP27LiAeJpKx7%2Bjshr4OeqHvFnp1rYmkP4rHTYXdEIjp6iIo7Zu3uwzXfkm%2BJp0ShXPAy7R6855y1dMBmOz3eVjdvdm8rQ7%2B044hTw3Cxmcuf836up4rsKLeT4vIHc3%2FA3qtDK3ut%2FXiArNLZJ%2FwOrC6KNWAuhJQ8fZIPv18uiCw1eNBJA2iCUD6KKtI%2FDgwA%2B1MtpRCsHNcpX23XQryIPkH8l6MsRDw1ZM3vttF7UZa6OkIsxFEXFJ4VZMal%2BciNZV%2FiB0%2FK3QvmbbKX8k%2BuJKL8rmIJr0XhNw%2BYLcMTNnpL%2FTQloi0xS18gu3J6GY%2BTEsG1CeJRNHkuJyF3LQ%3D%3D", getResponseParams: () => { @@ -155,6 +159,8 @@ describe("samlLogin", () => { }, }, logingov: { + dsLogonEnabled: true, + mhvLogonEnabled: true, idpLoginLink: "https://idp.int.identitysandbox.gov/api/saml/metadata2021?SAMLRequest=fVJNTwIxED37Lza9s13BaGxYAoGYkOBHQD14G8sITfqxdmYR%2F73dZSEc1GQP3c57M%2B%2B96ZDA2UpNat76JX7WSJztnfWk2kIp6uhVADKkPDgkxVqtJvcL1c8LVcXAQQcrzij%2FM4AII5vgRTaflWI8ns%2FG43QmqnHuicFzKfpFv%2BgVt71i8Hx5ra7Sd%2FsmsovJkTsNnmqHcYVxZzS%2BLBel2DJXSkobNNhtIFY3RVHI1kMM%2B29JVfsjiYK4mCWXxkPT68CkRIXK5Gbt0MI75Tq4A35l%2FMbiymz8o%2B%2FmiewVI7XcZElkdyFqbAMsBccaxWjYUFVrKo5OGvIdbMIuX%2BNuKM8Bw8MKHlJY89lTsEZ%2FNz0d8P9ZNjdm3ftooapqNBGjZ5FNrA1f04jA2EmSxyndjnHdCk5JMu45mwZXQTTUeMI9aD56OEdNbdreEj9GXdYpLPCwQZdm5smZ9CQToo7gNaZNgBx0Rn%2Ftcqj9oehUPX%2BYox8%3D&RelayState=%2F&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=crqsP27LiAeJpKx7%2Bjshr4OeqHvFnp1rYmkP4rHTYXdEIjp6iIo7Zu3uwzXfkm%2BJp0ShXPAy7R6855y1dMBmOz3eVjdvdm8rQ7%2B044hTw3Cxmcuf836up4rsKLeT4vIHc3%2FA3qtDK3ut%2FXiArNLZJ%2FwOrC6KNWAuhJQ8fZIPv18uiCw1eNBJA2iCUD6KKtI%2FDgwA%2B1MtpRCsHNcpX23XQryIPkH8l6MsRDw1ZM3vttF7UZa6OkIsxFEXFJ4VZMal%2BciNZV%2FiB0%2FK3QvmbbKX8k%2BuJKL8rmIJr0XhNw%2BYLcMTNnpL%2FTQloi0xS18gu3J6GY%2BTEsG1CeJRNHkuJyF3LQ%3D%3D", getResponseParams: () => { @@ -206,6 +212,8 @@ describe("samlLogin", () => { "https://identityProviderUrl.com?SAMLRequest=utrequest&RelayState=&op=signup", login_gov_enabled: false, login_gov_signup_link_enabled: false, + ds_logon_enabled: true, + mhv_logon_enabled: true, }; const expected_authoptions = { @@ -220,6 +228,8 @@ describe("samlLogin", () => { "https://identityProviderUrl.com?SAMLRequest=utrequest&RelayState=&op=signup", login_gov_enabled: false, login_gov_signup_link_enabled: false, + ds_logon_enabled: true, + mhv_logon_enabled: true, }; const expected_authoptions_failure_to_proof = { @@ -234,6 +244,8 @@ describe("samlLogin", () => { "https://identityProviderUrl.com?SAMLRequest=utrequest&RelayState=&op=signup", login_gov_enabled: false, login_gov_signup_link_enabled: false, + ds_logon_enabled: true, + mhv_logon_enabled: true, }; const expected_authoptions_login_gov_enabled = { body: "login_selection", @@ -251,6 +263,8 @@ describe("samlLogin", () => { login_gov_signup_link_enabled: true, login_gov_signup_link: "https://identityProviderUrl.com?SAMLRequest=utrequest&RelayState=", + ds_logon_enabled: true, + mhv_logon_enabled: true, }; const mockGetSamlRequestUrl = jest diff --git a/views/login_selection.ejs b/views/login_selection.ejs index 4c6b544b..e31832f9 100644 --- a/views/login_selection.ejs +++ b/views/login_selection.ejs @@ -80,30 +80,36 @@ <a href="https://www.va.gov/resources/creating-an-account-for-vagov"> Learn more about creating a Login.gov or ID.me account </a> - <h2 style="margin: 45px 0 15px;">Other ways to verify</h2> - <h3 style="margin: 0 0 10px;"> - My HealtheVet - <span class="vads-u-display--block vads-u-font-size--md vads-u-font-family--sans"> - Available through January 31, 2025 - </span> - </h3> - <p style="margin: 0 0 16.96px;"> - You’ll still be able to use <strong>My HealtheVet</strong> after this date. - You’ll just need to verify yourself with <strong>Login.gov</strong> or <strong>ID.me</strong>. - </p> - <a class="usa-button mhv-signin vads-u-margin-y--1p5 vads-u-padding-y--2" href="<%- mhv_login_link -%>"> - My HealtheVet - </a> - <h3 class="vads-u-margin-bottom--0 vads-u-margin-top--3"> - DS Logon - <span class="vads-u-display--block vads-u-font-size--base vads-u-font-family--sans"> - Available through September 30, 2025 - </span> - </h3> - <p style="margin: 16.96px 0;"> - You’ll still be able to use <strong>DS Logon</strong> for Defense Department websites after this date. - </p> - <a class="usa-button dslogon-signin vads-u-margin-y--1p5 vads-u-padding-y--2" href="<%- dslogon_login_link -%>">DS Logon</a> + <% if (ds_logon_enabled || mhv_logon_enabled) { %> + <h2 style="margin: 45px 0 15px;">Other ways to verify</h2> + <% } %> + <% if (mhv_logon_enabled) { %> + <h3 style="margin: 0 0 10px;"> + My HealtheVet + <span class="vads-u-display--block vads-u-font-size--md vads-u-font-family--sans"> + Available through January 31, 2025 + </span> + </h3> + <p style="margin: 0 0 16.96px;"> + You’ll still be able to use <strong>My HealtheVet</strong> after this date. + You’ll just need to verify yourself with <strong>Login.gov</strong> or <strong>ID.me</strong>. + </p> + <a class="usa-button mhv-signin vads-u-margin-y--1p5 vads-u-padding-y--2" href="<%- mhv_login_link -%>"> + My HealtheVet + </a> + <% } %> + <% if (ds_logon_enabled) { %> + <h3 class="vads-u-margin-bottom--0 vads-u-margin-top--3"> + DS Logon + <span class="vads-u-display--block vads-u-font-size--base vads-u-font-family--sans"> + Available through September 30, 2025 + </span> + </h3> + <p style="margin: 16.96px 0;"> + You’ll still be able to use <strong>DS Logon</strong> for Defense Department websites after this date. + </p> + <a class="usa-button dslogon-signin vads-u-margin-y--1p5 vads-u-padding-y--2" href="<%- dslogon_login_link -%>">DS Logon</a> + <% } %> </div> </div> </div>