Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

LG-12636: Show recommended PIV option for .gov/.mil email #10252

Merged
merged 24 commits into from
Mar 20, 2024
Merged

LG-12636: Show recommended PIV option for .gov/.mil email #10252

merged 24 commits into from
Mar 20, 2024

Conversation

aduth
Copy link
Member

@aduth aduth commented Mar 14, 2024
edited
Loading

🎫 Ticket

LG-12636

🛠 Summary of changes

Recommends PIV as an MFA option in account creation for users with a ".gov" or ".mil" email:

  • Sorts the option to appear first in the selection list
  • Displays a "Recommended" tag

📜 Testing Plan

Repeat the following steps with and without a ".gov" or ".mil" email:

  1. Go to http://localhost:3000
  2. Click "Create an account"
  3. Complete account creation up until MFA selection
  4. Observe:
    • If you entered a ".gov" or ".mil" email for your account, PIV appears first and has a "Recommended" tag
    • Otherwise, PIV appears last and does not have a "Recommended" tag
    • All other options are unaffected

👀 Screenshots

Before After
localhost_3000_authentication_methods_setup(Computer Standard) (1) localhost_3000_authentication_methods_setup(Computer Standard)

aduth
aduth commented Mar 14, 2024
View reviewed changes
app/presenters/two_factor_options_presenter.rb Outdated
return []
else
[TwoFactorAuthentication::SetUpPhoneSelectionPresenter.new(user: user)]
def show_option?(option)
Copy link
Member Author

@aduth aduth Mar 14, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe this should be a method of the individual presenter classes? We could shift common helper methods to the base SetUpSelectionPresenter class if needed.

@aduth aduth marked this pull request as ready for review March 20, 2024 12:51
@aduth aduth requested a review from a team March 20, 2024 12:51
aduth added 22 commits March 20, 2024 09:11
@aduth
Sort MFA selection order PIV option by email
e07258e 
changelog: User-Facing Improvements, Multi-Factor Authentication, Sort setup options to recommend PIV for .gov/.mil email addresses
@aduth
Add tag component
45ad1c1
@aduth
Show tag for recommended MFA option
c7df9e4
@aduth
Add TagComponent specs
a7aaf3c
@aduth
Add TagComponent preview
8213d09
@aduth
Add EmailAddress#gov_or_mil? specs
2895c4b
@aduth
Add SetUpSelectionPresenter#recommended? specs
037fd69
@aduth
Add SetUpPivCacSelectionPresenter#recommended? specs
16a3721
@aduth
Remove unused method
0000eb3
@aduth
Move visibility consideration to presenter classes
04e56fb
@aduth
Add specs for setup presenters phishing_resistant?
a7bc8d7
@aduth
Fix missing method desktop
7a1239d
@aduth
Add SetUpSelectionPresenter#visible? specs
02bb360
@aduth
Allow option parameters for SetUpSelectionPresenter
fe437b0
@aduth
Add SetUpPhoneSelectionPresenter#visible? specs
3982792
@aduth
Fix SetUpWebauthnPlatformSelectionPresenter specs
52b78f5
@aduth
Fix SetUpAuthAppSelectionPresenter specs
97d365b
@aduth
Fix SetUpWebauthnSelectionPresenter specs
8819535
@aduth
Add SetUpBackupCodeSelectionPresenter specs
b69ecfd
@aduth
Fix and add spec for piv desktop_only?
375e353
@aduth
Add specs for TwoFactorOptionsPresenter#all_options_sorted
a8a4a7f
@aduth
Add specs for _mfa_selection recommended tag
06661bb
@aduth aduth force-pushed the aduth-lg-12636-piv-mfa-order branch from 7d41bfd to 06661bb Compare March 20, 2024 13:11
kevinsmaster5
kevinsmaster5 reviewed Mar 20, 2024
View reviewed changes
app/views/partials/multi_factor_authentication/_mfa_selection.html.erb
informative: true,
class: 'margin-top-1',
).with_content(t('two_factor_authentication.recommended')) %>
<% end %>
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The 'Added' tag is similar to this but has the aria-hidden="true" attribute. I'm wondering if it should be on the Recommended tag also, or should it not be on the Added tag either.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The ARIA is a little hard to follow here, but I think this is correct as-is.

Example how this announces in Safari + VoiceOver:

image

kevinsmaster5
kevinsmaster5 reviewed Mar 20, 2024
View reviewed changes
app/presenters/two_factor_options_presenter.rb
def current_device_is_desktop?
!BrowserCache.parse(@user_agent).mobile?
end

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I like how you refactored all of that.

kevinsmaster5
kevinsmaster5 approved these changes Mar 20, 2024
View reviewed changes
Copy link
Contributor

@kevinsmaster5 kevinsmaster5 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It looks good and checks out locally. 👍

@aduth
Make browser method private
3e2531c 
Not tested or expected part of public API
jmdembe
jmdembe reviewed Mar 20, 2024
View reviewed changes
app/presenters/two_factor_authentication/set_up_selection_presenter.rb
type == :piv_cac
elsif phishing_resistant_required?
phishing_resistant?
elsif desktop_only?
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Would this line be considered as a bit of mental gymnastics? I was thinking !browser.mobile? could go into something like is_browser_mobile? for readability.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, to the readability point, I initially tried browser.desktop? to avoid the negation, before realizing that the method doesn't actually exist and fixing in 7a1239d.

Personally I think the negation isn't too bad to warrant adding another method here.

@aduth
Copy link
Member Author

aduth commented Mar 20, 2024

Pushed a small change to include some analytics insights here in ec43d0b

@aduth aduth merged commit 8606203 into main Mar 20, 2024
2 checks passed
@aduth aduth deleted the aduth-lg-12636-piv-mfa-order branch March 20, 2024 16:34
@matthinz matthinz mentioned this pull request Mar 21, 2024
Merged
@aduth aduth mentioned this pull request May 9, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jmdembe jmdembe jmdembe left review comments

@kevinsmaster5 kevinsmaster5 kevinsmaster5 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@aduth @jmdembe @kevinsmaster5