Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OneLogin Fallback Flow #10282

Merged
merged 13 commits into from
Jan 22, 2025
Merged

OneLogin Fallback Flow #10282

merged 13 commits into from
Jan 22, 2025

Conversation

dcyoung-dev
Copy link
Collaborator

Context

As part of the introduction of One Login, we have had to make changes to how the Magic Links (fallback) login flow works.
This change will allow Candidates to sign in using either their Candidate email address or their OneLogin email address.

Changes proposed in this pull request

  • Sign in emails now require a specific email address for the emails to be sent to
  • Candidate.for_email now checks for connected OneLoginAuth records matching the email address
  • Additional fallback flow tests have been added

Guidance to review

Link to Trello card

https://trello.com/c/BWEajuXS

Things to check

  • If the code removes any existing feature flags, a data migration has also been added to delete the entry from the database
  • This code does not rely on migrations in the same Pull Request
  • If this code includes a migration adding or changing columns, it also backfills existing records for consistency
  • If this code adds a column to the DB, decide whether it needs to be in analytics yml file or analytics blocklist, if included inform data insights team of the changes
  • If this code adds a column that may include PII, the sanitise.sql script and 0025-protecting-personal-data-in-production-dump.md ADR have been updated.
  • API release notes have been updated if necessary
  • If it adds a significant user-facing change, is it documented in the CHANGELOG?
  • Attach the PR to the Trello card

@dcyoung-dev
Updated the Candidate.for_email
65048e8 
This now returns a Candidate if there is a matching OneLoginAuth email address
@dcyoung-dev
Updated RequestMagicLink.for_sign_in and `AuthenticationMailer.sign…
e875dc0 
…_in_email` to accept an email address

A Candidate may have more than one email address for authentication, the additional `email_address` argument is needed to send emails to the correct address
@dcyoung-dev
Added fallback flow specs
e84ffa1 
Sign up, Sign in and Account page flows covered in separate specs.

Each spec includes flowing through scenarios where the Candidate does and does not have OneLogin setup and using either of the connected email addresses.
@dcyoung-dev dcyoung-dev requested a review from a team January 20, 2025 15:55
@dcyoung-dev dcyoung-dev self-assigned this Jan 20, 2025
@dcyoung-dev dcyoung-dev marked this pull request as ready for review January 20, 2025 15:55
elceebee
elceebee reviewed Jan 20, 2025
View reviewed changes
app/models/candidate.rb Outdated Show resolved Hide resolved
elceebee
elceebee reviewed Jan 20, 2025
View reviewed changes
Copy link
Contributor

@elceebee elceebee left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Found this bug here when you land on the expired link page

email.me.new.link.broken.mov

@dcyoung-dev dcyoung-dev added the deploy_v2 Deploy the review app to AKS label Jan 21, 2025
@github-actions github-actions bot temporarily deployed to review_aks-10282 January 21, 2025 13:15 Destroyed
CatalinVoineag
CatalinVoineag approved these changes Jan 21, 2025
View reviewed changes
Copy link
Contributor

@CatalinVoineag CatalinVoineag left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've dev tested this on my local. I can login with 2 emails for the same candidate, the candidate email and the one login email linked to the candidate. I can also create a new account if the email is not in OneLoginAuth or Candidate tables.

This works as expected, well done! 💯

...erface/signup_and_signin/candidate_signs_in_with_an_authentication_token_with_a_path_spec.rb Outdated
end

def and_i_submit_my_email_address
fill_in t('authentication.sign_up.email_address.label'), with: @candidate.email_address
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe use the actual text rather than the translation

elceebee
elceebee approved these changes Jan 21, 2025
View reviewed changes
Copy link
Contributor

@elceebee elceebee left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've tested all the scenarios I can think of with signing in / out, creating one login accounts, using expired links, etc on the review app. Everything is working as expected as far as I can tell.

It would be nice to have the test files use text instead of translation references, but not a blocker.

@dcyoung-dev @elceebee
Update spec/system/candidate_interface/signup_and_signin/candidate_si…
3cf1dd0 
…gns_in_with_an_authentication_token_with_a_path_spec.rb

Co-authored-by: Lori Bailey <[email protected]>
@github-actions github-actions bot temporarily deployed to review_aks-10282 January 21, 2025 14:44 Destroyed
@dcyoung-dev dcyoung-dev merged commit 5e1dfca into main Jan 22, 2025
24 checks passed
@dcyoung-dev dcyoung-dev deleted the dy-onelogin-fallback-2 branch January 22, 2025 09:39
@sentry-io Sentry.io
Copy link

sentry-io bot commented Jan 22, 2025

Suspect Issues

This pull request was deployed and Sentry observed the following issues:

  • ‼️ ArgumentError: unknown keyword: :email_address (ArgumentError) Sidekiq/ActionMailer::MailDeliveryJob View Issue

Did you find this useful? React with a 👍 or 👎

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@avinhurry avinhurry avinhurry left review comments

@elceebee elceebee elceebee approved these changes

@CatalinVoineag CatalinVoineag CatalinVoineag approved these changes

Assignees

@dcyoung-dev dcyoung-dev

Labels
deploy_v2 Deploy the review app to AKS
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@dcyoung-dev @CatalinVoineag @elceebee @avinhurry