Merge remote-tracking branch 'origin/main' into GYR1-807-language-routing

Author: embarnard

.circleci/config.yml

@@ -57,8 +57,9 @@ commands:
       - run:
           name: install bundler & ruby dependencies
           command: |
-            gem install bundler:2.3.5 --no-document && \
-            bundle install --jobs=4 --retry=3 --path vendor/bundle
+            gem install bundler:2.5.18 --no-document
+            bundle config set --local path 'vendor/bundle'
+            bundle install --jobs=4 --retry=3
       - save_cache:
           key: bundle-{{ checksum "Gemfile.lock" }}
           paths: [/mnt/ramdisk/vendor/bundle]

Gemfile

@@ -145,6 +145,7 @@ group :development do
   gem 'stackprof'
   gem 'memory_profiler'
   gem "letter_opener"
+  gem "faraday"
 end
 
 group :test do

Gemfile.lock

@@ -789,6 +789,7 @@ DEPENDENCIES
   dotenv
   easy_translate
   factory_bot_rails
+  faraday
   fix-db-schema-conflicts
   flamegraph
   flipper

app/controllers/concerns/state_file/fyst_sunset_redirect_concern.rb

@@ -0,0 +1,17 @@
+module StateFile
+  module FystSunsetRedirectConcern
+    extend ActiveSupport::Concern
+
+    included do
+      before_action :sunset_redirect_to_homepage
+    end
+
+    private
+
+    def sunset_redirect_to_homepage
+      if Flipper.enabled?(:fyst_sunset_pya_live)
+        redirect_to root_path
+      end
+    end
+  end
+end

app/controllers/hub/organizations_controller.rb

@@ -95,7 +95,7 @@ def activate_all_role_param
 
     def organization_form_params
       params.require(:hub_organization_form).permit(
-        :name, :is_independent, :states, :coalition_id, :timezone, :accepts_itin_applicants, :capacity_limit, :allows_greeters, source_parameters_attributes: [:_destroy, :id, :code]
+        :name, :is_independent, :states, :coalition_id, :timezone, :accepts_itin_applicants, :capacity_limit, :allows_greeters, :national_overflow_location, source_parameters_attributes: [:_destroy, :id, :code]
       )
     end
 

app/controllers/state_file/landing_page_controller.rb

@@ -1,6 +1,7 @@
 module StateFile
   class LandingPageController < ApplicationController
     include StateFile::StateFileControllerConcern
+    include StateFile::FystSunsetRedirectConcern
     layout "state_file"
 
     def edit

app/controllers/state_file/questions/questions_controller.rb

@@ -1,6 +1,7 @@
 module StateFile
   module Questions
     class QuestionsController < ::Questions::QuestionsController
+      include StateFile::FystSunsetRedirectConcern
       include StateFile::StateFileIntakeConcern
       before_action :redirect_if_no_intake, :redirect_if_in_progress_intakes_ended, :redirect_if_df_data_required
 

app/forms/hub/organization_form.rb

@@ -4,7 +4,7 @@ class OrganizationForm < Form
 
     attr_accessor :organization
 
-    set_attributes_for :organization, :name, :coalition_id, :accepts_itin_applicants, :timezone, :capacity_limit, :allows_greeters
+    set_attributes_for :organization, :name, :coalition_id, :accepts_itin_applicants, :timezone, :capacity_limit, :allows_greeters, :national_overflow_location
     set_attributes_for :state_routing_targets, :states
     set_attributes_for :organization_synthetic_attributes, :is_independent
 

app/jobs/process_text_message_attachments_job.rb

@@ -1,7 +1,7 @@
 class MissingAttachmentError < StandardError; end
 
 class ProcessTextMessageAttachmentsJob < ApplicationJob
-  retry_on MissingAttachmentError
+  retry_on MissingAttachmentError, attempts: 10
 
   def perform(incoming_text_message_id, client_id, params)
     attachments = TwilioService.new.parse_attachments(params)

app/services/irs_api_service.rb

@@ -84,34 +84,42 @@ def self.import_federal_data(authorization_code, _state_code)
       return
     end
 
+    decrypted_response = decrypt_response(
+      cert_finder.client_key,
+      Base64.decode64(response.header['SESSION-KEY']),
+      Base64.decode64(response.header['INITIALIZATION-VECTOR']),
+      Base64.decode64(JSON.parse(response.body)['taxReturn']),
+      Base64.decode64(response.header['AUTHENTICATION-TAG'])
+    )
+
+    decrypted_json = JSON.parse(decrypted_response)
+    decrypted_json['xml'] = Nokogiri::XML(decrypted_json['xml']).to_xml
+
+    decrypted_json
+  end
+
+  def self.decrypt_response(private_key, encrypted_secret, initialization_vector, encrypted_data, authentication_tag = nil)
     decipher = OpenSSL::Cipher.new('aes-256-gcm')
     decipher.decrypt
-    client_key = cert_finder.client_key
-    encrypted_session_key = Base64.decode64(response.header['SESSION-KEY'])
 
     label = ''
     md_oaep = OpenSSL::Digest::SHA256
     md_mgf1 = OpenSSL::Digest::SHA1
 
-    decipher.key = client_key.private_decrypt_oaep(encrypted_session_key, label, md_oaep, md_mgf1)
-    decipher.iv = Base64.decode64(response.header['INITIALIZATION-VECTOR'])
-    encrypted_tax_return_bytes = Base64.decode64(JSON.parse(response.body)['taxReturn'])
+    decipher.key = private_key.private_decrypt_oaep(encrypted_secret, label, md_oaep, md_mgf1)
+    decipher.iv = initialization_vector
 
     if ENV['IRS_API_LOCALHOST']
-      decipher.auth_tag = Base64.decode64(response.header['AUTHENTICATION-TAG'])
+      decipher.auth_tag = authentication_tag
     else
-      char_array = encrypted_tax_return_bytes.unpack("C*")
-      encrypted_tax_return_bytes = char_array[0..-17].pack("C*")
+      char_array = encrypted_data.unpack("C*")
+      encrypted_data = char_array[0..-17].pack("C*")
       auth_tag = char_array.last(16).pack("C*")
 
       decipher.auth_tag = auth_tag
     end
-    plain = decipher.update(encrypted_tax_return_bytes) + decipher.final
-
-    decrypted_json = JSON.parse(plain)
-    decrypted_json['xml'] = Nokogiri::XML(decrypted_json['xml']).to_xml
 
-    decrypted_json
+    decipher.update(encrypted_data) + decipher.final
   end
 
   private