BE - Auth Profile - Sign in Service - Profile Issues

tpharrison commented 2 years ago

Background

The Profile team has noticed some issues that may be related to the new Sign-in Service. The purpose of this ticket is to identify the issues and provide some context around each.

Most controllers that we're seeing issues with are making the following call...

Rails.logger.info('some message...', sso_logging_info)

The sso_logging_info method references the sso_cookie_content method which is referencing the @session_object which is null. See the sentry links below for more details.

When signed in using http://staging.va.gov/sign-in/?oauth=true, the following issues occur:

Notification Settings

The following error occurs when attempting to update a user's notification settings:

V0::Profile::CommunicationPreferencesController#update (PATCH v0/profile/communication_preferences/[:id]
- Response Code: 500
- Sentry Error: undefined method ttl_in_time for nil:NilClass

Personal Information

The following error occurs when attempting to update a user's preferred name:

V0::Profile::PreferredNamesController#update (PUT v0/profile/preferred_names)
- Response Code: 500
- Sentry Error: undefined method ttl_in_time for nil:NilClass

The following error occurs when attempting to update a user's gender identity:

V0::Profile::GenderIdentitiesController#update (PUT v0/profile/gender_identities)
- Response Code: 500
- No Sentry Error: I will look into this.

Contact Information

The following error occurs when attempting to update a user's address:

V0::Profile::AddressValidationController (PUT /v0/profile/address_validation)
- Response Code: 401 Unauthorized
- No Sentry Error: I will look into this.

Military Service History

The profile page is now pulling data from VA Profile instead of eMIS. VA Profile's staging environment does not have military history records for most users. When military history does not exist for user, the v0/profile/service_history endpoint will return a 403: Forbidden - User does not have access to the requested resource. This is expected behavior. Here is an example from Sentry.

tpharrison commented 2 years ago

@joeniquette This ticket outlines the issues we're seeing with the new sign-in service. Let me know if you have any questions or if you need more information. Thanks!

cc/ @Samara-Strauss @SKasimow

Samara-Strauss commented 2 years ago

Thank you for outlining this, Tom!

joeniquette commented 2 years ago

@tpharrison I believe when you see the 401 code its because your access token has expired, which is currently set to 5 minutes. We have a PR going into staging today which should fix this issue, but if your testing anything longer than 5 minutes you need to reauthenticate for now.

Otherwise our team believes we have identified the two main issues with your profile, we hope to have PRs up for them by end day tomorrow.

department-of-veterans-affairs / va.gov-team