New System enrollment error page

[angela-tran]

Acceptance Criteria

Front-end design implementation:

• Updated headline
• Updated body copy
• Updated CTA button (Login.gov and non-login.gov variants - “Sign out of Login.gov” and “Return home”)
  • Login.gov CTA variant signs them out and takes them back to agency index
  • Non-login.gov CTA variant takes them back to the agency index

Back-end logic

• System enrollment errors should still cause Sentry notifications and Amplitude events to be sent
• 500-level HTTP errors during linking of funding-source and group should show system enrollment error - Feat: system enrollment error - 500 error when linking #2088
• Errors during the acquisition of card tokenization access token should send user to an error page - Javascript in enrollment/index.html will need to know where to send user
  • 500-level HTTP errors show system enrollment error page - Feat: system enrollment error - 500 error during /token #2089
  • 400-level HTTP errors and any other types of errors show server error page
• onError callback in tokenization function needs to redirect
  • to system enrollment error page if 500-level HTTP error
  • to server error page if 400-level HTTP error

Additional context

• Handles the case of our connection to Littlepay being broken e.g. because Littlepay’s system is down or returning errors.

[angela-tran]

Met with @thekaveman and @lalver1 today to go over the conditions in which to show the System enrollment error page.

We took some notes during the meeting; here are some additional details and code snippets:

We reviewed the original intention of each error page from #1939 and were able to unravel that system enrollment error corresponds to Littlepay server errors (e.g. 500 level errors or a call to onError during the hosted verification flow).

We also decided that 400 level errors from Littlepay most likely indicate a misconfiguration on our end, so those should show our generic error page (i.e. by raising an Exception).

Lastly, we noted Backoffice API misconfiguration can present itself in a few different ways, so we should test out as much misconfiguration as we can and let those show the generic error page.

Some other notes:

• make sure system enrollment errors send a Sentry notification
• make sure system enrollment errors send an Amplitude event, similar to those sent for the generic error page scenarios

Some rough pseudocode from our meeting:

@decorator_from_middleware(EligibleSessionRequired)
def token(request):
    """View handler for the enrollment auth token."""
    if not session.enrollment_token_valid(request):
        agency = session.agency(request)
        payment_processor = agency.payment_processor
        client = Client(
            base_url=payment_processor.api_base_url,
            client_id=payment_processor.client_id,
            client_secret=payment_processor.client_secret,
            audience=payment_processor.audience,
        )
        client.oauth.ensure_active_token(client.token)

        try:
            response = client.request_card_tokenization_access()
        except Exception as e:
            # status_code == 500 => system enrollment error page

            # status_code is 400-404 => our generic 500 error page

            # UnsupportedTokenTypeError => our generic 500 error page

            # anything else => our generic 500 error page (b/c it's probably a bug on our side)

        session.update(request, enrollment_token=response.get("access_token"), enrollment_token_exp=response.get("expires_at"))

    data = {"token": session.enrollment_token(request)}

    return JsonResponse(data)

@decorator_from_middleware(EligibleSessionRequired)
def index(request):
    """View handler for the enrollment landing page."""
 ...

        try:
            client.link_concession_group_funding_source(funding_source_id=funding_source.id, group_id=eligibility.group_id)
        except HTTPError as e:
            # 409 means that customer already belongs to a concession group.
            # the response JSON will look like:
            # {"errors":[{"detail":"Conflict (409) - Customer already belongs to a concession group."}]}
            if e.response.status_code == 409:
                analytics.returned_success(request, eligibility.group_id)
                return success(request)
            elif e.response.status_code >= 500:
                # system enrollment error
            else:
                analytics.returned_error(request, str(e))
                raise Exception(f"{e}: {e.response.json()}")
        except Exception as e:
            analytics.returned_error(request, str(e))
            raise e
            # generic 500 error page
        else:
            analytics.returned_success(request, eligibility.group_id)
            return success(request)