save answers in journey session

.env.test

@@ -37,3 +37,4 @@ TID_SIGN_IN_ISSUER=https://preprod.teaching-identity.education.gov.uk/
 TID_SIGN_IN_API_ENDPOINT=https://preprod.teaching-identity.education.gov.uk:433
 TID_SIGN_IN_CLIENT_ID=claim
 
+BYPASS_ONELOGIN_SIGN_IN=true

app/controllers/omniauth_callbacks_controller.rb

@@ -49,18 +49,21 @@ def onelogin
             surname: surname
           }
         )
-      ) # TODO: store name in journey answers # check teacher hash in additional payment journey as an example
+      )
     else
       onelogin_user_info_attributes = auth.info.to_h.slice(
         *SignInForm::OneloginUserInfoForm::ONELOGIN_USER_INFO_ATTRIBUTES.map(&:to_s)
       )
+
+      journey_session.answers.assign_attributes(onelogin_user_info: onelogin_user_info_attributes)
+      journey_session.save!
+
       redirect_to(
         claim_path(
           journey: current_journey_routing_name,
           slug: "sign-in",
           claim: {
-            logged_in_with_onelogin: true,
-            onelogin_user_info_attributes: onelogin_user_info_attributes
+            logged_in_with_onelogin: true
           }
         )
       )

app/forms/sign_in_form.rb

@@ -29,6 +29,15 @@ def onelogin_user_info
     @onelogin_user_info ||= OneloginUserInfoForm.new
   end
 
+  def save
+    journey_session.answers.assign_attributes(
+      onelogin_user_info: onelogin_user_info.attributes,
+      first_name: first_name,
+      surname: surname
+    )
+    journey_session.save!
+  end
+
   private
 
   def permitted_attributes

app/views/claims/_sign_in.html.erb

@@ -29,7 +29,16 @@
   <% if @form.logged_in_with_onelogin %>
     <%= button_to "Prove your identity with One Login", "/auth/onelogin_identity", class: "govuk-button", method: :post %>
   <% elsif @form.identity_confirmed_with_onelogin %>
-    <%= button_to "Continue", "", class: "govuk-button", method: :get %>
+    <%= form_for @form, url: claim_path(current_journey_routing_name) do |f| %>
+      <%= f.fields_for :onelogin_user_info do |ff| %>
+        <% ff.object.attribute_names.each do |attribute| %>
+          <%= ff.hidden_field attribute %>
+        <% end %>
+      <% end %>
+      <%= f.hidden_field :first_name %>
+      <%= f.hidden_field :surname %>
+      <%= f.submit "Continue", class: "govuk-button", data: {module: "govuk-button"} %>
+    <% end %>
   <% else %>
     <%= button_to "Continue with One Login", "/auth/onelogin", class: "govuk-button", method: :post %>
   <% end %>

config/initializers/omniauth.rb

@@ -42,7 +42,7 @@ def self.bypass?
 
 module ::OneLoginSignIn
   def self.bypass?
-    (Rails.env.development? || ENV["ENVIRONMENT_NAME"].start_with?("review")) && ENV["BYPASS_ONELOGIN_SIGN_IN"] == "true"
+    ENV["BYPASS_ONELOGIN_SIGN_IN"] == "true" # too unsafe? could accidentally enable this on production
   end
 end
 

spec/features/further_education_payments/happy_path_spec.rb

@@ -11,6 +11,15 @@
     expect(page).to have_link("Start now")
     click_link "Start now"
 
+    expect(page).to have_content("Sign in with GOV.UK One Login")
+    click_button "Continue with One Login"
+
+    expect(page).to have_content("You've successfully signed in to GOV.UK One Login")
+    click_button "Prove your identity with One Login"
+
+    expect(page).to have_content("You've successfully proved your identity with GOV.UK One Login")
+    click_button "Continue"
+
     expect(page).to have_content("Are you a member of staff with teaching responsibilities?")
     choose "Yes"
     click_button "Continue"