SHARE
TWEET

verifyIdentity

tkoenig Jul 17th, 2017 53 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. 145:
  2. We should return an error right away here if there is no session/emailToken
  3.  
  4. 151:
  5. I don't see where we need a 'maxauthattempts' parameter. The gazelle mw should take care of increasing
  6. mw/failedVerificationAttempts until a valid verification occurs
  7.  
  8. 153:
  9. We can check here if there is a nextAllowedVerificationDate on the session and return right away if it is, and
  10. no verification attempt is currently permitted
  11.  
  12. 170:
  13. There is no point in storing the encounter data in a session attribute. Only immutable properties of the
  14. encounter data should be held in a session attribute. The encounter data has be read from the mw backend
  15. on each mq/verifyIdentity request.
  16.  
  17. 190:
  18. See above: authAttempts on the encounter are irrelevant for the logic here
  19.  
  20. 222:
  21. We can't assume that the demographics is still 'null' on the encounter at this point . It might not be. What we have to do is
  22. verify the identify here and call the mw/verified(STRONG/WEAK) method. The mw/verified() method will then determine whether WEAK
  23. verification is still possible (if the demographics is no longer null, it is not).
  24.  
  25. 234:
  26. Again, we cannot ask mw to copy the demographics data as that might already have happened through another session.
  27. Populating the demographics data from eOrder, eMPI has to be a side effect of calling  mw/verified(STRONG/WEAK).
  28.  
  29. 245:
  30. See 234, setting the mw verification-related data has to be done by mw/verified()                                                        
  31.  
  32. 264:
  33. If this is the first failed verification attempt, we don't have to set anything yet on mw ... only after the third
  34. failed attempt.
  35.  
  36. 271:
  37. Has to be handled the same as 222
  38.  
  39. 306:
  40. If the demographics is not null we should perform the verification only against the demographics lastName/DOB
  41.  
  42. 313:
  43. Setting the mw verification-related data has to be done by mw/verified()
  44.  
  45. 335:
  46. Setting the mw verification-related data has to be done by mw/verified()
RAW Paste Data
Top