capture client signature before filing signed DOT forms

Forms that legally require the client's signature were not being captured
correctly:

- MCS-150 handler created a perjury e-sign record but then submitted to FMCSA
  anyway, before the client signed. Now it gates submission: request the
  signature, hold, and only file when handle_esign_completed re-dispatches with
  client_approved=True.
- MCS-150 e-sign links were signed with JWT_SECRET/ADMIN_JWT_SECRET, but the
  portal verifies with CUSTOMER_JWT_SECRET, so every link returned "Invalid
  portal link." New shared dot_esign helper signs with CUSTOMER_JWT_SECRET.
- carrier-closeout (final MCS-150 Out of Business) and entity-dissolution
  (Articles of Dissolution + no-lawsuits/liens/judgments attestation) captured
  no signature at all. Both now request a signed attestation before the
  workflow proceeds.
- mc-authority / emergency-temporary-authority now get a correctly labeled
  OP-1 applicant certification instead of an "MCS-150" record.

Also fixes a latent dispatcher bug: order["service_slug"] was never set, so
handlers sharing a class fell back to their default SERVICE_SLUG. This made
entity-dissolution run the carrier-closeout branch and mc-authority/etc. look
like mcs150-update. Now the resolved slug is injected into order_data.

Portal e-sign page now renders the document-specific certification text from
metadata.perjury_text (so the dissolution no-liabilities attestation and OP-1
cert are actually shown to the signer), not just a generic perjury line.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
justin 2026-05-31 20:30:09 -05:00
parent 869bcac287
commit 02112facf5
5 changed files with 366 additions and 84 deletions

View file

@ -66,7 +66,40 @@ class CarrierCloseoutHandler:
"Sequential wind-down steps:\n"
+ "\n".join(f" {i + 1}. {s}" for i, s in enumerate(steps))
)
self._create_todo(order_number, intake, title, description, slug, priority="high")
# Signature gate. Both close-out (final MCS-150 "Out of Business") and
# entity dissolution require the client's signed authorization/attestation
# before we file anything. On first run we request the signature and hold;
# handle_esign_completed re-dispatches with client_approved=True once signed.
from scripts.workers.services.dot_esign import requires_signature, request_dot_esign
client_approved = bool(order_data.get("client_approved"))
customer_email = order_data.get("customer_email", "")
if requires_signature(slug) and not client_approved:
request_dot_esign(
order_number=order_number,
slug=slug,
entity_name=name,
customer_email=customer_email,
dot_number=dot if dot != "N/A" else "",
)
LOG.info("[%s] Awaiting client signature before %s — holding workflow", order_number, slug)
self._create_todo(
order_number, intake,
f"{title} [AWAITING CLIENT SIGNATURE]",
description + f"\n\nStatus: AWAITING CLIENT SIGNATURE — link emailed to {customer_email}."
"\nWorkflow auto-resumes once the client signs.",
slug, priority="low",
)
return [f"Awaiting signature: {title}"]
# Signed (or re-dispatched after signing) — queue the actionable workflow.
self._create_todo(
order_number, intake,
f"{title} [SIGNED — READY TO FILE]",
description + "\n\nStatus: Client signed the authorization. Proceed with filing.",
slug, priority="high",
)
return [f"Close-out workflow queued: {title}"]
def _create_todo(self, order_number, intake, title, description, slug, priority="normal"):