org.broadleafcommerce.profile.core.service

Class CustomerServiceImpl

java.lang.Object

org.broadleafcommerce.profile.core.service.CustomerServiceImpl

All Implemented Interfaces:

CustomerService

@Service(value="blCustomerService")
public class CustomerServiceImpl
extends Object
implements CustomerService

Field Summary

Fields

Modifier and Type	Field and Description
protected EmailInfo	changePasswordEmailInfo
protected CustomerDao	customerDao
protected CustomerForgotPasswordSecurityTokenDao	customerForgotPasswordSecurityTokenDao
protected EmailService	emailService
protected EmailInfo	forgotPasswordEmailInfo
protected EmailInfo	forgotUsernameEmailInfo
protected IdGenerationService	idGenerationService
protected List<PasswordUpdatedHandler>	passwordChangedHandlers
protected org.springframework.security.crypto.password.PasswordEncoder	passwordEncoderBean This is simply a placeholder to be used by #setupPasswordEncoder() to determine if we're using the new PasswordEncoder or the deprecated PasswordEncoder
protected List<PasswordUpdatedHandler>	passwordResetHandlers
protected int	passwordTokenLength
protected List<PostRegistrationObserver>	postRegisterListeners
protected EmailInfo	registrationEmailInfo
protected RoleDao	roleDao
protected int	tokenExpiredMinutes

Constructor Summary

Constructors

Constructor and Description
CustomerServiceImpl()

Method Summary

Modifier and Type	Method and Description
void	addPostRegisterListener(PostRegistrationObserver postRegisterListeners)
protected Map<String,Object>	buildCustomerRuleParams(Customer customer)
Customer	changePassword(PasswordChange passwordChange)
protected void	checkCustomer(Customer customer, GenericResponse response)
protected void	checkPassword(String password, String confirmPassword, GenericResponse response)
GenericResponse	checkPasswordResetToken(String token, Customer customer) Verifies that a customer has a valid token.
protected CustomerForgotPasswordSecurityToken	checkPasswordResetToken(String token, Customer customer, GenericResponse response)
Customer	createCustomer()
Customer	createCustomerFromId(Long customerId) Returns a Customer by first looking in the database, otherwise creating a new non-persisted Customer
Customer	createNewCustomer() Returns a non-persisted Customer.
void	createRegisteredCustomerRoles(Customer customer) Subclassed implementations can assign unique roles for various customer types
boolean	customerPassesCustomerRule(Customer customer, CustomerRuleHolder customerRuleHolder) Determines if the given customer passes the MVEL customer rule
void	deleteCustomer(Customer customer) Delete the customer entity from the persistent store
String	encodePassword(String rawPassword) Encodes the clear text parameter, using the salt provided by PasswordEncoder.
Long	findNextCustomerId() Allow customers to call from subclassed service.
protected String	generateSecurePassword()
EmailInfo	getChangePasswordEmailInfo()
EmailInfo	getForgotPasswordEmailInfo()
EmailInfo	getForgotUsernameEmailInfo()
List<PasswordUpdatedHandler>	getPasswordChangedHandlers()
List<PasswordUpdatedHandler>	getPasswordResetHandlers()
int	getPasswordTokenLength()
EmailInfo	getRegistrationEmailInfo()
int	getTokenExpiredMinutes()
protected void	invalidateAllTokensForCustomer(Customer customer)
boolean	isPasswordValid(String rawPassword, String encodedPassword) Determines if a password is valid by comparing it to the encoded string, salting is handled internally to the PasswordEncoder.
protected boolean	isTokenExpired(CustomerForgotPasswordSecurityToken fpst)
protected void	notifyPostRegisterListeners(Customer customer)
List<Customer>	readBatchCustomers(int start, int pageSize)
Customer	readCustomerByEmail(String emailAddress)
Customer	readCustomerByExternalId(String userExternalId)
Customer	readCustomerById(Long id)
Customer	readCustomerByUsername(String username)
Customer	readCustomerByUsername(String username, Boolean cacheable)
Long	readNumberOfCustomers()
Customer	registerCustomer(Customer customer, String password, String passwordConfirm)
void	removePostRegisterListener(PostRegistrationObserver postRegisterListeners)
Customer	resetPassword(PasswordReset passwordReset)
GenericResponse	resetPasswordUsingToken(String username, String token, String password, String confirmPassword) Updates the password for the passed in customer only if the passed in token is valid for that customer.
Customer	saveCustomer(Customer customer)
Customer	saveCustomer(Customer customer, boolean register)
protected void	sendEmail(String emailAddress, EmailInfo emailInfo, Map<String,Object> props)
GenericResponse	sendForcedPasswordChangeNotification(String username, String resetPasswordUrl) Generates an access token and then emails the user.
GenericResponse	sendForgotPasswordNotification(String username, String resetPasswordUrl) Generates an access token and then emails the user.
GenericResponse	sendForgotUsernameNotification(String emailAddress) Looks up the corresponding Customer and emails the address on file with the associated username.
void	setChangePasswordEmailInfo(EmailInfo changePasswordEmailInfo)
void	setCustomerDao(CustomerDao customerDao)
void	setForgotPasswordEmailInfo(EmailInfo forgotPasswordEmailInfo)
void	setForgotUsernameEmailInfo(EmailInfo forgotUsernameEmailInfo)
void	setPasswordChangedHandlers(List<PasswordUpdatedHandler> passwordChangedHandlers)
void	setPasswordResetHandlers(List<PasswordUpdatedHandler> passwordResetHandlers)
void	setPasswordTokenLength(int passwordTokenLength)
void	setRegistrationEmailInfo(EmailInfo registrationEmailInfo)
void	setTokenExpiredMinutes(int tokenExpiredMinutes)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

customerDao

protected CustomerDao customerDao

idGenerationService

protected IdGenerationService idGenerationService

customerForgotPasswordSecurityTokenDao

protected CustomerForgotPasswordSecurityTokenDao customerForgotPasswordSecurityTokenDao

passwordEncoderBean

protected org.springframework.security.crypto.password.PasswordEncoder passwordEncoderBean

This is simply a placeholder to be used by #setupPasswordEncoder() to determine if we're using the new PasswordEncoder or the deprecated PasswordEncoder

roleDao

protected RoleDao roleDao

emailService

protected EmailService emailService

forgotPasswordEmailInfo

protected EmailInfo forgotPasswordEmailInfo

forgotUsernameEmailInfo

protected EmailInfo forgotUsernameEmailInfo

registrationEmailInfo

protected EmailInfo registrationEmailInfo

changePasswordEmailInfo

protected EmailInfo changePasswordEmailInfo

tokenExpiredMinutes

protected int tokenExpiredMinutes

passwordTokenLength

protected int passwordTokenLength

postRegisterListeners

protected final List<PostRegistrationObserver> postRegisterListeners

passwordResetHandlers

protected List<PasswordUpdatedHandler> passwordResetHandlers

passwordChangedHandlers

protected List<PasswordUpdatedHandler> passwordChangedHandlers

Constructor Detail

CustomerServiceImpl

public CustomerServiceImpl()

Method Detail

saveCustomer

@Transactional(value="blTransactionManager")
public Customer saveCustomer(Customer customer)

Specified by:

saveCustomer in interface CustomerService

saveCustomer

@Transactional(value="blTransactionManager")
public Customer saveCustomer(Customer customer,
                                                                          boolean register)

Specified by:

saveCustomer in interface CustomerService

generateSecurePassword

protected String generateSecurePassword()

registerCustomer

@Transactional(value="blTransactionManager")
public Customer registerCustomer(Customer customer,
                                                                              String password,
                                                                              String passwordConfirm)

Specified by:

registerCustomer in interface CustomerService

createRegisteredCustomerRoles

public void createRegisteredCustomerRoles(Customer customer)

Description copied from interface: CustomerService

Subclassed implementations can assign unique roles for various customer types

Specified by:

createRegisteredCustomerRoles in interface CustomerService

Parameters:

customer - Customer to create roles for

readCustomerByEmail

public Customer readCustomerByEmail(String emailAddress)

Specified by:

readCustomerByEmail in interface CustomerService

changePassword

@Transactional(value="blTransactionManager")
public Customer changePassword(PasswordChange passwordChange)

Specified by:

changePassword in interface CustomerService

resetPassword

@Transactional(value="blTransactionManager")
public Customer resetPassword(PasswordReset passwordReset)

Specified by:

resetPassword in interface CustomerService

addPostRegisterListener

public void addPostRegisterListener(PostRegistrationObserver postRegisterListeners)

Specified by:

addPostRegisterListener in interface CustomerService

removePostRegisterListener

public void removePostRegisterListener(PostRegistrationObserver postRegisterListeners)

Specified by:

removePostRegisterListener in interface CustomerService

notifyPostRegisterListeners

protected void notifyPostRegisterListeners(Customer customer)

createCustomer

public Customer createCustomer()

Specified by:

createCustomer in interface CustomerService

createCustomerFromId

public Customer createCustomerFromId(Long customerId)

Description copied from interface: CustomerService

Returns a Customer by first looking in the database, otherwise creating a new non-persisted Customer

Specified by:

createCustomerFromId in interface CustomerService

Parameters:

customerId - the id of the customer to lookup

findNextCustomerId

public Long findNextCustomerId()

Description copied from interface: CustomerService

Allow customers to call from subclassed service.

Specified by:

findNextCustomerId in interface CustomerService

Returns:

the next customerId to be used

createNewCustomer

public Customer createNewCustomer()

Description copied from interface: CustomerService

Returns a non-persisted Customer. Typically used with registering a new customer.

Specified by:

createNewCustomer in interface CustomerService

deleteCustomer

public void deleteCustomer(Customer customer)

Description copied from interface: CustomerService

Delete the customer entity from the persistent store

Specified by:

deleteCustomer in interface CustomerService

Parameters:

customer - the customer entity to remove

readCustomerByUsername

public Customer readCustomerByUsername(String username)

Specified by:

readCustomerByUsername in interface CustomerService

readCustomerByUsername

public Customer readCustomerByUsername(String username,
                                       Boolean cacheable)

Specified by:

readCustomerByUsername in interface CustomerService

readCustomerById

public Customer readCustomerById(Long id)

Specified by:

readCustomerById in interface CustomerService

readCustomerByExternalId

public Customer readCustomerByExternalId(String userExternalId)

Specified by:

readCustomerByExternalId in interface CustomerService

setCustomerDao

public void setCustomerDao(CustomerDao customerDao)

encodePassword

public String encodePassword(String rawPassword)

Description copied from interface: CustomerService

Encodes the clear text parameter, using the salt provided by PasswordEncoder. Does not change the customer properties. This method only encodes the password and returns the encoded result.

This method can only be called once per password. The salt is randomly generated internally in the PasswordEncoder and appended to the hash to provide the resulting encoded password. Once this has been called on a password, going forward all checks for authenticity must be done by CustomerService.isPasswordValid(String, String) as encoding the same password twice will result in different encoded passwords.

Specified by:

encodePassword in interface CustomerService

Parameters:

rawPassword - the unencoded password

Returns:

the encoded password

isPasswordValid

public boolean isPasswordValid(String rawPassword,
                               String encodedPassword)

Description copied from interface: CustomerService

Determines if a password is valid by comparing it to the encoded string, salting is handled internally to the PasswordEncoder.

This method must always be called to verify if a password is valid after the original encoded password is generated due to PasswordEncoder randomly generating salts internally and appending them to the resulting hash.

Specified by:

isPasswordValid in interface CustomerService

Parameters:

rawPassword - the unencoded password

encodedPassword - the encoded password to compare against

Returns:

true if the unencoded password matches the encoded password, false otherwise

customerPassesCustomerRule

public boolean customerPassesCustomerRule(Customer customer,
                                          CustomerRuleHolder customerRuleHolder)

Description copied from interface: CustomerService

Determines if the given customer passes the MVEL customer rule

Specified by:

customerPassesCustomerRule in interface CustomerService

customerRuleHolder - an MVEL rule targeting Customers

Returns:

true if the customer passes the rule, false otherwise

buildCustomerRuleParams

protected Map<String,Object> buildCustomerRuleParams(Customer customer)

getPasswordResetHandlers

public List<PasswordUpdatedHandler> getPasswordResetHandlers()

Specified by:

getPasswordResetHandlers in interface CustomerService

setPasswordResetHandlers

public void setPasswordResetHandlers(List<PasswordUpdatedHandler> passwordResetHandlers)

Specified by:

setPasswordResetHandlers in interface CustomerService

getPasswordChangedHandlers

public List<PasswordUpdatedHandler> getPasswordChangedHandlers()

Specified by:

getPasswordChangedHandlers in interface CustomerService

setPasswordChangedHandlers

public void setPasswordChangedHandlers(List<PasswordUpdatedHandler> passwordChangedHandlers)

Specified by:

setPasswordChangedHandlers in interface CustomerService

sendForgotUsernameNotification

@Transactional(value="blTransactionManager")
public GenericResponse sendForgotUsernameNotification(String emailAddress)

Description copied from interface: CustomerService

Looks up the corresponding Customer and emails the address on file with the associated username.

Specified by:

sendForgotUsernameNotification in interface CustomerService

Parameters:

emailAddress - user's email address

Returns:

Response can contain errors including (notFound)

sendForgotPasswordNotification

@Transactional(value="blTransactionManager")
public GenericResponse sendForgotPasswordNotification(String username,
                                                                                                   String resetPasswordUrl)

Description copied from interface: CustomerService

Generates an access token and then emails the user.

Specified by:

sendForgotPasswordNotification in interface CustomerService

Parameters:

username - - the user to send a reset password email to.

resetPasswordUrl - - Base url to include in the email.

Returns:

Response can contain errors including (invalidEmail, invalidUsername, inactiveUser)

sendForcedPasswordChangeNotification

@Transactional(value="blTransactionManager")
public GenericResponse sendForcedPasswordChangeNotification(String username,
                                                                                                         String resetPasswordUrl)

Description copied from interface: CustomerService

Generates an access token and then emails the user.

Specified by:

sendForcedPasswordChangeNotification in interface CustomerService

Parameters:

username - - the user to send a reset password email to.

resetPasswordUrl - - Base url to include in the email.

Returns:

Response can contain errors including (invalidEmail, invalidUsername, inactiveUser)

checkPasswordResetToken

public GenericResponse checkPasswordResetToken(String token,
                                               Customer customer)

Description copied from interface: CustomerService

Verifies that a customer has a valid token.

Specified by:

checkPasswordResetToken in interface CustomerService

Parameters:

token - password reset token

customer - Customer who owns the token

Returns:

Response can contain errors including (invalidToken, tokenUsed, and tokenExpired)

checkPasswordResetToken

protected CustomerForgotPasswordSecurityToken checkPasswordResetToken(String token,
                                                                      Customer customer,
                                                                      GenericResponse response)

resetPasswordUsingToken

@Transactional(value="blTransactionManager")
public GenericResponse resetPasswordUsingToken(String username,
                                                                                            String token,
                                                                                            String password,
                                                                                            String confirmPassword)

Description copied from interface: CustomerService

Updates the password for the passed in customer only if the passed in token is valid for that customer.

Specified by:

resetPasswordUsingToken in interface CustomerService

Parameters:

username - Username of the customer

token - Valid reset token

password - new password

Returns:

Response can contain errors including (invalidUsername, inactiveUser, invalidToken, invalidPassword, tokenExpired)

invalidateAllTokensForCustomer

protected void invalidateAllTokensForCustomer(Customer customer)

checkCustomer

protected void checkCustomer(Customer customer,
                             GenericResponse response)

checkPassword

protected void checkPassword(String password,
                             String confirmPassword,
                             GenericResponse response)

isTokenExpired

protected boolean isTokenExpired(CustomerForgotPasswordSecurityToken fpst)

sendEmail

protected void sendEmail(String emailAddress,
                         EmailInfo emailInfo,
                         Map<String,Object> props)

getTokenExpiredMinutes

public int getTokenExpiredMinutes()

setTokenExpiredMinutes

public void setTokenExpiredMinutes(int tokenExpiredMinutes)

getPasswordTokenLength

public int getPasswordTokenLength()

setPasswordTokenLength

public void setPasswordTokenLength(int passwordTokenLength)

getForgotPasswordEmailInfo

public EmailInfo getForgotPasswordEmailInfo()

setForgotPasswordEmailInfo

public void setForgotPasswordEmailInfo(EmailInfo forgotPasswordEmailInfo)

getForgotUsernameEmailInfo

public EmailInfo getForgotUsernameEmailInfo()

setForgotUsernameEmailInfo

public void setForgotUsernameEmailInfo(EmailInfo forgotUsernameEmailInfo)

getRegistrationEmailInfo

public EmailInfo getRegistrationEmailInfo()

setRegistrationEmailInfo

public void setRegistrationEmailInfo(EmailInfo registrationEmailInfo)

getChangePasswordEmailInfo

public EmailInfo getChangePasswordEmailInfo()

setChangePasswordEmailInfo

public void setChangePasswordEmailInfo(EmailInfo changePasswordEmailInfo)

readBatchCustomers

public List<Customer> readBatchCustomers(int start,
                                         int pageSize)

Specified by:

readBatchCustomers in interface CustomerService

readNumberOfCustomers

public Long readNumberOfCustomers()

Specified by:

readNumberOfCustomers in interface CustomerService