org.broadleafcommerce.profile.core.service

Class CustomerServiceImpl

java.lang.Object

org.broadleafcommerce.profile.core.service.CustomerServiceImpl

All Implemented Interfaces:

CustomerService

@Service(value="blCustomerService")
public class CustomerServiceImpl
extends Object
implements CustomerService

Field Summary

Fields

Modifier and Type	Field and Description
protected EmailInfo	changePasswordEmailInfo
protected CustomerDao	customerDao
protected CustomerForgotPasswordSecurityTokenDao	customerForgotPasswordSecurityTokenDao
protected EmailService	emailService
protected EmailInfo	forgotPasswordEmailInfo
protected EmailInfo	forgotUsernameEmailInfo
protected IdGenerationService	idGenerationService
protected List<PasswordUpdatedHandler>	passwordChangedHandlers
protected org.springframework.security.authentication.encoding.PasswordEncoder	passwordEncoder
protected List<PasswordUpdatedHandler>	passwordResetHandlers
protected int	passwordTokenLength
protected List<PostRegistrationObserver>	postRegisterListeners
protected EmailInfo	registrationEmailInfo
protected RoleDao	roleDao
protected String	salt Deprecated. utilize saltSource instead so that it can be shared between this class as well as Spring's authentication manager
protected org.springframework.security.authentication.dao.SaltSource	saltSource Use a Salt Source ONLY if there's one configured
protected int	tokenExpiredMinutes

Constructor Summary

Constructors

Constructor and Description
CustomerServiceImpl()

Method Summary

Methods

Modifier and Type	Method and Description
void	addPostRegisterListener(PostRegistrationObserver postRegisterListeners)
Customer	changePassword(PasswordChange passwordChange)
protected void	checkCustomer(Customer customer, GenericResponse response)
protected void	checkPassword(String password, String confirmPassword, GenericResponse response)
GenericResponse	checkPasswordResetToken(String token) Verifies that the passed in token is valid.
protected CustomerForgotPasswordSecurityToken	checkPasswordResetToken(String token, GenericResponse response)
Customer	createCustomer()
Customer	createCustomerFromId(Long customerId) Returns a Customer by first looking in the database, otherwise creating a new non-persisted Customer
Customer	createNewCustomer() Returns a non-persisted Customer.
void	createRegisteredCustomerRoles(Customer customer) Subclassed implementations can assign unique roles for various customer types
void	deleteCustomer(Customer customer) Delete the customer entity from the persistent store
String	encodePassword(String clearText, Customer customer) Encodes the clear text parameter, using the customer as a potential Salt.
Long	findNextCustomerId() Allow customers to call from subclassed service.
protected String	generateSecurePassword()
EmailInfo	getChangePasswordEmailInfo()
EmailInfo	getForgotPasswordEmailInfo()
EmailInfo	getForgotUsernameEmailInfo()
List<PasswordUpdatedHandler>	getPasswordChangedHandlers()
List<PasswordUpdatedHandler>	getPasswordResetHandlers()
int	getPasswordTokenLength()
EmailInfo	getRegistrationEmailInfo()
String	getSalt() Deprecated.
Object	getSalt(Customer customer) Deprecated. use getSalt(Customer, String) instead
Object	getSalt(Customer customer, String unencodedPassword) Optionally provide a salt based on a customer.
org.springframework.security.authentication.dao.SaltSource	getSaltSource() Returns the SaltSource used with the blPasswordEncoder to encrypt the user password.
int	getTokenExpiredMinutes()
boolean	isPasswordValid(String rawPassword, String encodedPassword, Customer customer) Use this to determine if passwords match.
protected boolean	isTokenExpired(CustomerForgotPasswordSecurityToken fpst)
protected void	notifyPostRegisterListeners(Customer customer)
Customer	readCustomerByEmail(String emailAddress)
Customer	readCustomerById(Long id)
Customer	readCustomerByUsername(String username)
Customer	readCustomerByUsername(String username, Boolean cacheable)
Customer	registerCustomer(Customer customer, String password, String passwordConfirm)
void	removePostRegisterListener(PostRegistrationObserver postRegisterListeners)
Customer	resetPassword(PasswordReset passwordReset)
GenericResponse	resetPasswordUsingToken(String username, String token, String password, String confirmPassword) Updates the password for the passed in customer only if the passed in token is valid for that customer.
Customer	saveCustomer(Customer customer)
Customer	saveCustomer(Customer customer, boolean register)
GenericResponse	sendForgotPasswordNotification(String username, String resetPasswordUrl) Generates an access token and then emails the user.
GenericResponse	sendForgotUsernameNotification(String emailAddress) Looks up the corresponding Customer and emails the address on file with the associated username.
void	setChangePasswordEmailInfo(EmailInfo changePasswordEmailInfo)
void	setCustomerDao(CustomerDao customerDao)
void	setForgotPasswordEmailInfo(EmailInfo forgotPasswordEmailInfo)
void	setForgotUsernameEmailInfo(EmailInfo forgotUsernameEmailInfo)
void	setPasswordChangedHandlers(List<PasswordUpdatedHandler> passwordChangedHandlers)
void	setPasswordEncoder(org.springframework.security.authentication.encoding.PasswordEncoder passwordEncoder)
void	setPasswordResetHandlers(List<PasswordUpdatedHandler> passwordResetHandlers)
void	setPasswordTokenLength(int passwordTokenLength)
void	setRegistrationEmailInfo(EmailInfo registrationEmailInfo)
void	setSalt(String salt) Deprecated.
void	setSaltSource(org.springframework.security.authentication.dao.SaltSource saltSource) Sets the SaltSource used with blPasswordencoder to encrypt the user password.
void	setTokenExpiredMinutes(int tokenExpiredMinutes)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

customerDao

protected CustomerDao customerDao

idGenerationService

protected IdGenerationService idGenerationService

customerForgotPasswordSecurityTokenDao

protected CustomerForgotPasswordSecurityTokenDao customerForgotPasswordSecurityTokenDao

passwordEncoder

protected org.springframework.security.authentication.encoding.PasswordEncoder passwordEncoder

salt

@Deprecated
protected String salt

Deprecated. utilize saltSource instead so that it can be shared between this class as well as Spring's authentication manager

Optional password salt to be used with the passwordEncoder

saltSource

@Autowired(required=false)
@Qualifier(value="blSaltSource")
protected org.springframework.security.authentication.dao.SaltSource saltSource

Use a Salt Source ONLY if there's one configured

roleDao

protected RoleDao roleDao

emailService

protected EmailService emailService

forgotPasswordEmailInfo

protected EmailInfo forgotPasswordEmailInfo

forgotUsernameEmailInfo

protected EmailInfo forgotUsernameEmailInfo

registrationEmailInfo

protected EmailInfo registrationEmailInfo

changePasswordEmailInfo

protected EmailInfo changePasswordEmailInfo

tokenExpiredMinutes

protected int tokenExpiredMinutes

passwordTokenLength

protected int passwordTokenLength

postRegisterListeners

protected final List<PostRegistrationObserver> postRegisterListeners

passwordResetHandlers

protected List<PasswordUpdatedHandler> passwordResetHandlers

passwordChangedHandlers

protected List<PasswordUpdatedHandler> passwordChangedHandlers

Constructor Detail

CustomerServiceImpl

public CustomerServiceImpl()

Method Detail

saveCustomer

@Transactional(value="blTransactionManager")
public Customer saveCustomer(Customer customer)

Specified by:

saveCustomer in interface CustomerService

saveCustomer

@Transactional(value="blTransactionManager")
public Customer saveCustomer(Customer customer,
                                  boolean register)

Specified by:

saveCustomer in interface CustomerService

generateSecurePassword

protected String generateSecurePassword()

registerCustomer

@Transactional(value="blTransactionManager")
public Customer registerCustomer(Customer customer,
                                      String password,
                                      String passwordConfirm)

Specified by:

registerCustomer in interface CustomerService

createRegisteredCustomerRoles

public void createRegisteredCustomerRoles(Customer customer)

Description copied from interface: CustomerService

Subclassed implementations can assign unique roles for various customer types

Specified by:

createRegisteredCustomerRoles in interface CustomerService

readCustomerByEmail

public Customer readCustomerByEmail(String emailAddress)

Specified by:

readCustomerByEmail in interface CustomerService

changePassword

@Transactional(value="blTransactionManager")
public Customer changePassword(PasswordChange passwordChange)

Specified by:

changePassword in interface CustomerService

resetPassword

@Transactional(value="blTransactionManager")
public Customer resetPassword(PasswordReset passwordReset)

Specified by:

resetPassword in interface CustomerService

addPostRegisterListener

public void addPostRegisterListener(PostRegistrationObserver postRegisterListeners)

Specified by:

addPostRegisterListener in interface CustomerService

removePostRegisterListener

public void removePostRegisterListener(PostRegistrationObserver postRegisterListeners)

Specified by:

removePostRegisterListener in interface CustomerService

notifyPostRegisterListeners

protected void notifyPostRegisterListeners(Customer customer)

createCustomer

public Customer createCustomer()

Specified by:

createCustomer in interface CustomerService

createCustomerFromId

public Customer createCustomerFromId(Long customerId)

Description copied from interface: CustomerService

Returns a Customer by first looking in the database, otherwise creating a new non-persisted Customer

Specified by:

createCustomerFromId in interface CustomerService

Parameters:

customerId - the id of the customer to lookup

Returns:

either a Customer from the database if it exists, or a new non-persisted Customer

findNextCustomerId

public Long findNextCustomerId()

Allow customers to call from subclassed service.

Specified by:

findNextCustomerId in interface CustomerService

Returns:

createNewCustomer

public Customer createNewCustomer()

Description copied from interface: CustomerService

Returns a non-persisted Customer. Typically used with registering a new customer.

Specified by:

createNewCustomer in interface CustomerService

deleteCustomer

public void deleteCustomer(Customer customer)

Description copied from interface: CustomerService

Delete the customer entity from the persistent store

Specified by:

deleteCustomer in interface CustomerService

Parameters:

customer - the customer entity to remove

readCustomerByUsername

public Customer readCustomerByUsername(String username)

Specified by:

readCustomerByUsername in interface CustomerService

readCustomerByUsername

public Customer readCustomerByUsername(String username,
                              Boolean cacheable)

Specified by:

readCustomerByUsername in interface CustomerService

readCustomerById

public Customer readCustomerById(Long id)

Specified by:

readCustomerById in interface CustomerService

setCustomerDao

public void setCustomerDao(CustomerDao customerDao)

setPasswordEncoder

public void setPasswordEncoder(org.springframework.security.authentication.encoding.PasswordEncoder passwordEncoder)

getSalt

@Deprecated
public Object getSalt(Customer customer)

Deprecated. use getSalt(Customer, String) instead

Specified by:

getSalt in interface CustomerService

getSalt

public Object getSalt(Customer customer,
             String unencodedPassword)

Optionally provide a salt based on a customer. By default, this returns the salt property

Specified by:

getSalt in interface CustomerService

Parameters:

customer -

Returns:

See Also:

CustomerServiceImpl#getSalt()}

encodePassword

public String encodePassword(String clearText,
                    Customer customer)

Description copied from interface: CustomerService

Encodes the clear text parameter, using the customer as a potential Salt. Does not change the customer properties. This method only encodes the password and returns the encoded result.

Specified by:

encodePassword in interface CustomerService

Returns:

isPasswordValid

public boolean isPasswordValid(String rawPassword,
                      String encodedPassword,
                      Customer customer)

Description copied from interface: CustomerService

Use this to determine if passwords match. Don't encode the password separately since sometimes salts are generated randomly and stored with the password.

Specified by:

isPasswordValid in interface CustomerService

Returns:

getSalt

@Deprecated
public String getSalt()

Deprecated.

Specified by:

getSalt in interface CustomerService

setSalt

@Deprecated
public void setSalt(String salt)

Deprecated.

Specified by:

setSalt in interface CustomerService

getSaltSource

public org.springframework.security.authentication.dao.SaltSource getSaltSource()

Description copied from interface: CustomerService

Returns the SaltSource used with the blPasswordEncoder to encrypt the user password. Usually configured in applicationContext-security.xml. This is not a required property and will return null if not configured

Specified by:

getSaltSource in interface CustomerService

setSaltSource

public void setSaltSource(org.springframework.security.authentication.dao.SaltSource saltSource)

Description copied from interface: CustomerService

Sets the SaltSource used with blPasswordencoder to encrypt the user password. Usually configured within applicationContext-security.xml

Specified by:

setSaltSource in interface CustomerService

getPasswordResetHandlers

public List<PasswordUpdatedHandler> getPasswordResetHandlers()

Specified by:

getPasswordResetHandlers in interface CustomerService

setPasswordResetHandlers

public void setPasswordResetHandlers(List<PasswordUpdatedHandler> passwordResetHandlers)

Specified by:

setPasswordResetHandlers in interface CustomerService

getPasswordChangedHandlers

public List<PasswordUpdatedHandler> getPasswordChangedHandlers()

Specified by:

getPasswordChangedHandlers in interface CustomerService

setPasswordChangedHandlers

public void setPasswordChangedHandlers(List<PasswordUpdatedHandler> passwordChangedHandlers)

Specified by:

setPasswordChangedHandlers in interface CustomerService

sendForgotUsernameNotification

@Transactional(value="blTransactionManager")
public GenericResponse sendForgotUsernameNotification(String emailAddress)

Description copied from interface: CustomerService

Looks up the corresponding Customer and emails the address on file with the associated username.

Specified by:

sendForgotUsernameNotification in interface CustomerService

Returns:

Response can contain errors including (notFound)

sendForgotPasswordNotification

@Transactional(value="blTransactionManager")
public GenericResponse sendForgotPasswordNotification(String username,
                                                           String resetPasswordUrl)

Description copied from interface: CustomerService

Generates an access token and then emails the user.

Specified by:

sendForgotPasswordNotification in interface CustomerService

Parameters:

username - - the user to send a reset password email to.

resetPasswordUrl - - Base url to include in the email.

Returns:

Response can contain errors including (invalidEmail, invalidUsername, inactiveUser)

checkPasswordResetToken

public GenericResponse checkPasswordResetToken(String token)

Description copied from interface: CustomerService

Verifies that the passed in token is valid. Returns responseCodes of "invalidToken", "tokenUsed", and "tokenExpired".

Specified by:

checkPasswordResetToken in interface CustomerService

Returns:

checkPasswordResetToken

protected CustomerForgotPasswordSecurityToken checkPasswordResetToken(String token,
                                                          GenericResponse response)

resetPasswordUsingToken

@Transactional(value="blTransactionManager")
public GenericResponse resetPasswordUsingToken(String username,
                                                    String token,
                                                    String password,
                                                    String confirmPassword)

Description copied from interface: CustomerService

Updates the password for the passed in customer only if the passed in token is valid for that customer.

Specified by:

resetPasswordUsingToken in interface CustomerService

Parameters:

username - Username of the customer

token - Valid reset token

password - new password

Returns:

Response can contain errors including (invalidUsername, inactiveUser, invalidToken, invalidPassword, tokenExpired)

checkCustomer

protected void checkCustomer(Customer customer,
                 GenericResponse response)

checkPassword

protected void checkPassword(String password,
                 String confirmPassword,
                 GenericResponse response)

isTokenExpired

protected boolean isTokenExpired(CustomerForgotPasswordSecurityToken fpst)

getTokenExpiredMinutes

public int getTokenExpiredMinutes()

setTokenExpiredMinutes

public void setTokenExpiredMinutes(int tokenExpiredMinutes)

getPasswordTokenLength

public int getPasswordTokenLength()

setPasswordTokenLength

public void setPasswordTokenLength(int passwordTokenLength)

getForgotPasswordEmailInfo

public EmailInfo getForgotPasswordEmailInfo()

setForgotPasswordEmailInfo

public void setForgotPasswordEmailInfo(EmailInfo forgotPasswordEmailInfo)

getForgotUsernameEmailInfo

public EmailInfo getForgotUsernameEmailInfo()

setForgotUsernameEmailInfo

public void setForgotUsernameEmailInfo(EmailInfo forgotUsernameEmailInfo)

getRegistrationEmailInfo

public EmailInfo getRegistrationEmailInfo()

setRegistrationEmailInfo

public void setRegistrationEmailInfo(EmailInfo registrationEmailInfo)

getChangePasswordEmailInfo

public EmailInfo getChangePasswordEmailInfo()

setChangePasswordEmailInfo

public void setChangePasswordEmailInfo(EmailInfo changePasswordEmailInfo)