Package com.broadleafcommerce.auth.user.service.password

Class DefaultUserPasswordService<P extends PasswordToken,U extends User,D extends com.broadleafcommerce.data.tracking.core.mapping.BusinessTypeAware & com.broadleafcommerce.data.tracking.core.mapping.ModelMapperMappable>

java.lang.Object
com.broadleafcommerce.auth.user.service.password.DefaultUserPasswordService<P,U,D>
All Implemented Interfaces:
UserPasswordService<P,U>, org.springframework.security.core.userdetails.UserDetailsPasswordService
public class DefaultUserPasswordService<P extends PasswordToken,U extends User,D extends com.broadleafcommerce.data.tracking.core.mapping.BusinessTypeAware & com.broadleafcommerce.data.tracking.core.mapping.ModelMapperMappable> extends Object implements UserPasswordService<P,U>
Author:
Chad Harchar (charchar)

  • Field Details

  • Constructor Details

  • Method Details

    • resetPassword

      public boolean resetPassword(ResetPasswordForm resetPasswordForm, org.springframework.validation.BindingResult errors)
      Description copied from interface: UserPasswordService
      From the provided ResetPasswordForm, attempt to reset the user's password. If a failure occurs, errors will be populated on BindingResult and `false` is returned. Otherwise, return `true`.
      Specified by:
      resetPassword in interface UserPasswordService<P extends PasswordToken,U extends User>
      Parameters:
      resetPasswordForm - The form to use to reset the user's password.
      errors - The object to hold any errors that might occur.
      Returns:
      Whether the provided ResetPasswordForm passed validation in order for the password to be reset.

    • changePassword

      public boolean changePassword(ChangePasswordForm changePasswordForm, org.springframework.validation.BindingResult errors)
      Description copied from interface: UserPasswordService
      From the provided ChangePasswordForm, attempt to change the user's password. If a failure occurs, errors will be populated on BindingResult and `false` is returned. Otherwise, return `true`.
      Specified by:
      changePassword in interface UserPasswordService<P extends PasswordToken,U extends User>
      Parameters:
      changePasswordForm - The form to use to change the user's password.
      errors - The object to hold any errors that might occur.
      Returns:
      Whether the provided ChangePasswordForm passed validation in order for the password to be changed.

    • createTokenForUser

      public boolean createTokenForUser(String clientId, String username) throws AccountLockedException
      Description copied from interface: UserPasswordService
      Creates a token for the specified user, if they exist.
      Specified by:
      createTokenForUser in interface UserPasswordService<P extends PasswordToken,U extends User>
      Parameters:
      clientId - The AuthorizedClient.getId() to verify against
      username - The username of the user for which to validate and create a token.
      Returns:
      true if token successfully created, else false.
      Throws:
      AccountLockedException - if user is locked and unable to reset their password

    • createResetPasswordToken

      public boolean createResetPasswordToken(String clientId, String username) throws AccountLockedException
      Description copied from interface: UserPasswordService
      Creates a reset password token for the specified user, if they exist.
      Specified by:
      createResetPasswordToken in interface UserPasswordService<P extends PasswordToken,U extends User>
      Parameters:
      clientId - The AuthorizedClient.getId() to verify against
      username - The username of the user for which to validate and create a token.
      Returns:
      true if token successfully created, else false.
      Throws:
      AccountLockedException - if user is locked and unable to reset their password

    • createResetPasswordTokenForUser

      protected boolean createResetPasswordTokenForUser(U user, String clientId) throws AccountLockedException
      Throws:
      AccountLockedException

    • useToken

      protected Optional<P> useToken(U user, String token)
      Defer to the PasscodeService to validate the password reset token. If the user has no tokens matching the one provided, this method will return Optional.empty().
      Parameters:
      user - The user on which to validate and use the token
      token - The token to validate against a password reset

    • updatePassword

      public org.springframework.security.core.userdetails.UserDetails updatePassword(org.springframework.security.core.userdetails.UserDetails user, String encodedPassword)
      Specified by:
      updatePassword in interface org.springframework.security.core.userdetails.UserDetailsPasswordService

    • updatePasswordForUser

      public U updatePasswordForUser(U user, String password, String clientId)
      Description copied from interface: UserPasswordService
      Send a password change notification email and update the user's password.
      Specified by:
      updatePasswordForUser in interface UserPasswordService<P extends PasswordToken,U extends User>
      Parameters:
      user - The user who's password to update.
      password - The new password for the user.
      clientId - The clientId from the request.
      Returns:
      The updated user.

    • getCurrentlyAuthenticatedUser

      protected U getCurrentlyAuthenticatedUser()
      Retrieve the current (already authenticated) user who is attempting to change their password
      Returns:
      the current (already authenticated) user who is attempting to change their password

    • getUserByClientIdAndUsername

      protected Optional<U> getUserByClientIdAndUsername(String clientId, String username)

    • recordPreviousPassword

      protected void recordPreviousPassword(@NonNull U user)
      Records the current password as a UserHistoricalPassword prior to setting a new password.
      Parameters:
      user - The user whose password is getting updated

    • getUserService

      protected UserService<U> getUserService()

    • getPasswordEncoder

      protected org.springframework.security.crypto.password.PasswordEncoder getPasswordEncoder()

    • getMessageService

      protected UserMessagingService<U> getMessageService()

    • getResetPasswordFormValidator

      protected ResetPasswordFormValidator<P> getResetPasswordFormValidator()

    • getChangePasswordFormValidator

      protected ChangePasswordFormValidator getChangePasswordFormValidator()

    • getUserLockoutService

      protected UserLockoutService getUserLockoutService()

    • getPasscodeService

      protected PasscodeService<P,U> getPasscodeService()

    • getPasswordValidatorProperties

      protected PasswordValidatorProperties getPasswordValidatorProperties()

    • setPasswordValidatorProperties

      @Autowired public void setPasswordValidatorProperties(PasswordValidatorProperties passwordValidatorProperties)

    • getTypeFactory

      protected com.broadleafcommerce.common.extension.TypeFactory getTypeFactory()

    • setTypeFactory

      @Autowired public void setTypeFactory(com.broadleafcommerce.common.extension.TypeFactory typeFactory)