Class DefaultUserPasswordService<P extends PasswordToken,U extends User,D extends com.broadleafcommerce.data.tracking.core.mapping.BusinessTypeAware & com.broadleafcommerce.data.tracking.core.mapping.ModelMapperMappable>
java.lang.Object
com.broadleafcommerce.auth.user.service.password.DefaultUserPasswordService<P,U,D>
- All Implemented Interfaces:
UserPasswordService<P,
,U> org.springframework.security.core.userdetails.UserDetailsPasswordService
public class DefaultUserPasswordService<P extends PasswordToken,U extends User,D extends com.broadleafcommerce.data.tracking.core.mapping.BusinessTypeAware & com.broadleafcommerce.data.tracking.core.mapping.ModelMapperMappable>
extends Object
implements UserPasswordService<P,U>
- Author:
- Chad Harchar (charchar)
-
Field Summary
-
Constructor Summary
ConstructorDescriptionDefaultUserPasswordService
(UserService<U> userService, org.springframework.security.crypto.password.PasswordEncoder passwordEncoder, UserMessagingService<U> messageService, ResetPasswordFormValidator<P> resetPasswordFormValidator, ChangePasswordFormValidator changePasswordFormValidator, UserLockoutService userLockoutService, PasscodeService<P, U> passcodeService) -
Method Summary
Modifier and TypeMethodDescriptionboolean
changePassword
(ChangePasswordForm changePasswordForm, org.springframework.validation.BindingResult errors) From the providedChangePasswordForm
, attempt to change the user's password.boolean
createResetPasswordToken
(String clientId, String username) Creates a reset password token for the specified user, if they exist.protected boolean
createResetPasswordTokenForUser
(U user, String clientId) boolean
createTokenForUser
(String clientId, String username) Creates a token for the specified user, if they exist.protected ChangePasswordFormValidator
protected U
Retrieve the current (already authenticated) user who is attempting to change their passwordprotected UserMessagingService<U>
protected PasscodeService<P,
U> protected org.springframework.security.crypto.password.PasswordEncoder
protected PasswordValidatorProperties
protected ResetPasswordFormValidator<P>
protected com.broadleafcommerce.common.extension.TypeFactory
getUserByClientIdAndUsername
(String clientId, String username) protected UserLockoutService
protected UserService<U>
protected void
recordPreviousPassword
(U user) Records the current password as aUserHistoricalPassword
prior to setting a new password.boolean
resetPassword
(ResetPasswordForm resetPasswordForm, org.springframework.validation.BindingResult errors) From the providedResetPasswordForm
, attempt to reset the user's password.void
setPasswordValidatorProperties
(PasswordValidatorProperties passwordValidatorProperties) void
setTypeFactory
(com.broadleafcommerce.common.extension.TypeFactory typeFactory) org.springframework.security.core.userdetails.UserDetails
updatePassword
(org.springframework.security.core.userdetails.UserDetails user, String encodedPassword) updatePasswordForUser
(U user, String password, String clientId) Send a password change notification email and update the user's password.Defer to the PasscodeService to validate the password reset token.
-
Field Details
-
RESET_PASSWORD_PURPOSE
- See Also:
-
-
Constructor Details
-
DefaultUserPasswordService
public DefaultUserPasswordService(UserService<U> userService, org.springframework.security.crypto.password.PasswordEncoder passwordEncoder, UserMessagingService<U> messageService, ResetPasswordFormValidator<P> resetPasswordFormValidator, ChangePasswordFormValidator changePasswordFormValidator, UserLockoutService userLockoutService, PasscodeService<P, U> passcodeService)
-
-
Method Details
-
resetPassword
public boolean resetPassword(ResetPasswordForm resetPasswordForm, org.springframework.validation.BindingResult errors) Description copied from interface:UserPasswordService
From the providedResetPasswordForm
, attempt to reset the user's password. If a failure occurs, errors will be populated onBindingResult
and `false` is returned. Otherwise, return `true`.- Specified by:
resetPassword
in interfaceUserPasswordService<P extends PasswordToken,
U extends User> - Parameters:
resetPasswordForm
- The form to use to reset the user's password.errors
- The object to hold any errors that might occur.- Returns:
- Whether the provided
ResetPasswordForm
passed validation in order for the password to be reset.
-
changePassword
public boolean changePassword(ChangePasswordForm changePasswordForm, org.springframework.validation.BindingResult errors) Description copied from interface:UserPasswordService
From the providedChangePasswordForm
, attempt to change the user's password. If a failure occurs, errors will be populated onBindingResult
and `false` is returned. Otherwise, return `true`.- Specified by:
changePassword
in interfaceUserPasswordService<P extends PasswordToken,
U extends User> - Parameters:
changePasswordForm
- The form to use to change the user's password.errors
- The object to hold any errors that might occur.- Returns:
- Whether the provided
ChangePasswordForm
passed validation in order for the password to be changed.
-
createTokenForUser
Description copied from interface:UserPasswordService
Creates a token for the specified user, if they exist.- Specified by:
createTokenForUser
in interfaceUserPasswordService<P extends PasswordToken,
U extends User> - Parameters:
clientId
- TheAuthorizedClient.getId()
to verify againstusername
- The username of the user for which to validate and create a token.- Returns:
- true if token successfully created, else false.
- Throws:
AccountLockedException
- if user is locked and unable to reset their password
-
createResetPasswordToken
public boolean createResetPasswordToken(String clientId, String username) throws AccountLockedException Description copied from interface:UserPasswordService
Creates a reset password token for the specified user, if they exist.- Specified by:
createResetPasswordToken
in interfaceUserPasswordService<P extends PasswordToken,
U extends User> - Parameters:
clientId
- TheAuthorizedClient.getId()
to verify againstusername
- The username of the user for which to validate and create a token.- Returns:
- true if token successfully created, else false.
- Throws:
AccountLockedException
- if user is locked and unable to reset their password
-
createResetPasswordTokenForUser
protected boolean createResetPasswordTokenForUser(U user, String clientId) throws AccountLockedException - Throws:
AccountLockedException
-
useToken
Defer to the PasscodeService to validate the password reset token. If the user has no tokens matching the one provided, this method will returnOptional.empty()
.- Parameters:
user
- The user on which to validate and use the tokentoken
- The token to validate against a password reset
-
updatePassword
public org.springframework.security.core.userdetails.UserDetails updatePassword(org.springframework.security.core.userdetails.UserDetails user, String encodedPassword) - Specified by:
updatePassword
in interfaceorg.springframework.security.core.userdetails.UserDetailsPasswordService
-
updatePasswordForUser
Description copied from interface:UserPasswordService
Send a password change notification email and update the user's password.- Specified by:
updatePasswordForUser
in interfaceUserPasswordService<P extends PasswordToken,
U extends User> - Parameters:
user
- The user who's password to update.password
- The new password for the user.clientId
- The clientId from the request.- Returns:
- The updated user.
-
getCurrentlyAuthenticatedUser
Retrieve the current (already authenticated) user who is attempting to change their password- Returns:
- the current (already authenticated) user who is attempting to change their password
-
getUserByClientIdAndUsername
-
recordPreviousPassword
Records the current password as aUserHistoricalPassword
prior to setting a new password.- Parameters:
user
- The user whose password is getting updated
-
getUserService
-
getPasswordEncoder
protected org.springframework.security.crypto.password.PasswordEncoder getPasswordEncoder() -
getMessageService
-
getResetPasswordFormValidator
-
getChangePasswordFormValidator
-
getUserLockoutService
-
getPasscodeService
-
getPasswordValidatorProperties
-
setPasswordValidatorProperties
@Autowired public void setPasswordValidatorProperties(PasswordValidatorProperties passwordValidatorProperties) -
getTypeFactory
protected com.broadleafcommerce.common.extension.TypeFactory getTypeFactory() -
setTypeFactory
@Autowired public void setTypeFactory(com.broadleafcommerce.common.extension.TypeFactory typeFactory)
-