Class DefaultGuestCartProtectionService
java.lang.Object
com.broadleafcommerce.cartoperation.service.DefaultGuestCartProtectionService
- All Implemented Interfaces:
GuestCartProtectionService
Default implementation of
GuestCartProtectionService
that clears typical customer
information and utilizes CartProvider
for storing guest tokens.- Author:
- Nick Crum (ncrum)
-
Field Summary
-
Constructor Summary
ConstructorDescriptionDefaultGuestCartProtectionService
(GuestTokenProvider tokenProvider, GuestTokenGenerator tokenGenerator, PaymentProvider<PaymentSummary> paymentProvider) -
Method Summary
Modifier and TypeMethodDescriptioncom.broadleafcommerce.cart.client.domain.Cart
clearCustomerInformation
(@NonNull com.broadleafcommerce.cart.client.domain.Cart cart) Deprecated.com.broadleafcommerce.cart.client.domain.Cart
clearCustomerInformation
(@NonNull com.broadleafcommerce.cart.client.domain.Cart cart, com.broadleafcommerce.data.tracking.core.context.ContextInfo contextInfo) If theCart
contains payment data, then this method should clone the original cart & remove any sensitive customer data.protected void
clearCustomerPayments
(String cartId, com.broadleafcommerce.data.tracking.core.context.ContextInfo contextInfo) com.broadleafcommerce.cart.client.domain.GuestToken
createGuestToken
(@NonNull String cartId, com.broadleafcommerce.data.tracking.core.context.ContextInfo contextInfo) Creates a new guest token for the cart with the provided ID.protected CartProvider
protected CsrCartOperationService
protected PaymentProvider<PaymentSummary>
protected GuestTokenGenerator
protected GuestTokenProvider
protected boolean
isCustomerMutabilityBlocked
(@NonNull PaymentSummary paymentSummary) protected boolean
isTokenExpired
(com.broadleafcommerce.cart.client.domain.GuestToken retrieved) void
setCartProvider
(CartProvider cartProvider) void
setCsrCartOpService
(CsrCartOperationService csrCartOpService) com.broadleafcommerce.cart.client.domain.GuestToken
validateGuestToken
(@NonNull String cartId, @NonNull String guestToken, com.broadleafcommerce.data.tracking.core.context.ContextInfo contextInfo) Validates the provided guest token string for the given cart ID.
-
Field Details
-
INVALID_GUEST_TOKEN_FMT
- See Also:
-
-
Constructor Details
-
DefaultGuestCartProtectionService
public DefaultGuestCartProtectionService(GuestTokenProvider tokenProvider, GuestTokenGenerator tokenGenerator, PaymentProvider<PaymentSummary> paymentProvider)
-
-
Method Details
-
clearCustomerInformation
public com.broadleafcommerce.cart.client.domain.Cart clearCustomerInformation(@NonNull @NonNull com.broadleafcommerce.cart.client.domain.Cart cart, @Nullable com.broadleafcommerce.data.tracking.core.context.ContextInfo contextInfo) Description copied from interface:GuestCartProtectionService
If theCart
contains payment data, then this method should clone the original cart & remove any sensitive customer data. Otherwise, this method will remove any sensitive customer data and return the existing cart. Due to this method's archival/sanitization of related entities like cart payments, this method should also handle updating the cart status fromDefaultCartStatuses.AWAITING_PAYMENT_FINALIZATION
toDefaultCartStatuses.IN_PROCESS
. The clearing of guest customer PII signals that payment finalization is no longer available, & the previously validated cart can no longer be deemed "ready for checkout" until it once again passes the validation contained within the checkout workflow.- Specified by:
clearCustomerInformation
in interfaceGuestCartProtectionService
- Parameters:
cart
- the cart to clearcontextInfo
- the context info- Returns:
- Either the original cart or a cloned cart that has been cleansed of customer data.
-
clearCustomerInformation
public com.broadleafcommerce.cart.client.domain.Cart clearCustomerInformation(@NonNull @NonNull com.broadleafcommerce.cart.client.domain.Cart cart) Deprecated.in favor ofclearCustomerInformation(Cart, ContextInfo)
. This method should become protected, rather than public in the future.Description copied from interface:GuestCartProtectionService
Clears customer information from the provided cart. This is typically used to filter out personal information from a guest cart when a guest token is not present, or when generating a new guest token.Note, this method will not persist any changes to the cart. Instead,
CartOperationService.updateCart(Cart, boolean, boolean, boolean, ContextInfo)
should be used to save the cart if the changes are meant to be permanent.- Specified by:
clearCustomerInformation
in interfaceGuestCartProtectionService
- Parameters:
cart
- the cart to clear
-
createGuestToken
public com.broadleafcommerce.cart.client.domain.GuestToken createGuestToken(@NonNull @NonNull String cartId, @Nullable com.broadleafcommerce.data.tracking.core.context.ContextInfo contextInfo) Description copied from interface:GuestCartProtectionService
Creates a new guest token for the cart with the provided ID. This typically creates or replaces a token within a token store for the given cart ID, and returns the resulting token details.- Specified by:
createGuestToken
in interfaceGuestCartProtectionService
- Parameters:
cartId
- the cart IDcontextInfo
- the context info- Returns:
- the token details
-
validateGuestToken
public com.broadleafcommerce.cart.client.domain.GuestToken validateGuestToken(@NonNull @NonNull String cartId, @NonNull @NonNull String guestToken, @Nullable com.broadleafcommerce.data.tracking.core.context.ContextInfo contextInfo) Description copied from interface:GuestCartProtectionService
Validates the provided guest token string for the given cart ID. This typically retrieves a the token details from a token store using the cart ID, and verifies they match up with the provided token string. If verified, this will return the token details. If not verified, this will throw aGuestTokenValidationException
indicating the token failed to validate.- Specified by:
validateGuestToken
in interfaceGuestCartProtectionService
- Parameters:
cartId
- the cart IDguestToken
- the guest token stringcontextInfo
- the context info- Returns:
- the verified token details
-
clearCustomerPayments
protected void clearCustomerPayments(String cartId, @Nullable com.broadleafcommerce.data.tracking.core.context.ContextInfo contextInfo) -
isCustomerMutabilityBlocked
-
isTokenExpired
protected boolean isTokenExpired(com.broadleafcommerce.cart.client.domain.GuestToken retrieved) -
getTokenProvider
-
getTokenGenerator
-
getCsrCartOpService
-
setCsrCartOpService
-
getCartProvider
-
setCartProvider
-
getPaymentProvider
-
clearCustomerInformation(Cart, ContextInfo)
.