/** * Validates web service credentials * * @param locale * @param credentials * @throws ServiceException */ private void validateCredentials(Locale locale, WebServiceCredentials credentials) throws ServiceException { MessageSource messageSource = (MessageSource) SpringUtil.getBean("messageSource"); try { int merchantId = credentials.getMerchantId(); String k = EncryptionUtil.generatekey(String.valueOf(merchantId)); String apiKeyGen = EncryptionUtil.encrypt(k, String.valueOf(merchantId)); if (StringUtils.isBlank(apiKeyGen) || apiKeyGen.length() < 16) { log.error("Problem with API KEY GENERATION " + apiKeyGen); throw new ServiceException(messageSource.getMessage("errors.technical", null, locale)); } String apiKey = credentials.getApiKey(); if (StringUtils.isBlank(apiKey)) { throw new ServiceException( messageSource.getMessage("messages.error.ws.invalidcredentials", null, locale)); } if (!apiKeyGen.equals(apiKey)) { throw new ServiceException( messageSource.getMessage("messages.error.ws.invalidcredentials", null, locale)); } } catch (Exception e) { if (e instanceof ServiceException) { throw (ServiceException) e; } log.error(e); throw new ServiceException(messageSource.getMessage("errors.technical", null, locale)); } }
/** * Reset a Customer password. Will also send an email the the customer with the new password * * @param customer * @throws Exception */ @Transactional(rollbackFor = {Exception.class}) public void resetCustomerPassword(Customer customer) throws Exception { MerchantService mservice = (MerchantService) ServiceFactory.getService(ServiceFactory.MerchantService); MerchantStore store = mservice.getMerchantStore(customer.getMerchantId()); // MerchantUserInformation minfo = mservice.getMerchantUserInfo(customer // .getMerchantId()); if (!customer.isCustomerAnonymous()) { // generate password PasswordGeneratorModule passwordGenerator = (PasswordGeneratorModule) SpringUtil.getBean("passwordgenerator"); // encrypt String key = EncryptionUtil.generatekey(String.valueOf(SecurityConstants.idConstant)); boolean found = true; String password = null; String encrypted = null; // validate if already exist while (found) { password = passwordGenerator.generatePassword(); encrypted = EncryptionUtil.encrypt(key, password); Customer cfound = customerDao.findByUserNameAndPassword(customer.getCustomerNick(), encrypted); if (cfound == null) { found = false; } } // store in customer customer.setCustomerNick(customer.getCustomerEmailAddress()); customer.setCustomerPassword(encrypted); customerDao.saveOrUptade(customer); // send email String l = config.getString("core.system.defaultlanguage", "en"); if (!StringUtils.isBlank(customer.getCustomerLang())) { l = customer.getCustomerLang(); } LabelUtil lhelper = LabelUtil.getInstance(); String subject = lhelper.getText(l, "label.profile.information"); String info = lhelper.getText(l, "label.email.customer.portalinfo"); String pass = lhelper.getText(l, "label.email.customer.passwordreset.text") + " " + password; // @TODO replace suffix String url = "<a href=\"" + config.getString("core.accountmanagement.portal.url") + "\">" + config.getString("core.accountmanagement.portal.url") + "</a>"; String portalurl = lhelper.getText(l, "label.email.customer.portalurl") + " " + url; Map emailctx = new HashMap(); emailctx.put("EMAIL_STORE_NAME", store.getStorename()); emailctx.put("EMAIL_CUSTOMER_PASSWORD", pass); emailctx.put("EMAIL_CUSTOMER_PORTAL_INFO", info); emailctx.put("EMAIL_CONTACT_OWNER", store.getStoreemailaddress()); CommonService cservice = new CommonService(); cservice.sendHtmlEmail( customer.getCustomerEmailAddress(), subject, store, emailctx, "email_template_password_reset_customer.ftl", customer.getCustomerLang()); } }
@Transactional public boolean changeCustomerPassword(Customer customer, String oldPassword, String newPassword) throws Exception { String key = EncryptionUtil.generatekey(String.valueOf(SecurityConstants.idConstant)); String encrypted = EncryptionUtil.encrypt(key, newPassword); String old = EncryptionUtil.encrypt(key, oldPassword); if (!customer.getCustomerPassword().equals(old)) { return false; } customer.setCustomerPassword(encrypted); MerchantService mservice = (MerchantService) ServiceFactory.getService(ServiceFactory.MerchantService); // MerchantUserInformation minfo = mservice.getMerchantUserInfo(customer // .getMerchantId()); MerchantStore store = mservice.getMerchantStore(customer.getMerchantId()); customerDao.saveOrUptade(customer); // send email String l = config.getString("core.system.defaultlanguage", "en"); if (!StringUtils.isBlank(customer.getCustomerLang())) { l = customer.getCustomerLang(); } LabelUtil lhelper = LabelUtil.getInstance(); String subject = lhelper.getText(l, "label.profile.information"); String info = lhelper.getText(l, "label.email.customer.portalinfo"); String pass = lhelper.getText(l, "label.email.customer.passwordreset.text") + " " + newPassword; // @TODO replace suffix String url = "<a href=\"" + config.getString("core.accountmanagement.portal.url") + "\">" + config.getProperty("core.accountmanagement.portal.url") + "</a>"; String portalurl = lhelper.getText(l, "label.email.customer.portalurl") + " " + url; Map emailctx = new HashMap(); emailctx.put("EMAIL_STORE_NAME", store.getStorename()); emailctx.put("EMAIL_CUSTOMER_PASSWORD", pass); emailctx.put("EMAIL_CUSTOMER_PORTAL_INFO", info); emailctx.put("EMAIL_CUSTOMER_PORTAL_ENTRY", portalurl); emailctx.put("EMAIL_CONTACT_OWNER", store.getStoreemailaddress()); CommonService cservice = new CommonService(); cservice.sendHtmlEmail( customer.getCustomerEmailAddress(), subject, store, emailctx, "email_template_password_reset_customer.ftl", customer.getCustomerLang()); return true; }
@Transactional(rollbackFor = {Exception.class}) public void saveOrUpdateCustomer(Customer customer, SystemUrlEntryType entryType, Locale locale) throws Exception { MerchantService mservice = (MerchantService) ServiceFactory.getService(ServiceFactory.MerchantService); MerchantStore store = mservice.getMerchantStore(customer.getMerchantId()); // MerchantUserInformation minfo = mservice.getMerchantUserInfo(customer // .getMerchantId()); if (entryType == null) { entryType = SystemUrlEntryType.WEB; } // check if email aleady exist boolean isNew = false; if (customer.getCustomerId() == 0) { isNew = true; } if (isNew && !customer.isCustomerAnonymous()) { // generate password PasswordGeneratorModule passwordGenerator = (PasswordGeneratorModule) SpringUtil.getBean("passwordgenerator"); // encrypt String key = EncryptionUtil.generatekey(String.valueOf(SecurityConstants.idConstant)); boolean found = true; String password = null; String encrypted = null; // validate if already exist while (found) { password = passwordGenerator.generatePassword(); encrypted = EncryptionUtil.encrypt(key, password); Customer cfound = customerDao.findByUserNameAndPassword(customer.getCustomerNick(), encrypted); if (cfound == null) { found = false; } } // store in customer customer.setCustomerNick(customer.getCustomerEmailAddress()); customer.setCustomerPassword(encrypted); // send email String l = config.getString("core.system.defaultlanguage", "en"); if (!StringUtils.isBlank(customer.getCustomerLang())) { l = customer.getCustomerLang(); } LabelUtil lhelper = LabelUtil.getInstance(); String subject = lhelper.getText(l, "label.profile.information"); List params = new ArrayList(); params.add(store.getStorename()); String greeting = lhelper.getText(locale, "label.email.customer.greeting", params); String username = lhelper.getText(l, "label.generic.customer.username") + " " + customer.getCustomerNick(); String pass = lhelper.getText(l, "label.generic.customer.password") + " " + password; String info = ""; String portalurl = ""; if (entryType == SystemUrlEntryType.PORTAL) { info = lhelper.getText(l, "label.email.customer.portalinfo"); String url = "<a href=\"" + config.getProperty("core.accountmanagement.portal.url") + "/" + customer.getMerchantId() + "\">" + config.getProperty("core.accountmanagement.portal.url") + "/" + customer.getMerchantId() + "</a>"; portalurl = lhelper.getText(l, "label.email.customer.portalurl") + " " + url; } else { info = lhelper.getText(l, "label.email.customer.webinfo"); String url = "<a href=\"" + ReferenceUtil.buildCatalogUri(store) + "/\">" + ReferenceUtil.buildCatalogUri(store) + "/landing.action?merchantId=" + store.getMerchantId() + "</a>"; portalurl = lhelper.getText(l, "label.email.customer.weburl") + " " + url; } Map emailctx = new HashMap(); emailctx.put("EMAIL_STORE_NAME", store.getStorename()); emailctx.put("EMAIL_CUSTOMER_FIRSTNAME", customer.getCustomerFirstname()); emailctx.put("EMAIL_CUSTOMER_LAST", customer.getCustomerLastname()); emailctx.put("EMAIL_CUSTOMER_USERNAME", username); emailctx.put("EMAIL_CUSTOMER_PASSWORD", pass); emailctx.put("EMAIL_GREETING", greeting); emailctx.put("EMAIL_CUSTOMER_PORTAL_INFO", info); emailctx.put("EMAIL_CUSTOMER_PORTAL_ENTRY", portalurl); emailctx.put("EMAIL_CONTACT_OWNER", store.getStoreemailaddress()); CommonService cservice = new CommonService(); cservice.sendHtmlEmail( customer.getCustomerEmailAddress(), subject, store, emailctx, "email_template_customer.ftl", customer.getCustomerLang()); } customerDao.saveOrUptade(customer); // set CustomerInfo CustomerInfo customerInfo = new CustomerInfo(); customerInfo.setCustomerInfoId(customer.getCustomerId()); int login = customerInfo.getCustomerInfoNumberOfLogon(); customerInfo.setCustomerInfoNumberOfLogon(login++); customerInfo.setCustomerInfoDateOfLastLogon(new Date()); customerInfoDao.saveOrUpdate(customerInfo); }