Release Notes for 1.7.0-GA

Table of Contents

Requirements
New Features & Notable Changes
Bug Fixes
Upgrade Guide

Requirements

JDK 11 is now required for Broadleaf release trains 1.7.0-GA, and beyond.

New Features & Notable Changes

Feature/Notable Change Related Services Links

Feature/Notable Change	Related Services	Links
Update PaymentAccount domain to better parallel the updated Payment domain.	CustomerServices, PaymentTransactionServices	Customer Services Data Model
Update CustomerPaymentAccountEndpoint response payloads to exclude the `PaymentAccount#paymentGatewayProperties`	CustomerServices
Update CreatePaymentAccountEventListener to gather saved payment data from PaymentTransactionService	CustomerServices, CartOperationServices, PaymentTransactionServices	Saving a Payment Method for Future Use
Introduce ability to gather saved payment methods from CustomerServices when creating a payment, so that the sensitive payment method data doesn’t have to be passed via the browser	CustomerServices, CartOperationServices, PaymentTransactionServices	Using a Saved Payment Method

Update PaymentAccount domain to better parallel the updated Payment domain.

CustomerServices, PaymentTransactionServices

Customer Services Data Model

Update CustomerPaymentAccountEndpoint response payloads to exclude the PaymentAccount#paymentGatewayProperties

CustomerServices

Update CreatePaymentAccountEventListener to gather saved payment data from PaymentTransactionService

CustomerServices, CartOperationServices, PaymentTransactionServices

Saving a Payment Method for Future Use

Introduce ability to gather saved payment methods from CustomerServices when creating a payment, so that the sensitive payment method data doesn’t have to be passed via the browser

CustomerServices, CartOperationServices, PaymentTransactionServices

Using a Saved Payment Method

Bug Fixes

Issue	Related Services
Fixed index names for Oracle database changelogs	AdminServices, AuthenticationServices, CartServices, CatalogServices, CustomerServices, ImportServices, PromotionServices, SearchServices, OrderServices, SandboxServices, TenantServices, JpaCommon

Issue

Related Services

Fixed index names for Oracle database changelogs

AdminServices, AuthenticationServices, CartServices, CatalogServices, CustomerServices, ImportServices, PromotionServices, SearchServices, OrderServices, SandboxServices, TenantServices, JpaCommon

Upgrade Guide

API Changes

CustomerServices OpenAPI Docs

Additions/Updates Removals

Additions/Updates	Removals
`GET /customers/{customerId}/payment-accounts` Now returns `Page<PaymentAccountSummary>` instead of `Page<PaymentAccount>` `POST /customers/{customerId}/payment-accounts` Now returns `PaymentAccountSummary` instead of `PaymentAccount` `GET /customers/{customerId}/payment-accounts/{paymentAccountId}` Now returns `PaymentAccountSummary` instead of `PaymentAccount` `PATCH /customers/{customerId}/payment-accounts/{paymentAccountId}` Now returns `PaymentAccountSummary` instead of `PaymentAccount` `GET /payment-accounts/{paymentAccountId}` The endpoint that is used by PaymentTransactionServices to gather the saved payments, including the `paymentGatewayProperties`

GET /customers/{customerId}/payment-accounts
- Now returns Page<PaymentAccountSummary> instead of Page<PaymentAccount>
POST /customers/{customerId}/payment-accounts
- Now returns PaymentAccountSummary instead of PaymentAccount
GET /customers/{customerId}/payment-accounts/{paymentAccountId}
- Now returns PaymentAccountSummary instead of PaymentAccount
PATCH /customers/{customerId}/payment-accounts/{paymentAccountId}
- Now returns PaymentAccountSummary instead of PaymentAccount
GET /payment-accounts/{paymentAccountId}
- The endpoint that is used by PaymentTransactionServices to gather the saved payments, including the paymentGatewayProperties

Liquibase Change Sets

Create/Update SQL	Drop SQL
PostgreSQL changelog Oracle changelog MySQL changelog MariaDB changelog

Create/Update SQL

Drop SQL

Application Configuration

broadleaf:
  customer:
    paymentprovider:
      url: https://localhost:8476/payment
      sensitive-payments-uri: /sensitive-payments

Note	Default ports for payment provider: Min flex package: `8447` Balanced flex package: `9458` Granular flex package: `8476`

Auth Configuration

Change in default client names for service-to-service communication

The default client configurations have changed for service-to-service communication.

In short, the following properties need to be configured:

spring:
  security:
    oauth2:
      client:
        registration:
          customerclient:
            authorization-grant-type: client_credentials
            client-id: customerclient
            client-secret: customer_secret
        provider:
          customerclient:
            token-uri: https://localhost:8443/oauth/token

For more details on the full scope of these changes, please review the AuthServices release notes.

New Permissions

There are new permissions and scopes for some service OAuth2 clients. Permissions and scopes can be added via admin or sql script.

See AuthServices release notes for more details.

Service	Service ID	New Scopes	New Permissions
Customer Service Client	customerclient	SENSITIVE_PAYMENT	READ_SENSITIVE_PAYMENT
Payment Transaction Service Client	paymenttransactionclient	SENSITIVE_CUSTOMER_PAYMENT_ACCOUNT	READ_SENSITIVE_CUSTOMER_PAYMENT_ACCOUNT

Service

Service ID

New Scopes

New Permissions

Customer Service Client

customerclient

SENSITIVE_PAYMENT

READ_SENSITIVE_PAYMENT

Payment Transaction Service Client

paymenttransactionclient

SENSITIVE_CUSTOMER_PAYMENT_ACCOUNT

READ_SENSITIVE_CUSTOMER_PAYMENT_ACCOUNT