In my service layer I have method wich updates email:
@Override
public void updateUserEmail(String email, String newEmail, String password) throws InvalidPasswordException, DuplicateEmailException {
Client client = getSpecializedUserByEmail(email);
/*....*/
}
password - is entered by user, but for checking if it matches to real, I must use BCryptPasswordEncoder in my service layer - but it is violation of encapsulation of service layer. I can use checking of password in controller - but it is bad practice. Help please, I will be very grateful)
I'm not sure why you think that using BCryptPasswordEncoder in a service would break encapsulation.
However, if what you mean is that you really want to isolate your service layer from third-party libraries, you can create an interface for encoding the password, and then implement it with your own class that wraps BCryptPasswordEncoder, and inject that implementation into your service object, with the service object only seeing and importing the interface.
That way, your service object is very loosely coupled to the encoder, and the internal implementation of the encoder can be changed without affecting the service object.