package com.lechun.basedevss.base.auth;

import com.lechun.basedevss.ServiceResult;
import com.lechun.basedevss.base.log.Logger;
import com.lechun.basedevss.base.util.Encoders;
import com.lechun.basedevss.base.web.QueryParams;
import com.lechun.common.StringFilter;
import java.util.Arrays;
import java.util.Iterator;
import java.util.TreeSet;
import org.apache.commons.lang.Validate;

/* loaded from: input_file:com/lechun/basedevss/base/auth/WebSignatures.class */
public class WebSignatures {
    private static final Logger L = Logger.getLogger(WebSignatures.class);
    private static String[] systemParams = {"_", "app_platform", "app_type", "call_id", "callback", "callbackType", "channel_id", "device_id", "fresh", "frompage", "ip_addr", "language", "location", "sign", "sign_method", "ticket", "url", "user_agent", "USER_FILE", "USER_IMG", "user_type", "version_code"};

    public static String md5Sign(QueryParams queryParams) {
        String str;
        TreeSet treeSet = new TreeSet(queryParams.keySet());
        treeSet.remove("app_type");
        treeSet.remove("user_type");
        treeSet.remove("device_id");
        treeSet.remove("location");
        treeSet.remove("language");
        treeSet.remove("version_code");
        treeSet.remove("user_agent");
        treeSet.remove("app_platform");
        treeSet.remove("call_id");
        treeSet.remove("ticket");
        treeSet.remove("sign");
        treeSet.remove("sign_method");
        treeSet.remove("callback");
        treeSet.remove("fresh");
        treeSet.remove("_");
        treeSet.remove("channel_id");
        treeSet.remove("ip_addr");
        treeSet.remove("url");
        treeSet.remove("frompage");
        treeSet.remove("USER_IMG");
        treeSet.remove("USER_FILE");
        Iterator it = treeSet.iterator();
        String str2 = "";
        while (true) {
            str = str2;
            if (!it.hasNext()) {
                break;
            }
            String obj = it.next().toString();
            str2 = str + obj + "=" + queryParams.getString(obj, "") + "|";
        }
        if (str.lastIndexOf("|") > 0) {
            str = str.substring(0, str.length() - 1);
        }
        return md5Sign(str);
    }

    public static String md5Sign(String str) {
        Validate.notNull(str);
        return Encoders.md5Base64(str);
    }

    public static ServiceResult checkUserParams(QueryParams queryParams) {
        Iterator it = queryParams.keySet().iterator();
        ServiceResult serviceResult = new ServiceResult();
        while (it.hasNext()) {
            String obj = it.next().toString();
            if (Arrays.binarySearch(systemParams, obj) < 0) {
                queryParams.setString(obj.trim(), queryParams.getString(obj, "").trim().replaceAll("'", "’").replaceAll("\"", "”").replaceAll("--", "——").replaceAll("#", "＃").replaceAll("&amp;", "＆").replaceAll("&", "＆"));
                if (!StringFilter.validSql(queryParams.getString(obj, "").trim())) {
                    serviceResult.addErrorMessage(obj.trim() + ":" + queryParams.getString(obj, "").trim() + "，含有非法字符");
                    return serviceResult;
                }
                queryParams.setString(obj.trim(), StringFilter.validXss(queryParams.getString(obj, "").trim()));
            }
        }
        return serviceResult;
    }

    public static String md5MallSign(QueryParams queryParams, String str) {
        String str2;
        TreeSet treeSet = new TreeSet(queryParams.keySet());
        treeSet.remove("app_type");
        treeSet.remove("user_type");
        treeSet.remove("device_id");
        treeSet.remove("location");
        treeSet.remove("language");
        treeSet.remove("version_code");
        treeSet.remove("user_agent");
        treeSet.remove("app_platform");
        treeSet.remove("call_id");
        treeSet.remove("ticket");
        treeSet.remove("sign");
        treeSet.remove("sign_method");
        treeSet.remove("callback");
        treeSet.remove("fresh");
        treeSet.remove("_");
        treeSet.remove("channel_id");
        treeSet.remove("ip_addr");
        treeSet.remove("url");
        treeSet.remove("frompage");
        treeSet.remove("USER_IMG");
        treeSet.remove("USER_FILE");
        treeSet.remove("callbackType");
        treeSet.remove("testId");
        Iterator it = treeSet.iterator();
        String str3 = "";
        while (true) {
            str2 = str3;
            if (!it.hasNext()) {
                break;
            }
            String obj = it.next().toString();
            str3 = str2 + obj.trim() + ":" + queryParams.getString(obj, "").trim().replace(" ", "").replace("&", "＆") + ",";
        }
        if (str2.lastIndexOf(",") > 0) {
            str2 = str2.substring(0, str2.length() - 1);
        }
        return Encoders.md5Hex(str2 + "_" + str).toLowerCase();
    }
}
