package com.izhaowo.cloud.resolver;

import cn.hutool.core.util.ArrayUtil;
import cn.hutool.core.util.StrUtil;
import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
import javax.servlet.http.HttpServletRequest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.core.MethodParameter;
import org.springframework.stereotype.Service;
import org.springframework.web.bind.support.WebDataBinderFactory;
import org.springframework.web.context.request.NativeWebRequest;
import org.springframework.web.method.support.HandlerMethodArgumentResolver;
import org.springframework.web.method.support.ModelAndViewContainer;

@Service
/* loaded from: input_file:com/izhaowo/cloud/resolver/SqlFilterArgumentResolver.class */
public class SqlFilterArgumentResolver implements HandlerMethodArgumentResolver {
    private static final Logger log = LoggerFactory.getLogger(SqlFilterArgumentResolver.class);
    private static final String[] KEYWORDS = {"master", "truncate", "insert", "select", "delete", "update", "declare", "alter", "drop", "sleep"};

    public boolean supportsParameter(MethodParameter methodParameter) {
        return methodParameter.getParameterType().equals(Page.class);
    }

    public Object resolveArgument(MethodParameter methodParameter, ModelAndViewContainer modelAndViewContainer, NativeWebRequest nativeWebRequest, WebDataBinderFactory webDataBinderFactory) {
        HttpServletRequest httpServletRequest = (HttpServletRequest) nativeWebRequest.getNativeRequest(HttpServletRequest.class);
        String[] parameterValues = httpServletRequest.getParameterValues("ascs");
        String[] parameterValues2 = httpServletRequest.getParameterValues("descs");
        String parameter = httpServletRequest.getParameter("current");
        String parameter2 = httpServletRequest.getParameter("size");
        Page page = new Page();
        if (StrUtil.isNotBlank(parameter)) {
            page.setCurrent(Long.parseLong(parameter));
        }
        if (StrUtil.isNotBlank(parameter2)) {
            page.setSize(Long.parseLong(parameter2));
        }
        page.setAsc(sqlInject(parameterValues));
        page.setDesc(sqlInject(parameterValues2));
        return page;
    }

    public static String[] sqlInject(String[] strArr) {
        if (ArrayUtil.isEmpty(strArr)) {
            return null;
        }
        String lowerCase = ArrayUtil.join(strArr, ",").toLowerCase();
        for (String str : KEYWORDS) {
            if (lowerCase.contains(str)) {
                log.error("查询包含非法字符 {}", str);
                throw new RuntimeException(str + "包含非法字符");
            }
        }
        return strArr;
    }
}
