package com.xunlei.channel.gateway.pay.channels.qishun;

import com.google.common.base.Strings;
import com.xunlei.channel.db.pojo.PayOrder;
import com.xunlei.channel.gateway.common.utils.MD5Utils;
import com.xunlei.channel.gateway.pay.channels.AbstractChannelService;
import javax.servlet.http.HttpServletRequest;
import net.sf.json.util.JSONUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;

@Service
/* loaded from: input_file:WEB-INF/lib/gateway-pay-1.0.0-SNAPSHOT.jar:com/xunlei/channel/gateway/pay/channels/qishun/QishunService.class */
public class QishunService extends AbstractChannelService {
    private static final String SUCCESS = "1";
    private static final String FAILED = "0";

    @Autowired
    private QishunChannelInfo qishunChannelInfo;
    private static final Logger logger = LoggerFactory.getLogger(QishunService.class);
    private static final String[][] sqlhandles = {new String[]{JSONUtils.SINGLE_QUOTE, "`"}, new String[]{"<", ""}, new String[]{">", ""}};

    public String returnNotify(HttpServletRequest httpServletRequest) {
        String str = "";
        String filterParameter = getFilterParameter(httpServletRequest, "orderid");
        String filterParameter2 = getFilterParameter(httpServletRequest, "tag");
        String filterParameter3 = getFilterParameter(httpServletRequest, "trade_no");
        String filterParameter4 = getFilterParameter(httpServletRequest, "validate");
        try {
            int parseFloat = (int) Float.parseFloat(getFilterParameter(httpServletRequest, "face_value"));
            QishunChannelData qishunChannelData = new QishunChannelData();
            qishunChannelData.setTrandeNo(filterParameter3);
            qishunChannelData.setRmb(parseFloat + "");
            if (isEmpty(filterParameter) || isEmpty(filterParameter2) || isEmpty(filterParameter3) || isEmpty(filterParameter4)) {
                return "0";
            }
            PayOrder payOrderByXunleiPayId = getPayOrderByXunleiPayId(filterParameter);
            if (null == payOrderByXunleiPayId) {
                logger.error("cannot find payOrder with xunleiPayId:{},return success", filterParameter3);
                return "0";
            }
            String extraJson = payOrderByXunleiPayId.getExtraJson();
            if (extraJson == null) {
                return "0";
            }
            if (extraJson.contains("0")) {
                str = this.qishunChannelInfo.getThunderMerchantKey();
            } else if (extraJson.contains("1")) {
                str = this.qishunChannelInfo.getVipMerchantKey();
            }
            String mD5Str = MD5Utils.getMD5Str(("orderid=" + filterParameter + "&tag=" + filterParameter2 + "&trade_no=" + filterParameter3) + str);
            logger.debug("my key is {}, the old key is {}", mD5Str, filterParameter4);
            return (!checkSign(mD5Str, filterParameter4) || null == processPaySuccess(payOrderByXunleiPayId, qishunChannelData)) ? "0" : "1";
        } catch (Exception e) {
            logger.error("unknow error!" + e.getMessage());
            return "0";
        }
    }

    private String getFilterParameter(HttpServletRequest httpServletRequest, String str) {
        String trim = escapeSql(httpServletRequest.getParameter(str)).trim();
        logger.debug("请求参数" + str + "的值是：" + trim);
        return trim;
    }

    private static final String escapeSql(String str) {
        if (str == null) {
            return "";
        }
        for (String[] strArr : sqlhandles) {
            str = str.replaceAll(strArr[0], strArr[1]);
        }
        return str;
    }

    private static boolean isEmpty(String str) {
        return str == null || str.length() == 0;
    }

    private boolean checkSign(String str, String str2) {
        if (null == str || Strings.isNullOrEmpty(str2)) {
            return false;
        }
        if (str.equals(str2)) {
            return true;
        }
        logger.error("the key validate failed! the sign is {} , the signed is {}", str, str2);
        return false;
    }
}
