package cn.org.atool.fluent.mybatis.utility;

import cn.org.atool.fluent.mybatis.mapper.FluentConst;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.stream.Stream;

/* loaded from: input_file:cn/org/atool/fluent/mybatis/utility/SqlInject.class */
public class SqlInject {
    private static final String[] KEYWORDS = {"and", "or", "not", "use", FluentConst.M_Insert, FluentConst.M_delete, "update", "select", FluentConst.M_count, "group", "union", "create", "drop", "truncate", "alter", "grant", "execute", "exec", "xp_cmdshell", "call", "declare", "source", "sql"};
    private static final List<String> DANGER_CHAR = Arrays.asList(StrConstant.SEMICOLON, "--", StrConstant.ASTERISK, "%", "\\", "'", "#", "/");
    private static final Map<Character, List<char[]>> KEYWORD_MAP = initMap(KEYWORDS);
    private static final Map<Character, List<char[]>> DANGER_MAP = initMap((String[]) DANGER_CHAR.toArray(new String[0]));
    private static final String KEYWORD_STR = "[" + String.join(StrConstant.COMMA, KEYWORDS) + "]";
    private static final String DANGER_STR = "[" + String.join(StrConstant.COMMA, DANGER_CHAR) + "]";
    private static final int TO_UPPER = -32;

    private static Map<Character, List<char[]>> initMap(String... strArr) {
        HashMap hashMap = new HashMap(256);
        Stream.of((Object[]) strArr).forEach(str -> {
            char[] charArray = str.toCharArray();
            char lowerCase = Character.toLowerCase(charArray[0]);
            if (!hashMap.containsKey(Character.valueOf(lowerCase))) {
                hashMap.put(Character.valueOf(lowerCase), new ArrayList());
                hashMap.put(Character.valueOf(Character.toUpperCase(lowerCase)), hashMap.get(Character.valueOf(lowerCase)));
            }
            ((List) hashMap.get(Character.valueOf(lowerCase))).add(Arrays.copyOfRange(charArray, 1, charArray.length));
        });
        return hashMap;
    }

    public static String assertNoInject(String str, String str2) {
        if (probablySqlInject(str2)) {
            throw new RuntimeException(str + " can't contain following KeyWord: " + KEYWORD_STR + " or following danger characters: " + DANGER_STR);
        }
        return str2;
    }

    public static boolean probablySqlInject(String str) {
        boolean z;
        if (str == null) {
            return false;
        }
        boolean z2 = true;
        int length = str.length();
        int i = 0;
        for (char c : str.toCharArray()) {
            i++;
            if (isBlank(c)) {
                z = true;
            } else {
                if ((z2 && isKeyWord(str, length, KEYWORD_MAP.get(Character.valueOf(c)), i, false)) || isKeyWord(str, length, DANGER_MAP.get(Character.valueOf(c)), i, true)) {
                    return true;
                }
                z = false;
            }
            z2 = z;
        }
        return false;
    }

    private static boolean isKeyWord(String str, int i, List<char[]> list, int i2, boolean z) {
        if (list == null) {
            return false;
        }
        Iterator<char[]> it = list.iterator();
        while (it.hasNext()) {
            if (isKeyWord(str, i, it.next(), i2, z)) {
                return true;
            }
        }
        return false;
    }

    private static boolean isKeyWord(String str, int i, char[] cArr, int i2, boolean z) {
        int i3 = i2;
        for (char c : cArr) {
            if (i3 >= i) {
                return false;
            }
            char charAt = str.charAt(i3);
            if (c != charAt && c + TO_UPPER != charAt) {
                return false;
            }
            i3++;
        }
        return z || i3 == i || isBlank(str.charAt(i3));
    }

    private static boolean isBlank(char c) {
        return c == ' ' || c == '\t' || c == '\n' || c == '\r' || c == 0;
    }

    public static boolean hasSimpleInject(String str) {
        if (str == null) {
            return false;
        }
        int length = str.length();
        int i = 0;
        for (char c : str.toCharArray()) {
            i++;
            if (isKeyWord(str, length, DANGER_MAP.get(Character.valueOf(c)), i, true)) {
                return true;
            }
        }
        return false;
    }

    public static String assertSimpleNoInject(String str, String str2) {
        if (hasSimpleInject(str2)) {
            throw new RuntimeException(str + " can't contain following string: " + DANGER_STR);
        }
        return str2;
    }
}
