增加json key 排序的方法，解决摘要签名顺序引起的验签失败问题

mall-common/src/main/java/com/suisung/mall/common/utils/CommonUtil.java

@@ -2,6 +2,7 @@ package com.suisung.mall.common.utils;
 
 import cn.hutool.core.util.ObjectUtil;
 import cn.hutool.core.util.StrUtil;
+import cn.hutool.json.JSONObject;
 import com.suisung.mall.common.api.StateCode;
 import com.suisung.mall.common.exception.ApiException;
 import org.apache.commons.codec.binary.Base64;
@@ -290,6 +291,18 @@ public class CommonUtil {
         }
     }
 
+    /**
+     * 生成 md 摘要通用签名（参考了顺丰同城的做法）
+     *
+     * @param postData JSON 对象的 key 做了排序
+     * @param appId
+     * @param appKey
+     * @return
+     */
+    public static String generateOpenSign(JSONObject postData, String appId, String appKey) {
+        return generateOpenSign(JsonUtil.sortJsonObjectByKeyAsc(postData).toString(), appId, appKey);
+    }
+
     /**
      * 验证MD5摘要签名
      *
@@ -314,6 +327,19 @@ public class CommonUtil {
         return sign.equals(sn);
     }
 
+    /**
+     * 验证MD5摘要签名
+     *
+     * @param sign
+     * @param postData JSON 对象的 key 做了排序
+     * @param appId
+     * @param appKey
+     * @return
+     */
+    public static boolean checkOpenSign(String sign, JSONObject postData, String appId, String appKey) {
+        return checkOpenSign(sign, JsonUtil.sortJsonObjectByKeyAsc(postData).toString(), appId, appKey);
+    }
+
     /**
      * 检查分账比例的数值是否在 0.00-100.00 范围内
      *

mall-common/src/main/java/com/suisung/mall/common/utils/JsonUtil.java

@@ -10,6 +10,7 @@ import org.slf4j.LoggerFactory;
 
 import java.io.IOException;
 import java.util.List;
+import java.util.TreeMap;
 
 /**
  * json转换工具类
@@ -106,4 +107,31 @@ public class JsonUtil {
             }
         }
     }
+
+    /**
+     * 高性能JSONObject按key升序排序（asc）
+     * 利用TreeMap天然有序特性，减少中间集合操作
+     */
+    public static JSONObject sortJsonObjectByKeyAsc(JSONObject jsonObject) {
+        if (jsonObject == null || jsonObject.isEmpty()) {
+            return new JSONObject();
+        }
+
+        // 直接转换为TreeMap（自动按key升序），减少中间集合创建
+        TreeMap<String, Object> sortedMap = new TreeMap<>(jsonObject);
+
+        // 直接基于有序Map构造JSONObject（Hutool支持Map构造）
+        return new JSONObject(sortedMap);
+    }
+
+
+    public static void main(String[] args) {
+        JSONObject jsonObject = new JSONObject();
+        jsonObject.put("b", "2");
+        jsonObject.put("a", "1");
+        jsonObject.put("c", "3");
+        jsonObject.put("a", "2");
+        jsonObject.put("A", "1");
+        System.out.println(sortJsonObjectByKeyAsc(jsonObject));
+    }
 }

mall-shop/src/main/java/com/suisung/mall/shop/order/service/impl/ShopOrderBaseServiceImpl.java

@@ -8613,6 +8613,7 @@ public class ShopOrderBaseServiceImpl extends BaseServiceImpl<ShopOrderBaseMappe
                 Collections.singletonList(StateCode.DELIVERY_TYPE_SAME_CITY),
                 null
         ));
+
         // 同城配送进行中订单数量
         jsonObject.putByPath("same_city_order.progress_count", shopOrderInfoService.getOrderCountByStoreId(storeId,
                 Arrays.asList(StateCode.ORDER_STATE_WAIT_REVIEW, StateCode.ORDER_STATE_WAIT_FINANCE_REVIEW,
@@ -8622,6 +8623,7 @@ public class ShopOrderBaseServiceImpl extends BaseServiceImpl<ShopOrderBaseMappe
                 Collections.singletonList(StateCode.DELIVERY_TYPE_SAME_CITY),
                 null
         ));
+
         // 同城配送超时订单数量
         jsonObject.putByPath("same_city_order.overtime_count", shopOrderInfoService.getOrderCountByStoreId(storeId,
                 Arrays.asList(StateCode.ORDER_STATE_WAIT_REVIEW,
@@ -8650,6 +8652,7 @@ public class ShopOrderBaseServiceImpl extends BaseServiceImpl<ShopOrderBaseMappe
                 Arrays.asList(StateCode.DELIVERY_TYPE_EXPRESS, StateCode.DELIVERY_TYPE_EXP),
                 null
         ));
+
         // 普通物流待支付订单数量
         jsonObject.putByPath("logistics_order.wait_pay_count", shopOrderInfoService.getOrderCountByStoreId(storeId,
                 Collections.singletonList(StateCode.ORDER_STATE_WAIT_PAY),
@@ -8659,6 +8662,7 @@ public class ShopOrderBaseServiceImpl extends BaseServiceImpl<ShopOrderBaseMappe
                 Arrays.asList(StateCode.DELIVERY_TYPE_EXPRESS, StateCode.DELIVERY_TYPE_EXP),
                 null
         ));
+
         // 普通物流待发货订单数量
         jsonObject.putByPath("logistics_order.wait_shipping_count", shopOrderInfoService.getOrderCountByStoreId(storeId,
                 Arrays.asList(StateCode.ORDER_STATE_WAIT_REVIEW,
@@ -8672,6 +8676,7 @@ public class ShopOrderBaseServiceImpl extends BaseServiceImpl<ShopOrderBaseMappe
                 Arrays.asList(StateCode.DELIVERY_TYPE_EXPRESS, StateCode.DELIVERY_TYPE_EXP),
                 null
         ));
+
         // 普通物流待收货订单数量
         jsonObject.putByPath("logistics_order.receiving_count", shopOrderInfoService.getOrderCountByStoreId(storeId,
                 Collections.singletonList(StateCode.ORDER_STATE_SHIPPED),
@@ -8681,6 +8686,7 @@ public class ShopOrderBaseServiceImpl extends BaseServiceImpl<ShopOrderBaseMappe
                 Arrays.asList(StateCode.DELIVERY_TYPE_EXPRESS, StateCode.DELIVERY_TYPE_EXP),
                 null
         ));
+        
         // 普通物流已完成订单数量
         jsonObject.putByPath("logistics_order.finished_count", shopOrderInfoService.getOrderCountByStoreId(storeId,
                 Arrays.asList(StateCode.ORDER_STATE_RECEIVED, StateCode.ORDER_STATE_FINISH),