From 1a6ad756c6bce1e32882cf081eaaf59b138bd4fb Mon Sep 17 00:00:00 2001
From: ajaxfan <909938737@qq.com>
Date: Fri, 9 Apr 2021 08:53:33 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E6=AD=A3=E4=BA=86security=E6=8B=A6?=
 =?UTF-8?q?=E6=88=AA=E5=99=A8npe=E9=97=AE=E9=A2=98?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../starter/fallback/UserCenterClientFallback.java     |  2 +-
 .../starter/filter/TokenAuthenticationFilter.java      | 10 ++++++----
 2 files changed, 7 insertions(+), 5 deletions(-)

diff --git a/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/fallback/UserCenterClientFallback.java b/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/fallback/UserCenterClientFallback.java
index 640b672..e183ae5 100644
--- a/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/fallback/UserCenterClientFallback.java
+++ b/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/fallback/UserCenterClientFallback.java
@@ -13,7 +13,7 @@ public class UserCenterClientFallback implements UserCenterClient {
 
 	@Override
 	public SecurityUser getUserInfo() {
-		log.error("Feign connect timeout.");
+		log.error("Feign Fallback.");
 		return new SecurityUser();
 	}
 
diff --git a/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/TokenAuthenticationFilter.java b/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/TokenAuthenticationFilter.java
index 2bf5706..aa921ff 100644
--- a/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/TokenAuthenticationFilter.java
+++ b/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/TokenAuthenticationFilter.java
@@ -1,8 +1,10 @@
 package com.chinaunicom.mall.ebtp.cloud.security.starter.filter;
 
 import java.io.IOException;
+import java.util.Collections;
 import java.util.List;
 import java.util.Objects;
+import java.util.Optional;
 import java.util.stream.Collectors;
 
 import javax.servlet.FilterChain;
@@ -35,7 +37,6 @@ public class TokenAuthenticationFilter extends OncePerRequestFilter {
 
 	private @Autowired UserCenterClient client;
 
-
 	/**
 	 * @param request
 	 * @param response
@@ -77,9 +78,10 @@ public class TokenAuthenticationFilter extends OncePerRequestFilter {
 		SecurityUser securityUser = client.getUserInfo();
 
 		// 根据当前角色设定权限列表
-		List<RoleCodeAuthority> authorities = securityUser.getAuthorityList().stream()
-				.filter(auth -> Objects.equals(auth.getRoleCode(), currentRoleCode))
-				.map(auth -> new RoleCodeAuthority(auth.getRoleCode())).collect(Collectors.toList());
+		List<RoleCodeAuthority> authorities = Optional.ofNullable(securityUser.getAuthorityList()).map(list -> {
+			return list.stream().filter(auth -> Objects.equals(auth.getRoleCode(), currentRoleCode))
+					.map(auth -> new RoleCodeAuthority(auth.getRoleCode())).collect(Collectors.toList());
+		}).orElseGet(() -> Collections.emptyList());
 
 		return new UsernamePasswordAuthenticationToken(securityUser.setCurrentRoleCode(currentRoleCode), token,
 				authorities);