修正了security拦截器npe问题

mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/fallback/UserCenterClientFallback.java

@@ -13,7 +13,7 @@ public class UserCenterClientFallback implements UserCenterClient {
 
 	@Override
 	public SecurityUser getUserInfo() {
-		log.error("Feign connect timeout.");
+		log.error("Feign Fallback.");
 		return new SecurityUser();
 	}
 

mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/TokenAuthenticationFilter.java

@@ -1,8 +1,10 @@
 package com.chinaunicom.mall.ebtp.cloud.security.starter.filter;
 
 import java.io.IOException;
+import java.util.Collections;
 import java.util.List;
 import java.util.Objects;
+import java.util.Optional;
 import java.util.stream.Collectors;
 
 import javax.servlet.FilterChain;
@@ -35,7 +37,6 @@ public class TokenAuthenticationFilter extends OncePerRequestFilter {
 
 	private @Autowired UserCenterClient client;
 
-
 	/**
 	 * @param request
 	 * @param response
@@ -77,9 +78,10 @@ public class TokenAuthenticationFilter extends OncePerRequestFilter {
 		SecurityUser securityUser = client.getUserInfo();
 
 		// 根据当前角色设定权限列表
-		List<RoleCodeAuthority> authorities = securityUser.getAuthorityList().stream()
-				.filter(auth -> Objects.equals(auth.getRoleCode(), currentRoleCode))
-				.map(auth -> new RoleCodeAuthority(auth.getRoleCode())).collect(Collectors.toList());
+		List<RoleCodeAuthority> authorities = Optional.ofNullable(securityUser.getAuthorityList()).map(list -> {
+			return list.stream().filter(auth -> Objects.equals(auth.getRoleCode(), currentRoleCode))
+					.map(auth -> new RoleCodeAuthority(auth.getRoleCode())).collect(Collectors.toList());
+		}).orElseGet(() -> Collections.emptyList());
 
 		return new UsernamePasswordAuthenticationToken(securityUser.setCurrentRoleCode(currentRoleCode), token,
 				authorities);