优化依赖项

spring5-auth/spring5-auth-server/pom.xml

@@ -15,29 +15,39 @@
     </parent>
     
 	<dependencies>
-	    <!-- 使用redis做数据缓存，如果不需要可不依赖 -->
+        <!-- Spring Boot Web Flux 依赖 -->
         <dependency>
             <groupId>org.springframework.boot</groupId>
-            <artifactId>spring-boot-starter-data-redis</artifactId>
+            <artifactId>spring-boot-starter-webflux</artifactId>
         </dependency>
+    
+        <!-- Spring Boot 响应式 Redis 依赖 -->
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-data-redis-reactive</artifactId>
+        </dependency>
+        
+        <!-- shrio -->
         <dependency>
             <groupId>org.apache.shiro</groupId>
             <artifactId>shiro-spring-boot-web-starter</artifactId>
             <version>1.4.0</version>
         </dependency>
+        
+        <!-- jwt -->
         <dependency>
             <groupId>com.auth0</groupId>
             <artifactId>java-jwt</artifactId>
             <version>3.2.0</version>
         </dependency>
-        <dependency>
-            <groupId>org.apache.httpcomponents</groupId>
-            <artifactId>httpclient</artifactId>
-            </dependency>
-        <dependency>
-            <groupId>org.apache.commons</groupId>
-            <artifactId>commons-lang3</artifactId>
-        </dependency>
+<!--         <dependency> -->
+<!--             <groupId>org.apache.httpcomponents</groupId> -->
+<!--             <artifactId>httpclient</artifactId> -->
+<!--             </dependency> -->
+<!--         <dependency> -->
+<!--             <groupId>org.apache.commons</groupId> -->
+<!--             <artifactId>commons-lang3</artifactId> -->
+<!--         </dependency> -->
 		
 	</dependencies>
 </project>

spring5-auth/spring5-auth-server/src/main/java/com/yaozhitech/spring5/filter/AnyRolesAuthorizationFilter.java

@@ -6,10 +6,10 @@ import javax.servlet.ServletRequest;
 import javax.servlet.ServletResponse;
 import javax.servlet.http.HttpServletResponse;
 
-import org.apache.http.HttpStatus;
 import org.apache.shiro.subject.Subject;
 import org.apache.shiro.web.filter.authz.AuthorizationFilter;
 import org.apache.shiro.web.util.WebUtils;
+import org.springframework.http.HttpStatus;
 
 public class AnyRolesAuthorizationFilter  extends AuthorizationFilter {
 	
@@ -36,7 +36,7 @@ public class AnyRolesAuthorizationFilter  extends AuthorizationFilter {
         HttpServletResponse httpResponse = WebUtils.toHttp(response);
         httpResponse.setCharacterEncoding("UTF-8");
         httpResponse.setContentType("application/json;charset=utf-8");
-        httpResponse.setStatus(HttpStatus.SC_UNAUTHORIZED);
+        httpResponse.setStatus(HttpStatus.UNAUTHORIZED.ordinal());
         return false;
     }
 

spring5-auth/spring5-auth-server/src/main/java/com/yaozhitech/spring5/filter/JwtAuthFilter.java

@@ -10,14 +10,14 @@ import javax.servlet.ServletResponse;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
-import org.apache.commons.lang3.StringUtils;
-import org.apache.http.HttpStatus;
 import org.apache.shiro.authc.AuthenticationException;
 import org.apache.shiro.authc.AuthenticationToken;
 import org.apache.shiro.subject.Subject;
 import org.apache.shiro.web.filter.authc.AuthenticatingFilter;
 import org.apache.shiro.web.util.WebUtils;
 import org.springframework.beans.factory.annotation.Value;
+import org.springframework.http.HttpStatus;
+import org.springframework.util.StringUtils;
 import org.springframework.web.bind.annotation.RequestMethod;
 
 import com.yaozhitech.spring5.dto.UserDto;
@@ -83,7 +83,7 @@ public class JwtAuthFilter extends AuthenticatingFilter {
     @Override
     protected AuthenticationToken createToken(ServletRequest servletRequest, ServletResponse servletResponse) {
         String jwtToken = getAuthzHeader(servletRequest);
-        if(StringUtils.isNotBlank(jwtToken)&&!JwtUtils.isTokenExpired(jwtToken))
+        if(!StringUtils.isEmpty(jwtToken)&&!JwtUtils.isTokenExpired(jwtToken))
             return new JWTToken(jwtToken);
 
         return null;
@@ -94,7 +94,7 @@ public class JwtAuthFilter extends AuthenticatingFilter {
         HttpServletResponse httpResponse = WebUtils.toHttp(servletResponse);
         httpResponse.setCharacterEncoding("UTF-8");
         httpResponse.setContentType("application/json;charset=UTF-8");
-        httpResponse.setStatus(HttpStatus.SC_NON_AUTHORITATIVE_INFORMATION);
+        httpResponse.setStatus(HttpStatus.UNAUTHORIZED.ordinal());
         fillCorsHeader(WebUtils.toHttp(servletRequest), httpResponse);
         return false;
     }
@@ -114,7 +114,7 @@ public class JwtAuthFilter extends AuthenticatingFilter {
                 newToken = userService.generateJwtToken(user.getUsername());
             }
         }
-        if(StringUtils.isNotBlank(newToken))
+        if(!StringUtils.isEmpty(newToken))
             httpResponse.setHeader("x-auth-token", newToken);
 
         return true;
@@ -129,7 +129,10 @@ public class JwtAuthFilter extends AuthenticatingFilter {
     protected String getAuthzHeader(ServletRequest request) {
         HttpServletRequest httpRequest = WebUtils.toHttp(request);
         String header = httpRequest.getHeader("x-auth-token");
-        return StringUtils.removeStart(header, "Bearer ");
+        if (StringUtils.startsWithIgnoreCase(header, "Bearer ")) {
+			return StringUtils.replace(header, "Bearer ", "");
+		}
+        return header;
     }
 
     protected boolean shouldTokenRefresh(Date issueAt){