feat: 完成新版堡垒机token获取API的适配

2026-04-29 10:25:59 +08:00 · 2026-04-29 10:25:59 +08:00 · 57f8f4492d
commit 57f8f4492d
parent 6afa6d7169
3 changed files with 17 additions and 2 deletions
--- a/.env.example
+++ b/.env.example
@ -69,3 +69,6 @@ BASTION_TOKEN_STATUS_ENDPOINT=/bastion_token/{task_id}
 BASTION_TOKEN_TIMEOUT=30
 BASTION_TOKEN_POLL_ATTEMPTS=20
 BASTION_TOKEN_POLL_INTERVAL_MS=500
+BASTION_TOKEN_TASK_TTL_SECONDS=1800
+BASTION_TOKEN_SERVICE=https://myapp.cdu.edu.cn/index.html
+BASTION_TOKEN_VERIFY_SSL=false
--- a/app/Http/Controllers/Api/BastionAccountController.php
+++ b/app/Http/Controllers/Api/BastionAccountController.php
@ -83,6 +83,8 @@ class BastionAccountController extends Controller
        $submitEndpoint = (string) config('services.bastion_token.submit_endpoint', '/bastion_token');
        $timeout = (int) config('services.bastion_token.timeout', 30);
        $taskTtlSeconds = (int) config('services.bastion_token.task_ttl_seconds', 1800);
+        $service = (string) config('services.bastion_token.service', 'https://myapp.cdu.edu.cn/index.html');
+        $verifySsl = (bool) config('services.bastion_token.verify_ssl', false);

        try {
            $submitResponse = Http::baseUrl($baseUrl)
@ -92,6 +94,8 @@ class BastionAccountController extends Controller
                ->post($submitEndpoint, [
                    'username' => $account->username,
                    'password' => $account->password,
+                    'service' => $service,
+                    'verify_ssl' => $verifySsl,
                ]);

            if (! $submitResponse->successful()) {
@ -209,8 +213,14 @@ class BastionAccountController extends Controller
        }

        if (! (bool) ($taskMeta['finished'] ?? false)) {
-            $usmAuthentication = (string) data_get($taskResult, 'data.USM-AUTHENTICATION', '');
-            $usm = (string) data_get($taskResult, 'data.USM', '');
+            $usmAuthentication = (string) data_get($taskResult, 'data.bastion.token_cookies.USM-AUTHENTICATION', '');
+            $usm = (string) data_get($taskResult, 'data.bastion.token_cookies.USM', '');
+
+            // 向后兼容旧版任务服务返回结构
+            if ($usmAuthentication === '' || $usm === '') {
+                $usmAuthentication = (string) data_get($taskResult, 'data.USM-AUTHENTICATION', $usmAuthentication);
+                $usm = (string) data_get($taskResult, 'data.USM', $usm);
+            }

            if ($usmAuthentication === '' || $usm === '') {
                return response()->json([
--- a/config/services.php
+++ b/config/services.php
@ -39,6 +39,8 @@ return [
        'poll_attempts' => (int) env('BASTION_TOKEN_POLL_ATTEMPTS', 60),
        'poll_interval_ms' => (int) env('BASTION_TOKEN_POLL_INTERVAL_MS', 500),
        'task_ttl_seconds' => (int) env('BASTION_TOKEN_TASK_TTL_SECONDS', 1800),
+        'service' => env('BASTION_TOKEN_SERVICE', 'https://myapp.cdu.edu.cn/index.html'),
+        'verify_ssl' => (bool) env('BASTION_TOKEN_VERIFY_SSL', false),
    ],

    'bastion_access' => [