From 57f8f4492d8b5511a4251d5d1471f34948749b49 Mon Sep 17 00:00:00 2001
From: Boen_Shi <boen.shi@qq.com>
Date: Wed, 29 Apr 2026 10:25:59 +0800
Subject: [PATCH] =?UTF-8?q?feat:=20=E5=AE=8C=E6=88=90=E6=96=B0=E7=89=88?=
 =?UTF-8?q?=E5=A0=A1=E5=9E=92=E6=9C=BAtoken=E8=8E=B7=E5=8F=96API=E7=9A=84?=
 =?UTF-8?q?=E9=80=82=E9=85=8D?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .env.example                                       |  3 +++
 .../Controllers/Api/BastionAccountController.php   | 14 ++++++++++++--
 config/services.php                                |  2 ++
 3 files changed, 17 insertions(+), 2 deletions(-)

diff --git a/.env.example b/.env.example
index f889b50..3b645f7 100644
--- a/.env.example
+++ b/.env.example
@@ -69,3 +69,6 @@ BASTION_TOKEN_STATUS_ENDPOINT=/bastion_token/{task_id}
 BASTION_TOKEN_TIMEOUT=30
 BASTION_TOKEN_POLL_ATTEMPTS=20
 BASTION_TOKEN_POLL_INTERVAL_MS=500
+BASTION_TOKEN_TASK_TTL_SECONDS=1800
+BASTION_TOKEN_SERVICE=https://myapp.cdu.edu.cn/index.html
+BASTION_TOKEN_VERIFY_SSL=false
diff --git a/app/Http/Controllers/Api/BastionAccountController.php b/app/Http/Controllers/Api/BastionAccountController.php
index d22596e..0c257ff 100644
--- a/app/Http/Controllers/Api/BastionAccountController.php
+++ b/app/Http/Controllers/Api/BastionAccountController.php
@@ -83,6 +83,8 @@ class BastionAccountController extends Controller
         $submitEndpoint = (string) config('services.bastion_token.submit_endpoint', '/bastion_token');
         $timeout = (int) config('services.bastion_token.timeout', 30);
         $taskTtlSeconds = (int) config('services.bastion_token.task_ttl_seconds', 1800);
+        $service = (string) config('services.bastion_token.service', 'https://myapp.cdu.edu.cn/index.html');
+        $verifySsl = (bool) config('services.bastion_token.verify_ssl', false);
 
         try {
             $submitResponse = Http::baseUrl($baseUrl)
@@ -92,6 +94,8 @@ class BastionAccountController extends Controller
                 ->post($submitEndpoint, [
                     'username' => $account->username,
                     'password' => $account->password,
+                    'service' => $service,
+                    'verify_ssl' => $verifySsl,
                 ]);
 
             if (! $submitResponse->successful()) {
@@ -209,8 +213,14 @@ class BastionAccountController extends Controller
         }
 
         if (! (bool) ($taskMeta['finished'] ?? false)) {
-            $usmAuthentication = (string) data_get($taskResult, 'data.USM-AUTHENTICATION', '');
-            $usm = (string) data_get($taskResult, 'data.USM', '');
+            $usmAuthentication = (string) data_get($taskResult, 'data.bastion.token_cookies.USM-AUTHENTICATION', '');
+            $usm = (string) data_get($taskResult, 'data.bastion.token_cookies.USM', '');
+
+            // 向后兼容旧版任务服务返回结构
+            if ($usmAuthentication === '' || $usm === '') {
+                $usmAuthentication = (string) data_get($taskResult, 'data.USM-AUTHENTICATION', $usmAuthentication);
+                $usm = (string) data_get($taskResult, 'data.USM', $usm);
+            }
 
             if ($usmAuthentication === '' || $usm === '') {
                 return response()->json([
diff --git a/config/services.php b/config/services.php
index b38f0f9..8877fd4 100644
--- a/config/services.php
+++ b/config/services.php
@@ -39,6 +39,8 @@ return [
         'poll_attempts' => (int) env('BASTION_TOKEN_POLL_ATTEMPTS', 60),
         'poll_interval_ms' => (int) env('BASTION_TOKEN_POLL_INTERVAL_MS', 500),
         'task_ttl_seconds' => (int) env('BASTION_TOKEN_TASK_TTL_SECONDS', 1800),
+        'service' => env('BASTION_TOKEN_SERVICE', 'https://myapp.cdu.edu.cn/index.html'),
+        'verify_ssl' => (bool) env('BASTION_TOKEN_VERIFY_SSL', false),
     ],
 
     'bastion_access' => [