There is no official document about getting console of VM so you can use this workflow (notice that this works for old console): You don't need to call login API method. Just POST a request with these parameters: cmd=access&vm=<vmId>&apikey=<apiKey>&signature=<signature> to this endpoint: http://<CloudStack_Server>/client/console (Note that API endpoint of CloudStack is: http:// <CloudStack_Server>/client/api) You will get a response like this: <html><title>vm-name</title><frameset><frame src=" http://xxx.xxx.xxx.xxx/ajax?token=hL2gz4eojpms9DpGyj0YmeCREvL_I8_AigH1CfWiwXKbiPK55507CZsjj1LT4cK1y8XQ_YeLS0gx3M2WC7Kch0JoTIjGEl0yOB6LOyOwDhVQ6WgYzRAglDeTtIYCvgU8glQLpWYl7FLhqhtB0MhwwGeAI6qokK1YWqznplNhBgz5L3I0vMFuNAuaKsmKn3JepAuc1OKnizO4t9tmp9WgZYGhXiq13W3ZBAYUs1bgxPKKoPTC24_W2bMCVZA8YcePamU1ww5atI5hhXjaywRw "></frame></frameset></html>
>From the above response we should provide a pop up or new tab for “src” attribute of “frame” tag which is: http://xxx.xxx.xxx.xxx/ajax?token=hL2gz4eojpms9DpGyj0YmeCREvL_I8_AigH1CfWiwXKbiPK55507CZsjj1LT4cK1y8XQ_YeLS0gx3M2WC7Kch0JoTIjGEl0yOB6LOyOwDhVQ6WgYzRAglDeTtIYCvgU8glQLpWYl7FLhqhtB0MhwwGeAI6qokK1YWqznplNhBgz5L3I0vMFuNAuaKsmKn3JepAuc1OKnizO4t9tmp9WgZYGhXiq13W3ZBAYUs1bgxPKKoPTC24_W2bMCVZA8YcePamU1ww5atI5hhXjaywRw On Tue, Mar 30, 2021 at 11:34 PM WHMCSModule Networks Support < supp...@whmcsmodule.net> wrote: > Hi Team, > > > As title said how to achive this part i.e using curl request get the novnc > access. > > Till now: > I got user session key from user login > > say: > Array ( [loginresponse] => Array ( [username] => admin [userid] => > f8fc2819-863a-11eb-8ae3-005056bd05cc [domainid] => > a69b2912-863a-11eb-8ae3-005056bd05cc [timeout] => 1800 [account] => admin > [firstname] => admin [lastname] => cloud [type] => 1 [timezone] => UTC > [timezoneoffset] => 0.0 [registered] => false [sessionkey] => > 2emqvIDPkF1oDciRE8rVfvS2yqE ) ) > > Access denied. Invalid web session or API key in request > > My PHP Code: > <?php $endpoint = 'http://localhost:8080/client/api'; $apiKey = > 'SH3j2o3CLpKQrDoWNBMuf6EWoKAUHc1ubTsiHEdchITQRhzgv7Fjt4-0I4bcKmTn6E9Y6GNCrkeA'; > $secretKey = > '5nyeq6svs47WjTq4SYhl0388ikljBTAsXHmFmV2ZOT7fJakuDL9raSjmeQXaP_irOH-n6DW2zAl9Q'; > function getSignature($queryString) { $hash = @hash_hmac("SHA1", > $queryString, $secretKey, true); $base64encoded = base64_encode($hash); > return urlencode($base64encoded); } $args['username'] = "admin"; > $args['password'] = "V5grK%mks9"; $args['domain'] = "/"; $args['command'] = > 'login'; $args['response'] = "json"; $args['apikey'] = $apiKey; > $args['timestamp'] = round(microtime(true) * 1000); ksort($args); $query = > http_build_query($args); $query = str_replace("+", "%20", $query); $query > .= "&signature=" . getSignature(strtolower($query)); $ch = curl_init(); > curl_setopt($ch, CURLOPT_URL, $endpoint); //$url curl_setopt($ch, > CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_TIMEOUT, '3'); > curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST"); curl_setopt($ch, > CURLOPT_SSL_VERIFYPEER, false); curl_setopt ($ch, CURLOPT_POSTFIELDS, > $query); curl_setopt ($ch, CURLOPT_POST, 1); $json = curl_exec($ch); if > (curl_errno($ch)) { $json = json_encode(array('createdomainresponse' => > array('errortext' => curl_error($ch)))); } curl_close($ch); $response = > json_decode($json, true); //The above used to generate user session echo > '<pre>'; print_r($response); echo '</pre>'; $arg['cmd'] = 'access'; > $arg['vm'] = 'd692f12c-80d7-44b4-a880-224d3239a527'; $arg2['apikey'] = > $apiKey; $arg2['timestamp'] = round(microtime(true) * 1000); ksort($arg); > $query2 = http_build_query($arg2); $query3 = http_build_query($arg); > $query2 = str_replace("+", "%20", $query2); $query2 .= "&signature=" . > getSignature(strtolower($query2)); $endpoint2 = ' > http://localhost:8080/client/console'; $url2 = $endpoint2 . "?" . $query3 > . '&sessionkey='.$response['loginresponse']['sessionkey']; $ch2 = > curl_init(); curl_setopt($ch2, CURLOPT_URL, $url2); //$url > curl_setopt($ch2, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch2, > CURLOPT_TIMEOUT, '3'); $headers = array(); $headers[] = 'sessionkey: > '.$response['loginresponse']['sessionkey'].''; curl_setopt($ch2, > CURLOPT_HTTPHEADER, $headers); curl_setopt($ch2, CURLOPT_VERBOSE, true); > curl_setopt($ch2, CURLOPT_STDERR, fopen(dirname(__FILE__).'/errorlog.txt', > 'w')); $json2 = curl_exec($ch2); if (curl_errno($ch2)) { $json2 = > json_encode(array('createdomainresponse' => array('errortext' => > curl_error($ch2)))); } curl_close($ch2); $response2 = json_decode($json2, > true); echo '<pre>'; print_r($json2); echo '</pre>'; >
