Hi,
I tried this and have same issue with CS 4.15:
http://csurl:8080/client/console';
$apiKey =
'SH3j2o3CLpKKAUHc1ubTsiHEdchITQRhzgv7Fjt4-0I4bcKmTn6E9Y6GNCrke_hpYgFlGyIA';
$secretKey = '5nyeq6svs47WjTTAsXHmFmV2ZOT7fJakuDL9raSjmeQXaP_irOH-n6DW2zAl9Q';
function getSignature($queryString) {
$hash = @hash_hmac("SHA1", $queryString, $secretKey, true);
$base64encoded = base64_encode($hash);
return urlencode($base64encoded);
}
$arg['cmd'] = 'access';
$arg['vm'] = 'd692f12c-80d7-33b4-a880-224d3239a527';
$arg['apikey'] = $apiKey;
//ksort($arg);
$query2 = http_build_query($arg);
$query2 = str_replace("+", "%20", $query2);
$query2 .= "&signature=" . getSignature(strtolower($query2));
$ch2 = curl_init();
curl_setopt($ch2, CURLOPT_URL, $endpoint); //$url
curl_setopt($ch2, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch2, CURLOPT_TIMEOUT, '3');
curl_setopt($ch2, CURLOPT_CUSTOMREQUEST, "POST");
curl_setopt($ch2, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt ($ch2, CURLOPT_POSTFIELDS, $query2);
curl_setopt ($ch2, CURLOPT_POST, 1);
$headers = array();
$headers[] = 'Content-Type: application/x-www-form-urlencoded';
curl_setopt($ch2, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch2, CURLOPT_VERBOSE, true);
curl_setopt($ch2, CURLOPT_STDERR, fopen(dirname(__FILE__).'/errorlog.txt',
'w'));
$json2 = curl_exec($ch2);
if (curl_errno($ch2)) {
$json2 = json_encode(array('createdomainresponse' => array('errortext' =>
curl_error($ch2;
}
curl_close($ch2);
$response2 = json_decode($json2, true);
echo '';
print_r($json2);
echo '';
Access denied. Invalid web session or API key in request
On 2021/03/31 06:31:13, Alireza Eskandari wrote:
> There is no official document about getting console of VM so you can use>
> this workflow (notice that this works for old console):>
> You don't need to call login API method. Just POST a request with these>
> parameters:>
> cmd=access&vm=&apikey=&signature=>
> to this endpoint:>
> http:///client/console>
> (Note that API endpoint of CloudStack is: http://>
> /client/api)>
> You will get a response like this:>
> vm-name>
>
> From the above response we should provide a pop up or new tab for “src”>
> attribute of “frame” tag>
> which is:>
> http://xxx.xxx.xxx.xxx/ajax?token=hL2gz4eojpms9DpGyj0YmeCREvL_I8_AigH1CfWiwXKbiPK55507CZsjj1LT4cK1y8XQ_YeLS0gx3M2WC7Kch0JoTIjGEl0yOB6LOyOwDhVQ6WgYzRAglDeTtIYCvgU8glQLpWYl7FLhqhtB0MhwwGeAI6qokK1YWqznplNhBgz5L3I0vMFuNAuaKsmKn3JepAuc1OKnizO4t9tmp9WgZYGhXiq13W3ZBAYUs1bgxPKKoPTC24_W2bMCVZA8YcePamU1ww5atI5hhXjaywRw>
>
> On Tue, Mar 30, 2021 at 11:34 PM WHMCSModule Networks Support <>
> [email protected]> wrote:>
>
> > Hi Team,>
> >>
> >>
> > As title said how to achive this part i.e using curl request get the novnc>
> > access.>
> >>
> > Till now:>
> > I got user session key from user login>
> >>
> > say:>
> > Array ( [loginresponse] => Array ( [username] => admin [userid] =>>
> > f8fc2819-863a-11eb-8ae3-005056bd05cc [domainid] =>>
> > a69b2912-863a-11eb-8ae3-005056bd05cc [timeout] => 1800 [account] => admin>
> > [firstname] => admin [lastname] => cloud [type] => 1 [timezone] => UTC>
> > [timezoneoffset] => 0.0 [registered] => false [sessionkey] =>>
> > 2emqvIDPkF1oDciRE8rVfvS2yqE ) )>
> >>
> > Access denied. Invalid web session or API key in request>
> >>
> > My PHP Code:>
> >
> > 'SH3j2o3CLpKQrDoWNBMuf6EWoKAUHc1ubTsiHEdchITQRhzgv7Fjt4-0I4bcKmTn6E9Y6GNCrkeA';>
> > $secretKey =>
> > '5nyeq6svs47WjTq4SYhl0388ikljBTAsXHmFmV2ZOT7fJakuDL9raSjmeQXaP_irOH-n6DW2zAl9Q';>
> > function getSignature($queryString) { $hash = @hash_hmac("SHA1",>
> > $queryString, $secretKey, true); $base64encoded = base64_encode($hash);>
> > return urlencode($base64encoded); } $args['username'] = "admin";>
> > $args['password'] = "V5grK%mks9"; $args['domain'] = "/"; $args['command'] =>
> > 'login'; $args['response'] = "json"; $args['apikey'] = $apiKey;>
> > $args['timestamp'] = round(microtime(true) * 1000); ksort($args); $query =>
> > http_build_query($args); $query = str_replace(" ", " ", $query); $query>
> > .= "&signature=" . getSignature(strtolower($query)); $ch = curl_init();>
> > curl_setopt($ch, CURLOPT_URL, $endpo
