Console access enhancements

agent/src/main/java/com/cloud/agent/resource/consoleproxy/ConsoleProxyResource.java

@@ -382,9 +382,10 @@ protected void runInContext() {
         }
     }
 
-    public String authenticateConsoleAccess(String host, String port, String vmId, String sid, String ticket, Boolean isReauthentication) {
+    public String authenticateConsoleAccess(String host, String port, String vmId, String sid, String ticket,
+                                            Boolean isReauthentication, String sessionToken) {
 
-        ConsoleAccessAuthenticationCommand cmd = new ConsoleAccessAuthenticationCommand(host, port, vmId, sid, ticket);
+        ConsoleAccessAuthenticationCommand cmd = new ConsoleAccessAuthenticationCommand(host, port, vmId, sid, ticket, sessionToken);
         cmd.setReauthenticating(isReauthentication);
 
         ConsoleProxyAuthenticationResult result = new ConsoleProxyAuthenticationResult();

api/src/main/java/com/cloud/agent/api/to/VirtualMachineTO.java

@@ -59,6 +59,7 @@ public class VirtualMachineTO {
     boolean enableDynamicallyScaleVm;
     String vncPassword;
     String vncAddr;
+    String vncPort;
     Map<String, String> params;
     String uuid;
     String bootType;
@@ -283,6 +284,14 @@ public void setVncAddr(String vncAddr) {
         this.vncAddr = vncAddr;
     }
 
+    public String getVncPort() {
+        return vncPort;
+    }
+
+    public void setVncPort(String vncPort) {
+        this.vncPort = vncPort;
+    }
+
     public Map<String, String> getDetails() {
         return params;
     }

api/src/main/java/org/apache/cloudstack/api/command/user/consoleproxy/ConsoleEndpoint.java

@@ -0,0 +1,94 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package org.apache.cloudstack.api.command.user.consoleproxy;
+
+public class ConsoleEndpoint {
+
+    private boolean result;
+    private String details;
+    private String url;
+    private String websocketToken;
+    private String websocketPath;
+    private String websocketHost;
+    private String websocketPort;
+
+    public ConsoleEndpoint(boolean result, String url) {
+        this.result = result;
+        this.url = url;
+    }
+
+    public ConsoleEndpoint(boolean result, String url, String details) {
+        this(result, url);
+        this.details = details;
+    }
+
+    public boolean isResult() {
+        return result;
+    }
+
+    public void setResult(boolean result) {
+        this.result = result;
+    }
+
+    public String getUrl() {
+        return url;
+    }
+
+    public void setUrl(String url) {
+        this.url = url;
+    }
+
+    public String getDetails() {
+        return details;
+    }
+
+    public void setDetails(String details) {
+        this.details = details;
+    }
+
+    public String getWebsocketToken() {
+        return websocketToken;
+    }
+
+    public void setWebsocketToken(String websocketToken) {
+        this.websocketToken = websocketToken;
+    }
+
+    public String getWebsocketPath() {
+        return websocketPath;
+    }
+
+    public void setWebsocketPath(String websocketPath) {
+        this.websocketPath = websocketPath;
+    }
+
+    public String getWebsocketHost() {
+        return websocketHost;
+    }
+
+    public void setWebsocketHost(String websocketHost) {
+        this.websocketHost = websocketHost;
+    }
+
+    public String getWebsocketPort() {
+        return websocketPort;
+    }
+
+    public void setWebsocketPort(String websocketPort) {
+        this.websocketPort = websocketPort;
+    }
+}

api/src/main/java/org/apache/cloudstack/api/command/user/consoleproxy/CreateConsoleEndpointCmd.java

@@ -0,0 +1,116 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package org.apache.cloudstack.api.command.user.consoleproxy;
+
+import com.cloud.exception.ConcurrentOperationException;
+import com.cloud.exception.InsufficientCapacityException;
+import com.cloud.exception.NetworkRuleConflictException;
+import com.cloud.exception.ResourceAllocationException;
+import com.cloud.exception.ResourceUnavailableException;
+import org.apache.cloudstack.api.APICommand;
+import org.apache.cloudstack.api.ApiConstants;
+import org.apache.cloudstack.api.ApiErrorCode;
+import org.apache.cloudstack.api.BaseCmd;
+import org.apache.cloudstack.api.Parameter;
+import org.apache.cloudstack.api.ServerApiException;
+import org.apache.cloudstack.api.response.ConsoleEndpointWebsocketResponse;
+import org.apache.cloudstack.api.response.CreateConsoleEndpointResponse;
+import org.apache.cloudstack.api.response.UserVmResponse;
+import org.apache.cloudstack.consoleproxy.ConsoleAccessManager;
+import org.apache.cloudstack.context.CallContext;
+import org.apache.cloudstack.utils.consoleproxy.ConsoleAccessUtils;
+import org.apache.commons.collections.MapUtils;
+import org.apache.log4j.Logger;
+
+import javax.inject.Inject;
+import java.util.Map;
+
+@APICommand(name = CreateConsoleEndpointCmd.APINAME, description = "Create a console endpoint to connect to a VM console",
+        responseObject = CreateConsoleEndpointResponse.class, since = "4.18.0",
+        requestHasSensitiveInfo = false, responseHasSensitiveInfo = false)
+public class CreateConsoleEndpointCmd extends BaseCmd {
+
+    public static final String APINAME = "createConsoleEndpoint";
+    public static final Logger s_logger = Logger.getLogger(CreateConsoleEndpointCmd.class.getName());
+
+    @Inject
+    private ConsoleAccessManager consoleManager;
+
+    @Parameter(name = ApiConstants.VIRTUAL_MACHINE_ID,
+            type = CommandType.UUID,
+            entityType = UserVmResponse.class,
+            required = true,
+            description = "ID of the VM")
+    private Long vmId;
+
+    @Override
+    public void execute() throws ResourceUnavailableException, InsufficientCapacityException, ServerApiException, ConcurrentOperationException, ResourceAllocationException, NetworkRuleConflictException {
+        String clientSecurityToken = getClientSecurityToken();
+        String clientAddress = getClientAddress();
+        ConsoleEndpoint endpoint = consoleManager.generateConsoleEndpoint(vmId, clientSecurityToken, clientAddress);
+        if (endpoint != null) {
+            CreateConsoleEndpointResponse response = createResponse(endpoint);
+            setResponseObject(response);
+        } else {
+            throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Unable to generate console endpoint for vm " + vmId);
+        }
+    }
+
+    private CreateConsoleEndpointResponse createResponse(ConsoleEndpoint endpoint) {
+        CreateConsoleEndpointResponse response = new CreateConsoleEndpointResponse();
+        response.setResult(endpoint.isResult());
+        response.setDetails(endpoint.getDetails());
+        response.setUrl(endpoint.getUrl());
+        response.setWebsocketResponse(createWebsocketResponse(endpoint));
+        response.setResponseName(getCommandName());
+        response.setObjectName("consoleendpoint");
+        return response;
+    }
+
+    private ConsoleEndpointWebsocketResponse createWebsocketResponse(ConsoleEndpoint endpoint) {
+        ConsoleEndpointWebsocketResponse wsResponse = new ConsoleEndpointWebsocketResponse();
+        wsResponse.setHost(endpoint.getWebsocketHost());
+        wsResponse.setPort(endpoint.getWebsocketPort());
+        wsResponse.setPath(endpoint.getWebsocketPath());
+        wsResponse.setToken(endpoint.getWebsocketToken());
+        wsResponse.setObjectName("websocket");
+        return wsResponse;
+    }
+
+    private String getParameterBase(String paramKey) {
+        Map<String, String> params = getFullUrlParams();
+        return MapUtils.isNotEmpty(params) && params.containsKey(paramKey) ? params.get(paramKey) : null;
+    }
+
+    private String getClientAddress() {
+        return getParameterBase(ConsoleAccessUtils.CLIENT_INET_ADDRESS_KEY);
+    }
+
+    private String getClientSecurityToken() {
+        return getParameterBase(ConsoleAccessUtils.CLIENT_SECURITY_HEADER_PARAM_KEY);
+    }
+
+    @Override
+    public String getCommandName() {
+        return APINAME.toLowerCase() + BaseCmd.RESPONSE_SUFFIX;
+    }
+
+    @Override
+    public long getEntityOwnerId() {
+        return CallContext.current().getCallingAccount().getId();
+    }
+}

api/src/main/java/org/apache/cloudstack/api/response/ConsoleEndpointWebsocketResponse.java

@@ -0,0 +1,76 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package org.apache.cloudstack.api.response;
+
+import com.cloud.serializer.Param;
+import com.google.gson.annotations.SerializedName;
+import org.apache.cloudstack.api.ApiConstants;
+import org.apache.cloudstack.api.BaseResponse;
+
+public class ConsoleEndpointWebsocketResponse extends BaseResponse {
+
+    public ConsoleEndpointWebsocketResponse() {
+    }
+
+    @SerializedName(ApiConstants.TOKEN)
+    @Param(description = "the console websocket token")
+    private String token;
+
+    @SerializedName("host")
+    @Param(description = "the console websocket host")
+    private String host;
+
+    @SerializedName(ApiConstants.PORT)
+    @Param(description = "the console websocket port")
+    private String port;
+
+    @SerializedName(ApiConstants.PATH)
+    @Param(description = "the console websocket path")
+    private String path;
+
+    public String getToken() {
+        return token;
+    }
+
+    public void setToken(String token) {
+        this.token = token;
+    }
+
+    public String getHost() {
+        return host;
+    }
+
+    public void setHost(String host) {
+        this.host = host;
+    }
+
+    public String getPort() {
+        return port;
+    }
+
+    public void setPort(String port) {
+        this.port = port;
+    }
+
+    public String getPath() {
+        return path;
+    }
+
+    public void setPath(String path) {
+        this.path = path;
+    }
+}