change for one-time ticket as password

Signed-off-by: Abhishek Kumar <[email protected]>

Author: shwstppr

core/src/main/java/com/cloud/agent/api/GetExternalConsoleAnswer.java

@@ -25,17 +25,20 @@ public class GetExternalConsoleAnswer extends Answer {
     @LogLevel(LogLevel.Log4jLevel.Off)
     private String password;
     private String protocol;
+    private boolean passwordOneTimeUseOnly;
 
     public GetExternalConsoleAnswer(Command command, String details) {
         super(command, false, details);
     }
 
-    public GetExternalConsoleAnswer(Command command, String url, String host, Integer port, String password, String protocol) {
+    public GetExternalConsoleAnswer(Command command, String url, String host, Integer port, String password,
+                    boolean passwordOneTimeUseOnly, String protocol) {
         super(command, true, "");
         this.url = url;
         this.host = host;
         this.port = port;
         this.password = password;
+        this.passwordOneTimeUseOnly = passwordOneTimeUseOnly;
         this.protocol = protocol;
     }
 
@@ -58,4 +61,8 @@ public String getPassword() {
     public String getProtocol() {
         return protocol;
     }
+
+    public boolean isPasswordOneTimeUseOnly() {
+        return passwordOneTimeUseOnly;
+    }
 }

extensions/Proxmox/proxmox.sh

@@ -356,13 +356,15 @@ get_node_host() {
          --arg host "$host" \
          --arg port "$port" \
          --arg password "$ticket" \
+         --argjson passwordonetimeuseonly true \
          '{
              status: "success",
              message: "Console retrieved",
              console: {
                  host: $host,
                  port: $port,
                  password: $password,
+                 passwordonetimeuseonly: $passwordonetimeuseonly,
                  protocol: "vnc"
              }
          }'

plugins/hypervisors/external/src/main/java/org/apache/cloudstack/hypervisor/external/provisioner/ExternalPathPayloadProvisioner.java

@@ -510,13 +510,15 @@ public GetExternalConsoleAnswer getInstanceConsole(String hostName, String exten
             String host = consoleObj.has("host") ? consoleObj.get("host").getAsString() : null;
             Integer port = consoleObj.has("port") ? Integer.valueOf(consoleObj.get("port").getAsString()) : null;
             String password = consoleObj.has("password") ? consoleObj.get("password").getAsString() : null;
+            boolean passwordOneTimeUseOnly = consoleObj.has("passwordonetimeuseonly") &&
+                    consoleObj.get("passwordonetimeuseonly").getAsBoolean();
             String protocol = consoleObj.has("protocol") ? consoleObj.get("protocol").getAsString() : null;
             if (url == null && ObjectUtils.anyNull(host, port)) {
                 logger.error("Missing required fields in external console output: {}",
                         getSanitizedJsonStringForLog(output));
                 return new GetExternalConsoleAnswer(cmd, "Missing required fields in output");
             }
-            return new GetExternalConsoleAnswer(cmd, url, host, port, password, protocol);
+            return new GetExternalConsoleAnswer(cmd, url, host, port, password, passwordOneTimeUseOnly, protocol);
         } catch (RuntimeException e) {
             logger.error("Failed to parse output for getInstanceConsole: {}", e.getMessage(), e);
             return new GetExternalConsoleAnswer(cmd, "Failed to parse output");

server/src/main/java/com/cloud/servlet/ConsoleProxyClientParam.java

@@ -34,6 +34,8 @@ public class ConsoleProxyClientParam {
     private String username;
     private String password;
 
+    private boolean sessionRequiresNewViewer = false;
+
     /**
      * IP that has generated the console endpoint
      */
@@ -218,4 +220,8 @@ public String getClientIp() {
     public void setClientIp(String clientIp) {
         this.clientIp = clientIp;
     }
+
+    public void setSessionRequiresNewViewer(boolean sessionRequiresNewViewer) {
+        this.sessionRequiresNewViewer = sessionRequiresNewViewer;
+    }
 }

server/src/main/java/org/apache/cloudstack/consoleproxy/ConsoleAccessManagerImpl.java

@@ -449,6 +449,7 @@ protected ConsoleConnectionDetails getConsoleConnectionDetailsForExternalVm(Cons
         }
         if (StringUtils.isNotBlank(getExternalConsoleAnswer.getPassword())) {
             details.setSid(getExternalConsoleAnswer.getPassword());
+            details.setSessionRequiresNewViewer(getExternalConsoleAnswer.isPasswordOneTimeUseOnly());
         }
         return details;
     }
@@ -600,6 +601,7 @@ protected ConsoleProxyClientParam generateConsoleProxyClientParam(ConsoleConnect
         param.setTicket(ticket);
         param.setSessionUuid(sessionUuid);
         param.setSourceIP(addr);
+        param.setSessionRequiresNewViewer(details.isSessionRequiresNewViewer());
 
         if (StringUtils.isNotBlank(extraSecurityToken)) {
             param.setExtraSecurityToken(extraSecurityToken);
@@ -761,6 +763,7 @@ public enum Mode {
         private String tunnelSession = null;
         private boolean usingRDP;
         private String directUrl;
+        private boolean sessionRequiresNewViewer = false;
 
         ConsoleConnectionDetails(String sid, String locale, String tag, String displayName) {
             this.sid = sid;
@@ -850,5 +853,13 @@ public String getDirectUrl() {
         public void setDirectUrl(String directUrl) {
             this.directUrl = directUrl;
         }
+
+        public boolean isSessionRequiresNewViewer() {
+            return sessionRequiresNewViewer;
+        }
+
+        public void setSessionRequiresNewViewer(boolean sessionRequiresNewViewer) {
+            this.sessionRequiresNewViewer = sessionRequiresNewViewer;
+        }
     }
 }

services/console-proxy/server/src/main/java/com/cloud/consoleproxy/ConsoleProxyClientParam.java

@@ -16,6 +16,8 @@
 // under the License.
 package com.cloud.consoleproxy;
 
+import org.apache.commons.lang3.StringUtils;
+
 /**
  *
  * Data object to store parameter info needed by client to connect to its host
@@ -39,6 +41,8 @@ public class ConsoleProxyClientParam {
     private String password;
     private String websocketUrl;
 
+    private boolean sessionRequiresNewViewer;
+
     /**
      * IP that has generated the console endpoint
      */
@@ -143,8 +147,12 @@ public void setLocale(String locale) {
     }
 
     public String getClientMapKey() {
-        if (clientTag != null && !clientTag.isEmpty())
+        if (sessionRequiresNewViewer && StringUtils.isNotBlank(sessionUuid)) {
+            return sessionUuid;
+        }
+        if (StringUtils.isNotBlank(clientTag)) {
             return clientTag;
+        }
 
         return clientHostAddress + ":" + clientHostPort;
     }
@@ -220,4 +228,8 @@ public String getClientIp() {
     public void setClientIp(String clientIp) {
         this.clientIp = clientIp;
     }
+
+    public boolean isSessionRequiresNewViewer() {
+        return sessionRequiresNewViewer;
+    }
 }