I am trying to create a system for users to access a VM without having to use the PVE dashboard. Currently, it seems like I am reinventing the wheel with my approach and was wondering if anyone has any insight into this. I am using powershell with curl to send username and password, this returns the user json data correctly. Then I parse out the CSRF token and ticket info. This is then sent back via Invoke-webrequest with a header containing the token/ticket, this is not working correctly, probably, due to my error. Once that is functional the script would prepare a dummy page that holds the URL to the VM with the proper ticket info and opens it in Chrome.
I was messing around with API tokens, but that doesn't seem to do what I was expecting. Is there another way to accomplish this? Below is the powershell code so far.
I was messing around with API tokens, but that doesn't seem to do what I was expecting. Is there another way to accomplish this? Below is the powershell code so far.
cls
$username=(Read-Host "Enter Username: ") +"@network.local"
$password = Read-Host -AsSecureString "Enter Password: "
$Newpass = [Runtime.InteropServices.Marshal]::PtrToStringAuto([Runtime.InteropServices.Marshal]::SecureStringToBSTR($password))
$json=C:\Windows\WinSxS\wow64_curl_31bf3856ad364e35_10.0.19041.3693_none_fd5e373906da5997\curl.exe -k -d "username=$username" --data-urlencode "password=$Newpass" https://{SERVER-IP}:8006/api2/json/access/ticket | convertfrom-json
$ticket=$json.data.ticket
$csrf=$json.data.CSRFPreventionToken
echo $ticket $csrf
$vncuri="https://{SERVER-IP}:8006/?console=kvm&novnc=1&vmid=101&vmname=banking&node=proxmox&resize=off"
$response = Invoke-WebRequest -Uri $vncuri -Headers @{"Cookie"="PVEAuthCookie=$ticket"}
echo $response
$tempFile = New-TemporaryFile -Suffix ".html"
$response.Content | Out-File -FilePath $tempFile.FullName -Encoding utf8
Start-Process "chrome.exe" $tempFile.FullName