Skip to content

Instantly share code, notes, and snippets.

@atomlab

atomlab/guacamole_rest_api_examples.md

Last active October 18, 2024 10:39
Show Gist options
  • Save atomlab/376901845c3d474d1e60e6b7a3affaae to your computer and use it in GitHub Desktop.
Save atomlab/376901845c3d474d1e60e6b7a3affaae to your computer and use it in GitHub Desktop.
Download ZIP
Guacamole REST API Examples
Raw
guacamole_rest_api_examples.md

Get token

curl -X POST -d 'username=MYUSERNAME&password=MYPASSWORD' http://localhost:8080/guacamole/api/tokens

output

{
  "authToken": "C90FE11682EE3A8CCA339F1135FF02D0A97CDDDE440A970B559D005517BE6EA8",
  "username": "guacadmin",
  "dataSource": "postgresql",
  "availableDataSources": [
    "postgresql",
    "postgresql-shared"
  ]
}

Encode client url string

  1. Get connections list
curl 'http://localhost:8080/guacamole/api/session/data/postgresql/connections?token=<TOKEN>'| jq

output

{
  "1": {
    "name": "win",
    "identifier": "1",
    "parentIdentifier": "ROOT",
    "protocol": "rdp",
    "attributes": {
      "guacd-encryption": null,
      "failover-only": null,
      "weight": null,
      "max-connections": null,
      "guacd-hostname": null,
      "guacd-port": null,
      "max-connections-per-user": null
    },
    "activeConnections": 0,
    "lastActive": 1591774964770
  },
  "2": {
    "name": "win1",
    "identifier": "2",
    "parentIdentifier": "ROOT",
    "protocol": "rdp",
    "attributes": {
      "guacd-encryption": null,
      "failover-only": null,
      "weight": null,
      "max-connections": null,
      "guacd-hostname": null,
      "guacd-port": null,
      "max-connections-per-user": null
    },
    "activeConnections": 1,
    "lastActive": 1591774407688
  }
}

Notes (link):

The necessary information is indeed there - you just need to know how to generate the URL. The base64 bit after ".../guacamole/client/" in the URL of a connection is built from the following information:

  1. The connection identifier (in MySQL / PostgreSQL, this will be the connection ID)
  2. The type ("c" for connections and "g" for balancing groups)
  3. The identifier of the auth provider storing the connection data (usually "postgresql", "mysql", or "ldap" - in your case the correct value would be "mysql")

Each of these components separated from the other by a single NULL character (U+0000), with the resulting string encoded with base64.

  1. Encode string
printf '2\0c\0postgresql' | base64

output

MgBjAHBvc3RncmVzcWw=
  1. URL
https://localhost:8080/guacamole/#/client/MgBjAHBvc3RncmVzcWw=
@frisedel
Copy link

oh thank you for this!!!

@iota-008
Copy link

iota-008 commented Mar 1, 2023

i don't want to pass the token in URL, instead in headers. but unable to open the URL in a new tab with headers...

@Rashedujjaman
Copy link

Why am I being forbiden while trying to create new connection by passing connection credentials?

Input example.
//dataSource = mysql
//name = pc1
//ipAddress = 10.10.10.10
//vncPassword = 1234
//guacUser = guacUser
//guacPass = guacPass
//authToken = C73AFEFFB51E5BFC403771D6C48B3DA4400A28B7D4C73DDD10204B1B42B8A94E

private createConnection(authToken: string, dataSource: string, name: string, ipAddress: string, vncPassword: string) {
var port = '5900';
const connectionData = {
"parentIdentifier": "ROOT",
"name": name,
"protocol": "vnc",
"attributes": {
"failover- only": "",
"guacd-encryption": "",
"guacd-hostname": "",
"guacd-port": "",
"max-connections": "",
"max-connections-per-user": "",
"weight": ""

  },
  "parameters": {
    "hostname": ipAddress,
    "port": port,
    "username": this.guacUser,
    "password": this.guacPass,
    //"password": "vncPassword" // Pass VNC password if required
  }
};

const headers = new HttpHeaders().set('Authorization', `Bearer ${authToken}`);
return this.http.post(`${this.baseUrl}/session/data/${dataSource}/connections`, connectionData, { headers });

}

image

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment