Merge pull request #71 from ChangemakerStudios/feature/encryption-options

Add PDF encryption with userPassword and ownerPassword

Author: Jaben

README.md

@@ -481,6 +481,23 @@ public async Task<Stream> ConvertToAccessiblePdfA(string pdfPath)
 }
 ```
 
+### PDF Encryption
+*Password-protect PDFs with user and owner passwords:*
+
+```csharp
+public async Task<Stream> CreateEncryptedPdf()
+{
+    var builder = new HtmlRequestBuilder()
+        .AddDocument(doc => doc.SetBody("<html><body><h1>Confidential</h1></body></html>"))
+        .SetPdfOutputOptions(o => o
+            .SetEncryption(userPassword: "reader123", ownerPassword: "admin456"))
+        .WithPageProperties(pp => pp.UseChromeDefaults());
+
+    var request = builder.Build();
+    return await _sharpClient.HtmlToPdfAsync(request);
+}
+```
+
 ### Flatten PDFs
 *Flatten PDF forms and annotations (v2.8+):*
 

examples/EncryptPdf/EncryptPdf.csproj

@@ -0,0 +1,2 @@
+<Project Sdk="Microsoft.NET.Sdk">
+</Project>

examples/EncryptPdf/Program.cs

@@ -0,0 +1,61 @@
+using Gotenberg.Sharp.API.Client;
+using Gotenberg.Sharp.API.Client.Domain.Builders;
+using Gotenberg.Sharp.API.Client.Domain.Settings;
+using Gotenberg.Sharp.API.Client.Infrastructure.Pipeline;
+
+using Microsoft.Extensions.Configuration;
+
+var config = new ConfigurationBuilder()
+    .SetBasePath(AppContext.BaseDirectory)
+    .AddJsonFile("appsettings.json")
+    .Build();
+
+var options = new GotenbergSharpClientOptions();
+config.GetSection(nameof(GotenbergSharpClient)).Bind(options);
+
+var destinationDirectory = args.Length > 0 ? args[0] : Path.Combine(Directory.GetCurrentDirectory(), "output");
+Directory.CreateDirectory(destinationDirectory);
+
+var path = await CreateEncryptedPdf(destinationDirectory, options);
+Console.WriteLine($"Encrypted PDF created: {path}");
+
+static async Task<string> CreateEncryptedPdf(string destinationDirectory, GotenbergSharpClientOptions options)
+{
+    var handler = new HttpClientHandler();
+    HttpMessageHandler effectiveHandler = handler;
+    if (string.IsNullOrWhiteSpace(options.BasicAuthUsername) != string.IsNullOrWhiteSpace(options.BasicAuthPassword))
+        throw new InvalidOperationException("Both BasicAuthUsername and BasicAuthPassword must be provided, or neither.");
+    if (!string.IsNullOrWhiteSpace(options.BasicAuthUsername) && !string.IsNullOrWhiteSpace(options.BasicAuthPassword))
+        effectiveHandler = new BasicAuthHandler(options.BasicAuthUsername, options.BasicAuthPassword) { InnerHandler = handler };
+
+    using var httpClient = new HttpClient(effectiveHandler, disposeHandler: true)
+    {
+        BaseAddress = options.ServiceUrl,
+        Timeout = options.TimeOut
+    };
+
+    var sharpClient = new GotenbergSharpClient(httpClient);
+
+    // Create a password-protected PDF
+    var builder = new HtmlRequestBuilder()
+        .AddDocument(doc => doc.SetBody(@"
+            <html><body>
+                <h1>Confidential Report</h1>
+                <p>This document is password protected.</p>
+            </body></html>"))
+        .SetPdfOutputOptions(o => o
+            .SetEncryption(
+                userPassword: "reader123",     // Required to open the PDF
+                ownerPassword: "admin456"))    // Required to change permissions
+        .WithPageProperties(pp => pp.UseChromeDefaults());
+
+    var request = builder.Build();
+    var response = await sharpClient.HtmlToPdfAsync(request);
+
+    var resultPath = Path.Combine(destinationDirectory, $"Encrypted-{DateTime.Now:yyyyMMddHHmmss}.pdf");
+
+    await using var destinationStream = File.Create(resultPath);
+    await response.CopyToAsync(destinationStream, CancellationToken.None);
+
+    return resultPath;
+}

src/Gotenberg.Sharp.Api.Client/Domain/Builders/Faceted/PdfOutputOptionsBuilder.cs

@@ -13,6 +13,8 @@
 //  See the License for the specific language governing permissions and
 //  limitations under the License.
 
+using Gotenberg.Sharp.API.Client.Domain.ValueObjects;
+
 using Newtonsoft.Json.Linq;
 
 namespace Gotenberg.Sharp.API.Client.Domain.Builders.Faceted;
@@ -112,4 +114,66 @@ public PdfOutputOptionsBuilder SetMetadata(JObject metadata)
 
         return this;
     }
+
+    /// <summary>
+    /// Sets the password required to open the resulting PDF.
+    /// </summary>
+    /// <param name="password">A validated PDF password.</param>
+    /// <returns>The builder instance for method chaining.</returns>
+    public PdfOutputOptionsBuilder SetUserPassword(PdfPassword password)
+    {
+        _options.UserPassword = password ?? throw new ArgumentNullException(nameof(password));
+
+        return this;
+    }
+
+    /// <summary>
+    /// Sets the password required to open the resulting PDF.
+    /// </summary>
+    /// <param name="password">A non-empty password string.</param>
+    /// <returns>The builder instance for method chaining.</returns>
+    public PdfOutputOptionsBuilder SetUserPassword(string password)
+    {
+        return SetUserPassword(PdfPassword.Create(password));
+    }
+
+    /// <summary>
+    /// Sets the password required to change permissions or edit the resulting PDF.
+    /// </summary>
+    /// <param name="password">A validated PDF password.</param>
+    /// <returns>The builder instance for method chaining.</returns>
+    public PdfOutputOptionsBuilder SetOwnerPassword(PdfPassword password)
+    {
+        _options.OwnerPassword = password ?? throw new ArgumentNullException(nameof(password));
+
+        return this;
+    }
+
+    /// <summary>
+    /// Sets the password required to change permissions or edit the resulting PDF.
+    /// </summary>
+    /// <param name="password">A non-empty password string.</param>
+    /// <returns>The builder instance for method chaining.</returns>
+    public PdfOutputOptionsBuilder SetOwnerPassword(string password)
+    {
+        return SetOwnerPassword(PdfPassword.Create(password));
+    }
+
+    /// <summary>
+    /// Sets both user and owner passwords for the resulting PDF.
+    /// </summary>
+    /// <param name="userPassword">Password required to open the PDF.</param>
+    /// <param name="ownerPassword">Password required to change permissions.</param>
+    /// <returns>The builder instance for method chaining.</returns>
+    public PdfOutputOptionsBuilder SetEncryption(string userPassword, string ownerPassword)
+    {
+        // Validate both passwords first before mutating any state
+        var validatedUser = PdfPassword.Create(userPassword);
+        var validatedOwner = PdfPassword.Create(ownerPassword);
+
+        _options.UserPassword = validatedUser;
+        _options.OwnerPassword = validatedOwner;
+
+        return this;
+    }
 }

src/Gotenberg.Sharp.Api.Client/Domain/Requests/Facets/FacetBase.cs

@@ -15,6 +15,8 @@
 
 using System.Globalization;
 
+using Gotenberg.Sharp.API.Client.Domain.ValueObjects;
+
 namespace Gotenberg.Sharp.API.Client.Domain.Requests.Facets;
 
 public abstract class FacetBase : IConvertToHttpContent
@@ -77,6 +79,7 @@ public virtual IEnumerable<HttpContent> ToHttpContent()
             PdfFormat format => format.ToFormDataValue(),
             LibrePdfFormats format => format.ToFormDataValue(),
             ConversionPdfFormats format => format.ToFormDataValue(),
+            PdfPassword password => password.Value,
             List<Cookie> cookies => JsonConvert.SerializeObject(cookies),
             float f => f.ToString(cultureInfo),
             double d => d.ToString(cultureInfo),

src/Gotenberg.Sharp.Api.Client/Domain/Requests/Facets/PdfOutputOptions.cs

@@ -13,6 +13,8 @@
 //  See the License for the specific language governing permissions and
 //  limitations under the License.
 
+using Gotenberg.Sharp.API.Client.Domain.ValueObjects;
+
 using Newtonsoft.Json.Linq;
 
 namespace Gotenberg.Sharp.API.Client.Domain.Requests.Facets;
@@ -54,4 +56,16 @@ public class PdfOutputOptions : FacetBase
     /// </summary>
     [MultiFormHeader(Constants.Gotenberg.PdfOutput.MetaData)]
     public JObject? MetaData { get; set; }
+
+    /// <summary>
+    /// The password required to open the PDF.
+    /// </summary>
+    [MultiFormHeader(Constants.Gotenberg.PdfOutput.UserPassword)]
+    public PdfPassword? UserPassword { get; set; }
+
+    /// <summary>
+    /// The password required to change permissions or edit the PDF.
+    /// </summary>
+    [MultiFormHeader(Constants.Gotenberg.PdfOutput.OwnerPassword)]
+    public PdfPassword? OwnerPassword { get; set; }
 }

src/Gotenberg.Sharp.Api.Client/Domain/ValueObjects/PdfPassword.cs

@@ -0,0 +1,55 @@
+// Copyright 2019-2026 Chris Mohan, Jaben Cargman
+//  and GotenbergSharpApiClient Contributors
+//
+//  Licensed under the Apache License, Version 2.0 (the "License");
+//  you may not use this file except in compliance with the License.
+//  You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+//  Unless required by applicable law or agreed to in writing, software
+//  distributed under the License is distributed on an "AS IS" BASIS,
+//  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//  See the License for the specific language governing permissions and
+//  limitations under the License.
+
+namespace Gotenberg.Sharp.API.Client.Domain.ValueObjects;
+
+/// <summary>
+/// Represents a validated PDF password used for encryption.
+/// Used for both userPassword (required to open) and ownerPassword (required to change permissions).
+/// </summary>
+public sealed class PdfPassword : IEquatable<PdfPassword>
+{
+    public string Value { get; }
+
+    private PdfPassword(string value)
+    {
+        Value = value;
+    }
+
+    /// <summary>
+    /// Creates a validated PDF password.
+    /// </summary>
+    /// <param name="password">A non-empty password string.</param>
+    /// <exception cref="ArgumentException">Thrown when the password is null or whitespace.</exception>
+    public static PdfPassword Create(string password)
+    {
+        if (string.IsNullOrWhiteSpace(password))
+            throw new ArgumentException("PDF password must not be null or empty.", nameof(password));
+
+        return new PdfPassword(password);
+    }
+
+    public override string ToString() => "****";
+
+    public bool Equals(PdfPassword? other) => other is not null && Value == other.Value;
+
+    public override bool Equals(object? obj) => Equals(obj as PdfPassword);
+
+    public override int GetHashCode() => Value.GetHashCode();
+
+    public static bool operator ==(PdfPassword? left, PdfPassword? right) => Equals(left, right);
+
+    public static bool operator !=(PdfPassword? left, PdfPassword? right) => !Equals(left, right);
+}

src/Gotenberg.Sharp.Api.Client/Infrastructure/Constants.cs

@@ -90,6 +90,10 @@ private static class CrossCutting
 
             internal const string MetaData = "metadata";
 
+            internal const string UserPassword = "userPassword";
+
+            internal const string OwnerPassword = "ownerPassword";
+
             internal static class FileNames
             {
                 internal const string Index = "index.html";
@@ -110,6 +114,10 @@ public static class PdfOutput
             public const string GenerateTaggedPdf = CrossCutting.GenerateTaggedPdf;
 
             public const string MetaData = CrossCutting.MetaData;
+
+            public const string UserPassword = CrossCutting.UserPassword;
+
+            public const string OwnerPassword = CrossCutting.OwnerPassword;
         }
 
         /// <summary>