Add basic authentication support for Gotenberg API

Jaben · claude · Jaben · commit 9e6deca76919 · 2025-10-05T00:03:21.000-04:00
Implements HTTP Basic Authentication to support Gotenberg instances configured with the --api-enable-basic-auth flag (Gotenberg v8+). Features: - Added BasicAuthUsername and BasicAuthPassword to GotenbergSharpClientOptions - Automatic Authorization header injection when credentials are configured - Docker Compose setup for local testing with basic auth enabled - Comprehensive test suite using AwesomeAssertions/NUnit Changes: - lib/Domain/Settings/GotenbergSharpClientOptions.cs: Added auth properties - lib/Extensions/TypedClientServiceCollectionExtensions.cs: Added auth header logic - docker/docker-compose-basic-auth.yml: Docker setup with test credentials - test/GotenbergSharpClient.Tests/BasicAuthTests.cs: Integration tests - README.md: Updated with basic auth documentation and docker-compose usage Closes #54 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
diff --git a/GotenbergSharpApiClient.sln b/GotenbergSharpApiClient.sln
@@ -10,6 +10,8 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Solution Items", "Solution
 		.editorconfig = .editorconfig
 	EndProjectSection
 EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "GotenbergSharpClient.Tests", "test\GotenbergSharpClient.Tests\GotenbergSharpClient.Tests.csproj", "{EEAF9CA2-7962-176A-E851-BF81D8DE31F0}"
+EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|Any CPU = Debug|Any CPU
@@ -32,6 +34,18 @@ Global
 		{75F783A4-9392-412F-9DFE-00EE89527C10}.Release|x64.Build.0 = Release|Any CPU
 		{75F783A4-9392-412F-9DFE-00EE89527C10}.Release|x86.ActiveCfg = Release|Any CPU
 		{75F783A4-9392-412F-9DFE-00EE89527C10}.Release|x86.Build.0 = Release|Any CPU
+		{EEAF9CA2-7962-176A-E851-BF81D8DE31F0}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{EEAF9CA2-7962-176A-E851-BF81D8DE31F0}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{EEAF9CA2-7962-176A-E851-BF81D8DE31F0}.Debug|x64.ActiveCfg = Debug|Any CPU
+		{EEAF9CA2-7962-176A-E851-BF81D8DE31F0}.Debug|x64.Build.0 = Debug|Any CPU
+		{EEAF9CA2-7962-176A-E851-BF81D8DE31F0}.Debug|x86.ActiveCfg = Debug|Any CPU
+		{EEAF9CA2-7962-176A-E851-BF81D8DE31F0}.Debug|x86.Build.0 = Debug|Any CPU
+		{EEAF9CA2-7962-176A-E851-BF81D8DE31F0}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{EEAF9CA2-7962-176A-E851-BF81D8DE31F0}.Release|Any CPU.Build.0 = Release|Any CPU
+		{EEAF9CA2-7962-176A-E851-BF81D8DE31F0}.Release|x64.ActiveCfg = Release|Any CPU
+		{EEAF9CA2-7962-176A-E851-BF81D8DE31F0}.Release|x64.Build.0 = Release|Any CPU
+		{EEAF9CA2-7962-176A-E851-BF81D8DE31F0}.Release|x86.ActiveCfg = Release|Any CPU
+		{EEAF9CA2-7962-176A-E851-BF81D8DE31F0}.Release|x86.Build.0 = Release|Any CPU
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE
diff --git a/README.md b/README.md
@@ -9,6 +9,8 @@
 .NET C# Client for interacting with the [Gotenberg](https://gotenberg.dev/) v7 & v8 micro-service's API. [Gotenberg](https://github.com/gotenberg/gotenberg) is a [Docker-powered stateless API](https://hub.docker.com/r/gotenberg/gotenberg/) for converting & merging HTML, Markdown and Office documents to PDF. The client supports a configurable [Polly](http://www.thepollyproject.org/) **retry policy** with exponential backoff for handling transient exceptions.
 
 # Getting Started
+
+## Using Docker Run
 *Pull the image from dockerhub.com*
 ```powershell
 > docker pull gotenberg/gotenberg:latest
@@ -18,6 +20,17 @@
 docker run --name gotenbee8x --rm -p 3000:3000 gotenberg/gotenberg:latest gotenberg --api-timeout=1800s --log-level=debug
 ```
 
+## Using Docker Compose (with Basic Auth)
+For local development with basic authentication enabled, use the provided docker-compose file:
+
+```powershell
+docker-compose -f docker/docker-compose-basic-auth.yml up -d
+```
+
+Pre-configured with test credentials:
+- **Username:** `testuser`
+- **Password:** `testpass`
+
 # .NET Core Project Setup
 *Install nuget package into your project*
 ```powershell
@@ -40,6 +53,24 @@ PM> Install-Package Gotenberg.Sharp.Api.Client
   }
 ```
 
+### Optional: Basic Authentication
+**Gotenberg v8+** - If your Gotenberg instance is configured with basic authentication (using `--api-enable-basic-auth`), you can provide credentials in the settings:
+
+```json
+  "GotenbergSharpClient": {
+    "ServiceUrl": "http://localhost:3000",
+    "HealthCheckUrl": "http://localhost:3000/health",
+    "BasicAuthUsername": "your-username",
+    "BasicAuthPassword": "your-password",
+    "RetryPolicy": {
+      "Enabled": true,
+      "RetryCount": 4,
+      "BackoffPower": 1.5,
+      "LoggingEnabled": true
+    }
+  }
+```
+
 ## Configure Services In Startup.cs
 ```csharp
 public void ConfigureServices(IServiceCollection services)
diff --git a/docker/docker-compose-basic-auth.yml b/docker/docker-compose-basic-auth.yml
@@ -0,0 +1,16 @@
+version: '3.8'
+
+services:
+  gotenberg:
+    image: gotenberg/gotenberg:8
+    ports:
+      - "3000:3000"
+    environment:
+      - GOTENBERG_API_BASIC_AUTH_USERNAME=testuser
+      - GOTENBERG_API_BASIC_AUTH_PASSWORD=testpass
+    command:
+      - "gotenberg"
+      - "--api-enable-basic-auth"
+      - "--api-timeout=1800s"
+      - "--log-level=debug"
+    restart: unless-stopped
diff --git a/lib/Domain/Settings/GotenbergSharpClientOptions.cs b/lib/Domain/Settings/GotenbergSharpClientOptions.cs
@@ -28,4 +28,18 @@ public class GotenbergSharpClientOptions
     public Uri HealthCheckUrl { get; set; } = new Uri("http://localhost:3000/health");
 
     public RetryOptions RetryPolicy { get; set; } = new RetryOptions();
+
+    /// <summary>
+    /// Optional username for HTTP Basic Authentication.
+    /// When set along with <see cref="BasicAuthPassword"/>, the client will include
+    /// an Authorization header with basic auth credentials in all requests.
+    /// </summary>
+    public string? BasicAuthUsername { get; set; }
+
+    /// <summary>
+    /// Optional password for HTTP Basic Authentication.
+    /// When set along with <see cref="BasicAuthUsername"/>, the client will include
+    /// an Authorization header with basic auth credentials in all requests.
+    /// </summary>
+    public string? BasicAuthPassword { get; set; }
 }
diff --git a/lib/Extensions/TypedClientServiceCollectionExtensions.cs b/lib/Extensions/TypedClientServiceCollectionExtensions.cs
@@ -38,6 +38,16 @@ public static IHttpClientBuilder AddGotenbergSharpClient(
                 var ops = GetOptions(sp);
                 client.Timeout = ops.TimeOut;
                 client.BaseAddress = ops.ServiceUrl;
+
+                // Add basic auth header if credentials are provided
+                if (!string.IsNullOrWhiteSpace(ops.BasicAuthUsername) &&
+                    !string.IsNullOrWhiteSpace(ops.BasicAuthPassword))
+                {
+                    var credentials = Convert.ToBase64String(
+                        System.Text.Encoding.ASCII.GetBytes($"{ops.BasicAuthUsername}:{ops.BasicAuthPassword}"));
+                    client.DefaultRequestHeaders.Authorization =
+                        new System.Net.Http.Headers.AuthenticationHeaderValue("Basic", credentials);
+                }
             });
     }
 
diff --git a/test/GotenbergSharpClient.Tests/BasicAuthTests.cs b/test/GotenbergSharpClient.Tests/BasicAuthTests.cs
@@ -0,0 +1,130 @@
+using AwesomeAssertions;
+using Gotenberg.Sharp.API.Client.Domain.Builders;
+using Gotenberg.Sharp.API.Client.Domain.Settings;
+using Gotenberg.Sharp.API.Client.Extensions;
+using Microsoft.Extensions.DependencyInjection;
+using Microsoft.Extensions.Options;
+using NUnit.Framework;
+
+namespace GotenbergSharpClient.Tests;
+
+[TestFixture]
+public class BasicAuthTests
+{
+    private const string GotenbergUrl = "http://localhost:3000";
+    private const string TestUsername = "testuser";
+    private const string TestPassword = "testpass";
+
+    [Test]
+    public async Task Client_WithBasicAuth_ShouldIncludeAuthorizationHeader()
+    {
+        // Arrange
+        var services = new ServiceCollection();
+
+        services.AddOptions<GotenbergSharpClientOptions>()
+            .Configure(options =>
+            {
+                options.ServiceUrl = new Uri(GotenbergUrl);
+                options.BasicAuthUsername = TestUsername;
+                options.BasicAuthPassword = TestPassword;
+            });
+
+        services.AddGotenbergSharpClient();
+
+        var serviceProvider = services.BuildServiceProvider();
+        var client = serviceProvider.GetRequiredService<Gotenberg.Sharp.API.Client.GotenbergSharpClient>();
+
+        // Act - Create a simple HTML to PDF request
+        var builder = new HtmlRequestBuilder()
+            .AddDocument(doc => doc.SetBody("<html><body><h1>Basic Auth Test</h1></body></html>"));
+
+        // Assert - This will fail if auth is not properly configured or Gotenberg rejects the request
+        var result = await client.HtmlToPdfAsync(builder);
+
+        result.Should().NotBeNull("Basic auth should be properly configured and accepted by Gotenberg");
+        result.Length.Should().BeGreaterThan(0);
+    }
+
+    [Test]
+    public async Task Client_WithoutBasicAuth_ShouldFailWhenGotenbergRequiresAuth()
+    {
+        // Arrange
+        var services = new ServiceCollection();
+
+        services.AddOptions<GotenbergSharpClientOptions>()
+            .Configure(options =>
+            {
+                options.ServiceUrl = new Uri(GotenbergUrl);
+                // Deliberately not setting BasicAuthUsername or BasicAuthPassword
+            });
+
+        services.AddGotenbergSharpClient();
+
+        var serviceProvider = services.BuildServiceProvider();
+        var client = serviceProvider.GetRequiredService<Gotenberg.Sharp.API.Client.GotenbergSharpClient>();
+
+        // Act
+        var builder = new HtmlRequestBuilder()
+            .AddDocument(doc => doc.SetBody("<html><body><h1>No Auth Test</h1></body></html>"));
+
+        // Assert - Should fail with 401 Unauthorized when Gotenberg requires auth
+        var act = () => client.HtmlToPdfAsync(builder);
+
+        await act.Should().ThrowAsync<Exception>("Gotenberg should reject requests without proper authentication");
+    }
+
+    [Test]
+    public async Task Client_WithInvalidCredentials_ShouldFailWithUnauthorized()
+    {
+        // Arrange
+        var services = new ServiceCollection();
+
+        services.AddOptions<GotenbergSharpClientOptions>()
+            .Configure(options =>
+            {
+                options.ServiceUrl = new Uri(GotenbergUrl);
+                options.BasicAuthUsername = "wronguser";
+                options.BasicAuthPassword = "wrongpassword";
+            });
+
+        services.AddGotenbergSharpClient();
+
+        var serviceProvider = services.BuildServiceProvider();
+        var client = serviceProvider.GetRequiredService<Gotenberg.Sharp.API.Client.GotenbergSharpClient>();
+
+        // Act
+        var builder = new HtmlRequestBuilder()
+            .AddDocument(doc => doc.SetBody("<html><body><h1>Invalid Auth Test</h1></body></html>"));
+
+        // Assert - Should fail with 401 Unauthorized
+        var act = () => client.HtmlToPdfAsync(builder);
+
+        await act.Should().ThrowAsync<Exception>("Invalid credentials should be rejected");
+    }
+
+    [Test]
+    public void GotenbergSharpClientOptions_BasicAuthProperties_ShouldBeNullableAndOptional()
+    {
+        // Arrange & Act
+        var options = new GotenbergSharpClientOptions();
+
+        // Assert
+        options.BasicAuthUsername.Should().BeNull("BasicAuthUsername should be nullable and default to null");
+        options.BasicAuthPassword.Should().BeNull("BasicAuthPassword should be nullable and default to null");
+    }
+
+    [Test]
+    public void GotenbergSharpClientOptions_WithBasicAuthSet_ShouldRetainValues()
+    {
+        // Arrange
+        var options = new GotenbergSharpClientOptions
+        {
+            BasicAuthUsername = TestUsername,
+            BasicAuthPassword = TestPassword
+        };
+
+        // Assert
+        options.BasicAuthUsername.Should().Be(TestUsername);
+        options.BasicAuthPassword.Should().Be(TestPassword);
+    }
+}
diff --git a/test/GotenbergSharpClient.Tests/GlobalUsings.cs b/test/GotenbergSharpClient.Tests/GlobalUsings.cs
@@ -0,0 +1,9 @@
+﻿// Global using directives
+
+global using System.Diagnostics;
+
+global using AwesomeAssertions;
+
+global using Microsoft.Extensions.Configuration;
+
+global using NUnit.Framework;
diff --git a/test/GotenbergSharpClient.Tests/GotenbergSharpClient.Tests.csproj b/test/GotenbergSharpClient.Tests/GotenbergSharpClient.Tests.csproj
@@ -0,0 +1,23 @@
+﻿<Project Sdk="Microsoft.NET.Sdk">
+
+	<PropertyGroup>
+		<TargetFramework>net8.0</TargetFramework>
+		<LangVersion>latest</LangVersion>
+		<Nullable>enable</Nullable>
+		<ImplicitUsings>enable</ImplicitUsings>
+	</PropertyGroup>
+
+	<ItemGroup>
+		<PackageReference Include="AwesomeAssertions" Version="9.2.0" />
+		<PackageReference Include="Microsoft.Extensions.Configuration" Version="9.0.9" />
+		<PackageReference Include="Microsoft.Extensions.Configuration.Json" Version="9.0.9" />
+		<PackageReference Include="Microsoft.NET.Test.Sdk" Version="18.0.0" />
+		<PackageReference Include="NUnit" Version="4.4.0" />
+		<PackageReference Include="NUnit3TestAdapter" Version="5.1.0" />
+	</ItemGroup>
+
+	<ItemGroup>
+	  <ProjectReference Include="..\..\lib\Gotenberg.Sharp.Api.Client.csproj" />
+	</ItemGroup>
+
+</Project>
