Merge pull request #2412 from reecebrowne/feature/1856/decrypt

Feature/1856/decrypt
Stirling-Tools · Dec 11, 2024 · 93e190f · 93e190f
2 parents 0f6f3f3 + 82bebf5
commit 93e190f
Show file tree

Hide file tree

Showing 33 changed files with 1,408 additions and 1,067 deletions.
diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml
@@ -1,5 +1,5 @@
 blank_issues_enabled: true
 contact_links:
   - name: 💬 Discord Server
-    url: https://discord.gg/Cn8pWhQRxZ
+    url: https://discord.gg/HYmhKj45pU
     about: You can join our Discord server for real time discussion and support
diff --git a/README.md b/README.md
@@ -2,7 +2,7 @@
 <h1 align="center">Stirling-PDF</h1>
 
 [![Docker Pulls](https://img.shields.io/docker/pulls/frooodle/s-pdf)](https://hub.docker.com/r/frooodle/s-pdf)
-[![Discord](https://img.shields.io/discord/1068636748814483718?label=Discord)](https://discord.gg/Cn8pWhQRxZ)
+[![Discord](https://img.shields.io/discord/1068636748814483718?label=Discord)](https://discord.gg/HYmhKj45pU)
 [![Docker Image Version (tag latest semver)](https://img.shields.io/docker/v/frooodle/s-pdf/latest)](https://github.com/Stirling-Tools/Stirling-PDF/)
 [![GitHub Repo stars](https://img.shields.io/github/stars/stirling-tools/stirling-pdf?style=social)](https://github.com/Stirling-Tools/stirling-pdf)
 

diff --git a/src/main/java/stirling/software/SPDF/controller/api/security/PasswordController.java b/src/main/java/stirling/software/SPDF/controller/api/security/PasswordController.java
@@ -39,10 +39,7 @@ public PasswordController(CustomPDDocumentFactory pdfDocumentFactory) {
     }
 
     @PostMapping(consumes = "multipart/form-data", value = "/remove-password")
-    @Operation(
-            summary = "Remove password from a PDF file",
-            description =
-                    "This endpoint removes the password from a protected PDF file. Users need to provide the existing password. Input:PDF Output:PDF Type:SISO")
+    @Operation(summary = "Remove password from a PDF file", description = "This endpoint removes the password from a protected PDF file. Users need to provide the existing password. Input:PDF Output:PDF Type:SISO")
     public ResponseEntity<byte[]> removePassword(@ModelAttribute PDFPasswordRequest request)
             throws IOException {
         MultipartFile fileInput = request.getFileInput();
@@ -52,15 +49,12 @@ public ResponseEntity<byte[]> removePassword(@ModelAttribute PDFPasswordRequest
         return WebResponseUtils.pdfDocToWebResponse(
                 document,
                 Filenames.toSimpleFileName(fileInput.getOriginalFilename())
-                                .replaceFirst("[.][^.]+$", "")
+                        .replaceFirst("[.][^.]+$", "")
                         + "_password_removed.pdf");
     }
 
     @PostMapping(consumes = "multipart/form-data", value = "/add-password")
-    @Operation(
-            summary = "Add password to a PDF file",
-            description =
-                    "This endpoint adds password protection to a PDF file. Users can specify a set of permissions that should be applied to the file. Input:PDF Output:PDF")
+    @Operation(summary = "Add password to a PDF file", description = "This endpoint adds password protection to a PDF file. Users can specify a set of permissions that should be applied to the file. Input:PDF Output:PDF")
     public ResponseEntity<byte[]> addPassword(@ModelAttribute AddPasswordRequest request)
             throws IOException {
         MultipartFile fileInput = request.getFileInput();
@@ -98,12 +92,12 @@ public ResponseEntity<byte[]> addPassword(@ModelAttribute AddPasswordRequest req
             return WebResponseUtils.pdfDocToWebResponse(
                     document,
                     Filenames.toSimpleFileName(fileInput.getOriginalFilename())
-                                    .replaceFirst("[.][^.]+$", "")
+                            .replaceFirst("[.][^.]+$", "")
                             + "_permissions.pdf");
         return WebResponseUtils.pdfDocToWebResponse(
                 document,
                 Filenames.toSimpleFileName(fileInput.getOriginalFilename())
-                                .replaceFirst("[.][^.]+$", "")
+                        .replaceFirst("[.][^.]+$", "")
                         + "_passworded.pdf");
     }
 }
diff --git a/src/main/resources/messages_en_GB.properties b/src/main/resources/messages_en_GB.properties
@@ -965,6 +965,16 @@ multiTool.dragDropMessage=Page(s) Selected
 multiTool.undo=Undo
 multiTool.redo=Redo
 
+#decrypt
+decrypt.passwordPrompt=This file is password-protected. Please enter the password:
+decrypt.cancelled=Operation cancelled for PDF: {0}
+decrypt.noPassword=No password provided for encrypted PDF: {0}
+decrypt.invalidPassword=Please try again with the correct password.
+decrypt.invalidPasswordHeader=Incorrect password or unsupported encryption for PDF: {0}
+decrypt.unexpectedError=There was an error processing the file. Please try again.
+decrypt.serverError=Server error while decrypting: {0}
+decrypt.success=File decrypted successfully.
+
 #multiTool-advert
 multiTool-advert.message=This feature is also available in our <a href="{0}">multi-tool page</a>. Check it out for enhanced page-by-page UI and additional features!
 

diff --git a/src/main/resources/static/js/DecryptFiles.js b/src/main/resources/static/js/DecryptFiles.js
@@ -0,0 +1,116 @@
+export class DecryptFile {
+  async decryptFile(file, requiresPassword) {
+    try {
+      const formData = new FormData();
+      formData.append('fileInput', file);
+      if (requiresPassword) {
+        const password = prompt(`${window.decrypt.passwordPrompt}`);
+
+        if (password === null) {
+          // User cancelled
+          console.error(`Password prompt cancelled for PDF: ${file.name}`);
+          return null; // No file to return
+        }
+
+        if (!password) {
+          // No password provided
+          console.error(`No password provided for encrypted PDF: ${file.name}`);
+          this.showErrorBanner(
+            `${window.decrypt.noPassword.replace('{0}', file.name)}`,
+            '',
+            `${window.decrypt.unexpectedError}`
+          );
+          return null; // No file to return
+        }
+
+        formData.append('password', password);
+      }
+      // Send decryption request
+      const response = await fetch('/api/v1/security/remove-password', {
+        method: 'POST',
+        body: formData,
+      });
+
+      if (response.ok) {
+        const decryptedBlob = await response.blob();
+        this.removeErrorBanner();
+        return new File([decryptedBlob], file.name, {type: 'application/pdf'});
+      } else {
+        const errorText = await response.text();
+        console.error(`${window.decrypt.invalidPassword} ${errorText}`);
+        this.showErrorBanner(
+          `${window.decrypt.invalidPassword}`,
+          errorText,
+          `${window.decrypt.invalidPasswordHeader.replace('{0}', file.name)}`
+        );
+        return null; // No file to return
+      }
+    } catch (error) {
+      // Handle network or unexpected errors
+      console.error(`Failed to decrypt PDF: ${file.name}`, error);
+      this.showErrorBanner(
+        `${window.decrypt.unexpectedError.replace('{0}', file.name)}`,
+        `${error.message || window.decrypt.unexpectedError}`,
+        error
+      );
+      return null; // No file to return
+    }
+  }
+
+  async checkFileEncrypted(file) {
+    try {
+      if (file.type !== 'application/pdf') {
+        return {isEncrypted: false, requiresPassword: false};
+      }
+
+      pdfjsLib.GlobalWorkerOptions.workerSrc = './pdfjs-legacy/pdf.worker.mjs';
+      const arrayBuffer = await file.arrayBuffer();
+      const arrayBufferForPdfLib = arrayBuffer.slice(0);
+
+      const loadingTask = pdfjsLib.getDocument({
+        data: arrayBuffer,
+      });
+
+      await loadingTask.promise;
+
+      try {
+        //Uses PDFLib.PDFDocument to check if unpassworded but encrypted
+        const pdfDoc = await PDFLib.PDFDocument.load(arrayBufferForPdfLib);
+        return {isEncrypted: false, requiresPassword: false};
+      } catch (error) {
+        if (error.message.includes('Input document to `PDFDocument.load` is encrypted')) {
+          return {isEncrypted: true, requiresPassword: false};
+        }
+        console.error('Error checking encryption:', error);
+        throw new Error('Failed to determine if the file is encrypted.');
+      }
+    } catch (error) {
+      if (error.name === 'PasswordException') {
+        if (error.code === pdfjsLib.PasswordResponses.NEED_PASSWORD) {
+          return {isEncrypted: true, requiresPassword: true};
+        } else if (error.code === pdfjsLib.PasswordResponses.INCORRECT_PASSWORD) {
+          return {isEncrypted: true, requiresPassword: false};
+        }
+      }
+
+      console.error('Error checking encryption:', error);
+      throw new Error('Failed to determine if the file is encrypted.');
+    }
+  }
+
+  showErrorBanner(message, stackTrace, error) {
+    const errorContainer = document.getElementById('errorContainer');
+    errorContainer.style.display = 'block'; // Display the banner
+    errorContainer.querySelector('.alert-heading').textContent = error;
+    errorContainer.querySelector('p').textContent = message;
+    document.querySelector('#traceContent').textContent = stackTrace;
+  }
+
+  removeErrorBanner() {
+    const errorContainer = document.getElementById('errorContainer');
+    errorContainer.style.display = 'none'; // Hide the banner
+    errorContainer.querySelector('.alert-heading').textContent = '';
+    errorContainer.querySelector('p').textContent = '';
+    document.querySelector('#traceContent').textContent = '';
+  }
+}
diff --git a/src/main/resources/static/js/download.js b/src/main/resources/static/js/download.js
@@ -0,0 +1,27 @@
+document.getElementById('download-pdf').addEventListener('click', async () => {
+  const modifiedPdf = await DraggableUtils.getOverlayedPdfDocument();
+  let decryptedFile = modifiedPdf;
+  let isEncrypted = false;
+  let requiresPassword = false;
+  await this.decryptFile
+    .checkFileEncrypted(decryptedFile)
+    .then((result) => {
+      isEncrypted = result.isEncrypted;
+      requiresPassword = result.requiresPassword;
+    })
+    .catch((error) => {
+      console.error(error);
+    });
+  if (decryptedFile.type === 'application/pdf' && isEncrypted) {
+    decryptedFile = await this.decryptFile.decryptFile(decryptedFile, requiresPassword);
+    if (!decryptedFile) {
+      throw new Error('File decryption failed.');
+    }
+  }
+  const modifiedPdfBytes = await modifiedPdf.save();
+  const blob = new Blob([modifiedPdfBytes], {type: 'application/pdf'});
+  const link = document.createElement('a');
+  link.href = URL.createObjectURL(blob);
+  link.download = originalFileName + '_signed.pdf';
+  link.click();
+});
diff --git a/src/main/resources/static/js/downloader.js b/src/main/resources/static/js/downloader.js
@@ -42,7 +42,7 @@
       event.preventDefault();
       firstErrorOccurred = false;
       const url = this.action;
-      const files = $('#fileInput-input')[0].files;
+      let files = $('#fileInput-input')[0].files;
       const formData = new FormData(this);
       const submitButton = document.getElementById('submitBtn');
       const showGameBtn = document.getElementById('show-game-btn');
@@ -71,6 +71,16 @@
       }, 5000);
 
       try {
+        if (!url.includes('remove-password')) {
+          // Check if any PDF files are encrypted and handle decryption if necessary
+          const decryptedFiles = await checkAndDecryptFiles(url, files);
+          files = decryptedFiles;
+          // Append decrypted files to formData
+          decryptedFiles.forEach((file, index) => {
+            formData.set(`fileInput`, file);
+          });
+        }
+
         submitButton.textContent = 'Processing...';
         submitButton.disabled = true;
 
@@ -133,6 +143,98 @@
     }
   }
 
+  async function checkAndDecryptFiles(url, files) {
+    const decryptedFiles = [];
+    pdfjsLib.GlobalWorkerOptions.workerSrc = './pdfjs-legacy/pdf.worker.mjs';
+
+    // Extract the base URL
+    const baseUrl = new URL(url);
+    let removePasswordUrl = `${baseUrl.origin}`;
+
+    // Check if there's a path before /api/
+    const apiIndex = baseUrl.pathname.indexOf('/api/');
+    if (apiIndex > 0) {
+      removePasswordUrl += baseUrl.pathname.substring(0, apiIndex);
+    }
+
+    // Append the new endpoint
+    removePasswordUrl += '/api/v1/security/remove-password';
+
+    console.log(`Remove password URL: ${removePasswordUrl}`);
+
+    for (const file of files) {
+      console.log(`Processing file: ${file.name}`);
+      if (file.type !== 'application/pdf') {
+        console.log(`Skipping non-PDF file: ${file.name}`);
+        decryptedFiles.push(file);
+        continue;
+      }
+      try {
+        const arrayBuffer = await file.arrayBuffer();
+        const loadingTask = pdfjsLib.getDocument({data: arrayBuffer});
+
+        console.log(`Attempting to load PDF: ${file.name}`);
+        const pdf = await loadingTask.promise;
+        console.log(`File is not encrypted: ${file.name}`);
+        decryptedFiles.push(file); // If no error, file is not encrypted
+      } catch (error) {
+        if (error.name === 'PasswordException' && error.code === 1) {
+          console.log(`PDF requires password: ${file.name}`, error);
+          console.log(`Attempting to remove password from PDF: ${file.name} with password.`);
+          const password = prompt(`${window.translations.decrypt.passwordPrompt}`);
+
+          if (!password) {
+            console.error(`No password provided for encrypted PDF: ${file.name}`);
+            showErrorBanner(
+              `${window.translations.decrypt.noPassword.replace('{0}', file.name)}`,
+              `${window.translations.decrypt.unexpectedError}`
+            );
+            throw error;
+          }
+
+          try {
+            // Prepare FormData for the decryption request
+            const formData = new FormData();
+            formData.append('fileInput', file);
+            formData.append('password', password);
+
+            // Use handleSingleDownload to send the request
+            const decryptionResult = await fetch(removePasswordUrl, {method: 'POST', body: formData});
+
+            if (decryptionResult && decryptionResult.blob) {
+              const decryptedBlob = await decryptionResult.blob();
+              const decryptedFile = new File([decryptedBlob], file.name, {type: 'application/pdf'});
+
+              /*    // Create a link element to download the file
+            const link = document.createElement('a');
+            link.href = URL.createObjectURL(decryptedBlob);
+            link.download = 'test.pdf';
+            document.body.appendChild(link);
+            link.click();
+            document.body.removeChild(link);
+*/
+              decryptedFiles.push(decryptedFile);
+              console.log(`Successfully decrypted PDF: ${file.name}`);
+            } else {
+              throw new Error('Decryption failed: No valid response from server');
+            }
+          } catch (decryptError) {
+            console.error(`Failed to decrypt PDF: ${file.name}`, decryptError);
+            showErrorBanner(
+              `${window.translations.invalidPasswordHeader.replace('{0}', file.name)}`,
+              `${window.translations.invalidPassword}`
+            );
+            throw decryptError;
+          }
+        } else {
+          console.log(`Error loading PDF: ${file.name}`, error);
+          throw error;
+        }
+      }
+    }
+    return decryptedFiles;
+  }
+
   async function handleSingleDownload(url, formData, isMulti = false, isZip = false) {
     const startTime = performance.now();
     const file = formData.get('fileInput');