feat(EnvelopeSmsHandler): Methode VerifyTotp hinzugefügt, um Totp mit TotpVerificationWindow von TotpSmsParams zu verifizieren.

EnvelopeGenerator.Application/Configurations/TotpSmsParams.cs

@@ -1,4 +1,5 @@
-using System.Globalization;
+using OtpNet;
+using System.Globalization;
 
 namespace EnvelopeGenerator.Application.Configurations
 {
@@ -13,6 +14,21 @@ namespace EnvelopeGenerator.Application.Configurations
         
         public ExpirationHandler Expiration { get; init; } = new();
 
+        public VerificationWindow? TotpVerificationWindow { get; private init; } = VerificationWindow.RfcSpecifiedNetworkDelay;
+
+        private IEnumerable<int>? _tvwParams;
+
+        public IEnumerable<int>? TotpVerificationWindowParams
+        {
+            get => _tvwParams;
+            init
+            {
+                _tvwParams = value;
+                if(_tvwParams is not null)
+                    TotpVerificationWindow = new(previous: _tvwParams.ElementAtOrDefault(0), future: _tvwParams.ElementAtOrDefault(0));
+            }
+        }
+
         public class ExpirationHandler
         {
             public string CacheKeyFormat { get; init; } = "e{0}_r{1}_sms_code_expiration";

EnvelopeGenerator.Application/Contracts/IEnvelopeSmsHandler.cs

@@ -12,4 +12,6 @@ public interface IEnvelopeSmsHandler
     /// <param name="cToken"></param>
     /// <returns></returns>
     Task<(SmsResponse? SmsResponse, DateTime Expiration)> SendTotpAsync(EnvelopeReceiverSecretDto er_secret, CancellationToken cToken = default);
+
+    bool VerifyTotp(string totpCode, string secretKey);
 }

EnvelopeGenerator.Application/Services/EnvelopeSmsHandler.cs

@@ -47,4 +47,7 @@ public class EnvelopeSmsHandler : IEnvelopeSmsHandler
             return (await _sender.SendSmsAsync(er_secret.PhoneNumber!, msg), new_expiration);
         }
     }
+
+    public bool VerifyTotp(string totpCode, string secretKey) => _codeGenerator
+        .VerifyTotp(totpCode, secretKey, _totpSmsParams.TotpStep, _totpSmsParams.TotpVerificationWindow);
 }

EnvelopeGenerator.Web/Controllers/HomeController.cs

@@ -20,10 +20,6 @@ using Newtonsoft.Json;
 using EnvelopeGenerator.Application.DTOs;
 using DigitalData.Core.Client;
 using EnvelopeGenerator.Application.Extensions;
-using Microsoft.Extensions.Caching.Distributed;
-using Microsoft.Extensions.Options;
-using EnvelopeGenerator.Application.Configurations;
-using EnvelopeGenerator.Application.DTOs.Messaging;
 
 namespace EnvelopeGenerator.Web.Controllers
 {
@@ -39,14 +35,11 @@ namespace EnvelopeGenerator.Web.Controllers
         private readonly Cultures _cultures;
         private readonly IEnvelopeMailService _mailService;
         private readonly IEnvelopeReceiverReadOnlyService _readOnlyService;
-        private readonly ISmsSender _msgService;
         private readonly ICodeGenerator _codeGenerator;
         private readonly IReceiverService _rcvService;
-        private readonly IDistributedCache _dCache;
-        private readonly TotpSmsParams _totpSmsParams;
         private readonly IEnvelopeSmsHandler _envSmsHandler;
 
-        public HomeController(EnvelopeOldService envelopeOldService, ILogger<HomeController> logger, IEnvelopeReceiverService envelopeReceiverService, IEnvelopeHistoryService historyService, IStringLocalizer<Resource> localizer, IConfiguration configuration, HtmlSanitizer sanitizer, Cultures cultures, IEnvelopeMailService envelopeMailService, IEnvelopeReceiverReadOnlyService readOnlyService, ISmsSender messagingService, ICodeGenerator codeGenerator, IReceiverService receiverService, IDistributedCache distributedCache, IOptions<TotpSmsParams> totpSmsParamsOptions, IEnvelopeSmsHandler envelopeSmsService)
+        public HomeController(EnvelopeOldService envelopeOldService, ILogger<HomeController> logger, IEnvelopeReceiverService envelopeReceiverService, IEnvelopeHistoryService historyService, IStringLocalizer<Resource> localizer, IConfiguration configuration, HtmlSanitizer sanitizer, Cultures cultures, IEnvelopeMailService envelopeMailService, IEnvelopeReceiverReadOnlyService readOnlyService, ICodeGenerator codeGenerator, IReceiverService receiverService, IEnvelopeSmsHandler envelopeSmsService)
         {
             this.envelopeOldService = envelopeOldService;
             _envRcvService = envelopeReceiverService;
@@ -58,11 +51,8 @@ namespace EnvelopeGenerator.Web.Controllers
             _mailService = envelopeMailService;
             _logger = logger;
             _readOnlyService = readOnlyService;
-            _msgService = messagingService;
             _codeGenerator = codeGenerator;
             _rcvService = receiverService;
-            _dCache = distributedCache;
-            _totpSmsParams = totpSmsParamsOptions.Value;
             _envSmsHandler = envelopeSmsService;
         }
 
@@ -231,7 +221,7 @@ namespace EnvelopeGenerator.Web.Controllers
             if (er_secret.Receiver!.TotpSecretkey is null)
                 throw new InvalidOperationException($"TotpSecretkey of DTO cannot validate without TotpSecretkey. Dto: {JsonConvert.SerializeObject(er_secret)}");
             
-            if (_codeGenerator.VerifyTotp(auth.SmsCode!, er_secret.Receiver.TotpSecretkey, step: _totpSmsParams.TotpStep))
+            if (_envSmsHandler.VerifyTotp(auth.SmsCode!, er_secret.Receiver.TotpSecretkey))
             {
                 Response.StatusCode = StatusCodes.Status401Unauthorized;
                 ViewData["ErrorMessage"] = _localizer[WebKey.WrongAccessCode].Value;