fix(_Layout): sanitzer entfernt, um Json-Deserilisationsfehler zu vermeiden.

- Gebunden mit Modell.

EnvelopeGenerator.Application/Configurations/AuthenticatorParams.cs

@@ -1,6 +1,6 @@
 namespace EnvelopeGenerator.Application.Configurations
 {
-    public class CodeGeneratorParams
+    public class AuthenticatorParams
     {
         public string CharPool { get; init; } = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz01234567890123456789012345678901234567890123456789";
 

EnvelopeGenerator.Application/Configurations/DispatcherConfig.cs

@@ -1,13 +0,0 @@
-namespace EnvelopeGenerator.Application.Configurations
-{
-    public class DispatcherConfig
-    {
-        public int SendingProfile { get; init; } = 1;
-
-        public string AddedWho { get; init; } = "DDEnvelopGenerator";
-
-        public int ReminderTypeId { get; init; } = 202377;
-
-        public string EmailAttmt1 { get; init; } = string.Empty;
-    }
-}

EnvelopeGenerator.Application/Configurations/DispatcherParams.cs

@@ -0,0 +1,12 @@
+namespace EnvelopeGenerator.Application.Configurations;
+
+public class DispatcherParams
+{
+    public int SendingProfile { get; init; } = 1;
+
+    public string AddedWho { get; init; } = "DDEnvelopGenerator";
+
+    public int ReminderTypeId { get; init; } = 202377;
+
+    public string EmailAttmt1 { get; init; } = string.Empty;
+}

EnvelopeGenerator.Application/Configurations/EnvelopeReceiverCacheParams.cs

@@ -1,19 +0,0 @@
-namespace EnvelopeGenerator.Application.Configurations
-{
-    public class EnvelopeReceiverCacheParams
-    {
-        /// <summary>
-        /// Gets the cache key format for SMS codes.
-        /// The placeholder {0} represents the envelopeReceiverId.
-        /// </summary>
-        public string CodeCacheKeyFormat { get; init; } = "sms-code-{0}";
-
-        /// <summary>
-        /// Gets the cache expiration key format for SMS codes.
-        /// The placeholder {0} represents the envelopeReceiverId.
-        /// </summary>
-        public string CodeExpirationCacheKeyFormat { get; init; } = "sms-code-expiration-{0}";
-
-        public TimeSpan CodeCacheValidityPeriod { get; init; } = new(0, 5, 0);
-    }
-}

EnvelopeGenerator.Application/Configurations/GtxMessaging/SmsParams.cs

@@ -1,25 +0,0 @@
-using DigitalData.Core.Abstractions.Client;
-using Microsoft.Extensions.Caching.Distributed;
-
-namespace EnvelopeGenerator.Application.Configurations.GtxMessaging
-{
-    /// <summary>
-    /// https://www.gtx-messaging.com/en/api-docs/sms-rest-api/
-    /// </summary>
-    public class SmsParams : IHttpClientOptions
-    {
-        public required string Uri { get; init; }
-
-        public string? Path { get; init; }
-
-        public Dictionary<string, object>? Headers { get; init; }
-
-        public Dictionary<string, object?>? QueryParams { get; init; }
-
-        public string RecipientQueryParamName { get; init; } = "to";
-
-        public string MessageQueryParamName { get; init; } = "text";
-
-        public int CodeLength { get; init; } = 5;
-    }
-}

EnvelopeGenerator.Application/Configurations/GtxMessagingParams.cs

@@ -0,0 +1,20 @@
+using DigitalData.Core.Abstractions.Client;
+namespace EnvelopeGenerator.Application.Configurations;
+
+/// <summary>
+/// https://www.gtx-messaging.com/en/api-docs/sms-rest-api/
+/// </summary>
+public class GtxMessagingParams : IHttpClientOptions
+{
+    public required string Uri { get; init; }
+
+    public string? Path { get; init; }
+
+    public Dictionary<string, object>? Headers { get; init; }
+
+    public Dictionary<string, object?>? QueryParams { get; init; }
+
+    public string RecipientQueryParamName { get; init; } = "to";
+
+    public string MessageQueryParamName { get; init; } = "text";
+}

EnvelopeGenerator.Application/Configurations/MailConfig.cs

@@ -1,7 +0,0 @@
-namespace EnvelopeGenerator.Application.Configurations
-{
-    public class MailConfig
-    {
-        public required Dictionary<string, string> Placeholders { get; init; }
-    }
-}

EnvelopeGenerator.Application/Configurations/MailParams.cs

@@ -0,0 +1,6 @@
+namespace EnvelopeGenerator.Application.Configurations;
+
+public class MailParams
+{
+    public required Dictionary<string, string> Placeholders { get; init; }
+}

EnvelopeGenerator.Application/Configurations/TotpSmsParams.cs

@@ -0,0 +1,49 @@
+using OtpNet;
+using System.Globalization;
+
+namespace EnvelopeGenerator.Application.Configurations
+{
+    public class TotpSmsParams
+    {
+        /// <summary>
+        /// The unit is second.
+        /// </summary>
+        public int TotpStep { get; init; } = 90;
+
+        public string Format { get; init; } = "Ihr 2FA-Passwort lautet {0}. Gültig bis {1}";
+        
+        public ExpirationHandler Expiration { get; init; } = new();
+
+        public VerificationWindow? TotpVerificationWindow { get; private init; } = VerificationWindow.RfcSpecifiedNetworkDelay;
+
+        private IEnumerable<int>? _tvwParams;
+
+        public IEnumerable<int>? TotpVerificationWindowParams
+        {
+            get => _tvwParams;
+            init
+            {
+                _tvwParams = value;
+                if(_tvwParams is not null)
+                    TotpVerificationWindow = new(previous: _tvwParams.ElementAtOrDefault(0), future: _tvwParams.ElementAtOrDefault(0));
+            }
+        }
+
+        public class ExpirationHandler
+        {
+            public string CacheKeyFormat { get; init; } = "e{0}_r{1}_sms_code_expiration";
+
+            public string Format { get; init; } = "HH:mm:ss";
+
+            public string CultureName
+            {
+                get => _cultureInfo.Name;
+                init => _cultureInfo = new(value);
+            }
+
+            private CultureInfo _cultureInfo = new("de-DE");
+
+            public CultureInfo CultureInfo => _cultureInfo;
+        }
+    }
+}

EnvelopeGenerator.Application/Contracts/IAuthenticator.cs

@@ -0,0 +1,19 @@
+using OtpNet;
+
+namespace EnvelopeGenerator.Application.Contracts
+{
+    public interface IAuthenticator
+    {
+        string GenerateCode(int length);
+
+        string GenerateTotpSecretKey(int? length = null);
+
+        byte[] GenerateTotpQrCode(string userEmail, string secretKey, string? issuer = null, string? totpUrlFormat = null, int? pixelsPerModule = null);
+
+        byte[] GenerateTotpQrCode(string userEmail, int? length = null, string? issuer = null, string? totpUrlFormat = null, int? pixelsPerModule = null);
+
+        string GenerateTotp(string secretKey, int step = 30);
+
+        bool VerifyTotp(string totpCode, string secretKey, int step = 30, VerificationWindow? window = null);
+    }
+}

EnvelopeGenerator.Application/Contracts/ICodeGenerator.cs

@@ -1,13 +0,0 @@
-namespace EnvelopeGenerator.Application.Contracts
-{
-    public interface ICodeGenerator
-    {
-        string GenerateCode(int length);
-
-        public string GenerateTotpSecretKey(int? length = null);
-
-        public byte[] GenerateTotpQrCode(string userEmail, string secretKey, string? issuer = null, string? totpUrlFormat = null, int? pixelsPerModule = null);
-
-        public byte[] GenerateTotpQrCode(string userEmail, int? length = null, string? issuer = null, string? totpUrlFormat = null, int? pixelsPerModule = null);
-    }
-}

EnvelopeGenerator.Application/Contracts/IEnvelopeReceiverCache.cs

@@ -1,17 +0,0 @@
-namespace EnvelopeGenerator.Application.Contracts
-{
-    public interface IEnvelopeReceiverCache
-    {
-        Task<string?> GetSmsCodeAsync(string envelopeReceiverId);
-
-        /// <summary>
-        /// Asynchronously stores an SMS verification code in the cache and returns the expiration date of the code.
-        /// </summary>
-        /// <param name="envelopeReceiverId">The unique identifier for the recipient of the envelope to associate with the SMS code.</param>
-        /// <param name="code">The SMS verification code to be stored.</param>
-        /// <returns>A task that represents the asynchronous operation. The task result contains the expiration date and time of the stored SMS code.</returns>
-        Task<DateTime> SetSmsCodeAsync(string envelopeReceiverId, string code);
-
-        Task<DateTime?> GetSmsCodeExpirationAsync(string envelopeReceiverId);
-    }
-}

EnvelopeGenerator.Application/Contracts/IEnvelopeSmsHandler.cs

@@ -0,0 +1,17 @@
+using EnvelopeGenerator.Application.DTOs.EnvelopeReceiver;
+using EnvelopeGenerator.Application.DTOs.Messaging;
+
+namespace EnvelopeGenerator.Application.Contracts;
+
+public interface IEnvelopeSmsHandler
+{
+    /// <summary>
+    /// If expiration is passed then, sends sms and returns smsResponse and up-to-date expiration; otherwise send expiration.
+    /// </summary>
+    /// <param name="er_secret"></param>
+    /// <param name="cToken"></param>
+    /// <returns></returns>
+    Task<(SmsResponse? SmsResponse, DateTime Expiration)> SendTotpAsync(EnvelopeReceiverSecretDto er_secret, CancellationToken cToken = default);
+
+    bool VerifyTotp(string totpCode, string secretKey);
+}

EnvelopeGenerator.Application/Contracts/IJWTService.cs

@@ -1,24 +0,0 @@
-using Microsoft.IdentityModel.Tokens;
-using System.IdentityModel.Tokens.Jwt;
-using System.Security.Claims;
-using System.Security.Cryptography;
-
-namespace EnvelopeGenerator.Application.Contracts
-{
-    public interface IJWTService<TClaimValue>
-    {
-        public static SymmetricSecurityKey GenerateSecurityKey(int byteSize = 32)
-        {
-            using var rng = RandomNumberGenerator.Create();
-            var randomBytes = new byte[byteSize];
-            rng.GetBytes(randomBytes);
-            var securityKey = new SymmetricSecurityKey(randomBytes);
-
-            return securityKey;
-        }
-
-        string GenerateToken(TClaimValue claimValue);
-
-        JwtSecurityToken? ReadSecurityToken(string token);
-    }
-}

EnvelopeGenerator.Application/Contracts/IMessagingService.cs

@@ -1,13 +0,0 @@
-using EnvelopeGenerator.Application.DTOs.Messaging;
-
-namespace EnvelopeGenerator.Application.Contracts
-{
-    public interface IMessagingService
-    {
-        string ServiceProvider { get; }
-
-        Task<SmsResponse> SendSmsAsync(string recipient, string message);
-
-        Task<SmsResponse> SendSmsCodeAsync(string recipient, string envelopeReceiverId);
-    }
-}

EnvelopeGenerator.Application/Contracts/ISmsSender.cs

@@ -0,0 +1,11 @@
+using EnvelopeGenerator.Application.DTOs.Messaging;
+
+namespace EnvelopeGenerator.Application.Contracts;
+
+//TODO: move to DigitalData.Core
+public interface ISmsSender
+{
+    string ServiceProvider { get; }
+
+    Task<SmsResponse> SendSmsAsync(string recipient, string message);
+}

EnvelopeGenerator.Application/DTOs/EnvelopeDto.cs

@@ -51,7 +51,9 @@ namespace EnvelopeGenerator.Application.DTOs
 
 		public int? ExpiresWarningWhenDays { get; set; }
 
-		public bool DmzMoved { get; set; }
+        public bool TFAEnabled { get; init; }
+
+        public bool DmzMoved { get; set; }
 		public UserReadDto? User { get; set; }
 		public EnvelopeType? EnvelopeType { get; set; }
 

EnvelopeGenerator.Application/DTOs/EnvelopeReceiver/EnvelopeReceiverBasicDto.cs

@@ -27,7 +27,5 @@ namespace EnvelopeGenerator.Application.DTOs.EnvelopeReceiver
         public DateTime? ChangedWhen { get; init; }
 
         public bool HasPhoneNumber { get; init; }
-
-        public bool TFAEnabled { get; init; }
     }
 }

EnvelopeGenerator.Application/DTOs/Messaging/GtxMessagingResponse.cs

@@ -1,4 +1,4 @@
-namespace EnvelopeGenerator.Domain.HttpResponse
+namespace EnvelopeGenerator.Application.DTOs.Messaging
 {
     public class GtxMessagingResponse : Dictionary<string, object?> { }
 }

EnvelopeGenerator.Application/DTOs/Messaging/SmsResponse.cs

@@ -4,15 +4,7 @@
     {
         public required bool Ok { get; init; }
 
-        public DateTime? Expiration { get; set; }
+        public bool Failed => !Ok;
-
-        public DateTime? AllowedAt { get; set; }
-
-        public TimeSpan AllowedAfter => Allowed ? TimeSpan.Zero : AllowedAt!.Value - DateTime.Now;
-
-        public bool Allowed => AllowedAt is null || DateTime.Now >= AllowedAt;
-
-        public bool Error => !Ok && Allowed;
 
         public dynamic? Errors { get; init; }
     }

EnvelopeGenerator.Application/DTOs/Receiver/ReceiverCreateDto.cs

@@ -4,7 +4,7 @@ using System.Text;
 
 namespace EnvelopeGenerator.Application.DTOs.Receiver
 {
-    public record ReceiverCreateDto([EmailAddress] string EmailAddress, string? TotpSecretkey = null, DateTime? TotpExpiration = null)
+    public record ReceiverCreateDto([EmailAddress] string EmailAddress, string? TotpSecretkey = null)
     {
         public string Signature => sha256HexOfMail.Value;
 

EnvelopeGenerator.Application/DTOs/Receiver/ReceiverReadDto.cs

@@ -4,23 +4,21 @@ using DigitalData.EmailProfilerDispatcher.Abstraction.Attributes;
 using EnvelopeGenerator.Application.DTOs.EnvelopeReceiver;
 using System.Text.Json.Serialization;
 
-namespace EnvelopeGenerator.Application.DTOs.Receiver
+namespace EnvelopeGenerator.Application.DTOs.Receiver;
+
+public record ReceiverReadDto(
+    int Id,
+    string EmailAddress,
+    string Signature,
+    DateTime AddedWhen
+    ) : BaseDTO<int>(Id), IUnique<int>
 {
-    public record ReceiverReadDto(
+    [JsonIgnore]
-        int Id,
+    public IEnumerable<EnvelopeReceiverBasicDto>? EnvelopeReceivers { get; init; }
-        string EmailAddress,
-        string Signature,
-        DateTime AddedWhen
-        ) : BaseDTO<int>(Id), IUnique<int>
-    {
-        [JsonIgnore]
-        public IEnumerable<EnvelopeReceiverBasicDto>? EnvelopeReceivers { get; init; }
 
-        public string? LastUsedName => EnvelopeReceivers?.LastOrDefault()?.Name;
+    public string? LastUsedName => EnvelopeReceivers?.LastOrDefault()?.Name;
 
-        public string? TotpSecretkey { get; set; } = null;
+    public string? TotpSecretkey { get; set; } = null;
 
-        [TemplatePlaceholder("[TFA_QR_EXPIRATION]")]
+    public DateTime? TfaRegDeadline { get; set; }
-        public DateTime? TotpExpiration { get; set; } = null;
+};
-    };
-}

EnvelopeGenerator.Application/DTOs/Receiver/ReceiverUpdateDto.cs

@@ -1,6 +1,5 @@
 using DigitalData.Core.Abstractions;
 
-namespace EnvelopeGenerator.Application.DTOs.Receiver
+namespace EnvelopeGenerator.Application.DTOs.Receiver;
-{
+
-    public record ReceiverUpdateDto(int Id, string? TotpSecretkey = null, DateTime? TotpExpiration = null) : IUnique<int>;
+public record ReceiverUpdateDto(int Id, string? TotpSecretkey = null, DateTime? TfaRegDeadline = null) : IUnique<int>;
-} 

EnvelopeGenerator.Application/EnvelopeGenerator.Application.csproj

@@ -1,59 +1,60 @@
 <Project Sdk="Microsoft.NET.Sdk">
 
-  <PropertyGroup>
+	<PropertyGroup>
-    <TargetFramework>net7.0</TargetFramework>
+		<TargetFramework>net7.0</TargetFramework>
-    <ImplicitUsings>enable</ImplicitUsings>
+		<ImplicitUsings>enable</ImplicitUsings>
-    <Nullable>enable</Nullable>
+		<Nullable>enable</Nullable>
-  </PropertyGroup>
+	</PropertyGroup>
 
-  <ItemGroup>
+	<ItemGroup>
-    <None Remove="Resources\Model.Designer.vb" />
+		<None Remove="Resources\Model.Designer.vb" />
-  </ItemGroup>
+	</ItemGroup>
 
-  <ItemGroup>
+	<ItemGroup>
-    <PackageReference Include="AutoMapper" Version="13.0.1" />
+		<PackageReference Include="AutoMapper" Version="13.0.1" />
-    <PackageReference Include="DigitalData.Core.Abstractions" Version="2.2.1" />
+		<PackageReference Include="DigitalData.Core.Abstractions" Version="2.2.1" />
-    <PackageReference Include="DigitalData.Core.Application" Version="2.0.0" />
+		<PackageReference Include="DigitalData.Core.Application" Version="2.0.0" />
-    <PackageReference Include="DigitalData.Core.Client" Version="2.0.3" />
+		<PackageReference Include="DigitalData.Core.Client" Version="2.0.3" />
-    <PackageReference Include="DigitalData.Core.DTO" Version="2.0.0" />
+		<PackageReference Include="DigitalData.Core.DTO" Version="2.0.0" />
-    <PackageReference Include="DigitalData.EmailProfilerDispatcher" Version="2.0.0" />
+		<PackageReference Include="DigitalData.EmailProfilerDispatcher" Version="2.0.0" />
-    <PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="7.0.18" />
+		<PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="7.0.18" />
-    <PackageReference Include="QRCoder" Version="1.6.0" />
+		<PackageReference Include="Otp.NET" Version="1.4.0" />
-    <PackageReference Include="QRCoder-ImageSharp" Version="0.10.0" />
+		<PackageReference Include="QRCoder" Version="1.6.0" />
-    <PackageReference Include="UserManager.Application" Version="2.0.0" />
+		<PackageReference Include="QRCoder-ImageSharp" Version="0.10.0" />
-    <PackageReference Include="UserManager.Infrastructure" Version="2.0.0" />
+		<PackageReference Include="UserManager.Application" Version="2.0.0" />
-  </ItemGroup>
+		<PackageReference Include="UserManager.Infrastructure" Version="2.0.0" />
+	</ItemGroup>
 
-  <ItemGroup>
+	<ItemGroup>
-    <ProjectReference Include="..\EnvelopeGenerator.Extensions\EnvelopeGenerator.Extensions.csproj" />
+		<ProjectReference Include="..\EnvelopeGenerator.Extensions\EnvelopeGenerator.Extensions.csproj" />
-    <ProjectReference Include="..\EnvelopeGenerator.Infrastructure\EnvelopeGenerator.Infrastructure.csproj" />
+		<ProjectReference Include="..\EnvelopeGenerator.Infrastructure\EnvelopeGenerator.Infrastructure.csproj" />
-  </ItemGroup>
+	</ItemGroup>
 
-  <ItemGroup>
+	<ItemGroup>
-    <Compile Update="Resources\Model.Designer.cs">
+		<Compile Update="Resources\Model.Designer.cs">
-      <DesignTime>True</DesignTime>
+			<DesignTime>True</DesignTime>
-      <AutoGen>True</AutoGen>
+			<AutoGen>True</AutoGen>
-      <DependentUpon>Model.resx</DependentUpon>
+			<DependentUpon>Model.resx</DependentUpon>
-    </Compile>
+		</Compile>
-  </ItemGroup>
+	</ItemGroup>
 
-  <ItemGroup>
+	<ItemGroup>
-    <EmbeddedResource Update="Resources\Model.en.resx">
+		<EmbeddedResource Update="Resources\Model.en.resx">
-      <CustomToolNamespace>My.Resources</CustomToolNamespace>
+			<CustomToolNamespace>My.Resources</CustomToolNamespace>
-      <LastGenOutput>Model.en.Designer.vb</LastGenOutput>
+			<LastGenOutput>Model.en.Designer.vb</LastGenOutput>
-      <Generator>PublicResXFileCodeGenerator</Generator>
+			<Generator>PublicResXFileCodeGenerator</Generator>
-    </EmbeddedResource>
+		</EmbeddedResource>
-    <EmbeddedResource Update="Resources\Model.resx">
+		<EmbeddedResource Update="Resources\Model.resx">
-      <CustomToolNamespace>My.Resources</CustomToolNamespace>
+			<CustomToolNamespace>My.Resources</CustomToolNamespace>
-      <LastGenOutput>Model.Designer.cs</LastGenOutput>
+			<LastGenOutput>Model.Designer.cs</LastGenOutput>
-      <Generator>PublicResXFileCodeGenerator</Generator>
+			<Generator>PublicResXFileCodeGenerator</Generator>
-    </EmbeddedResource>
+		</EmbeddedResource>
-    <EmbeddedResource Update="Resources\Resource.de-DE.resx">
+		<EmbeddedResource Update="Resources\Resource.de-DE.resx">
-      <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
+			<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
-    </EmbeddedResource>
+		</EmbeddedResource>
-    <EmbeddedResource Update="Resources\Resource.en-US.resx">
+		<EmbeddedResource Update="Resources\Resource.en-US.resx">
-      <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
+			<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
-    </EmbeddedResource>
+		</EmbeddedResource>
-  </ItemGroup>
+	</ItemGroup>
 
 </Project>

EnvelopeGenerator.Application/Extensions/CacheExtensions.cs

@@ -4,79 +4,128 @@ namespace EnvelopeGenerator.Application.Extensions
 {
     public static class CacheExtensions
     {
-        public static Task SetLongAsync(this IDistributedCache cache, string key, long value, DistributedCacheEntryOptions? options = null)
+        public static Task SetLongAsync(this IDistributedCache cache, string key, long value, DistributedCacheEntryOptions? options = null, CancellationToken cToken = default)
             => options is null
-                ? cache.SetAsync(key, BitConverter.GetBytes(value))
+                ? cache.SetAsync(key, BitConverter.GetBytes(value), token: cToken)
-                : cache.SetAsync(key, BitConverter.GetBytes(value), options: options);
+                : cache.SetAsync(key, BitConverter.GetBytes(value), options: options, token: cToken);
 
-        public static async Task<long?> GetLongAsync(this IDistributedCache cache, string key)
+        public static async Task<long?> GetLongAsync(this IDistributedCache cache, string key, CancellationToken cToken = default)
         {
-            var value = await cache.GetAsync(key);
+            var value = await cache.GetAsync(key, cToken);
             return value is null ? null : BitConverter.ToInt64(value, 0);
         }
 
-        public static Task SetDateTimeAsync(this IDistributedCache cache, string key, DateTime value, DistributedCacheEntryOptions? options = null)
+        public static Task SetDateTimeAsync(this IDistributedCache cache, string key, DateTime value, DistributedCacheEntryOptions? options = null, CancellationToken cToken = default)
-            => cache.SetLongAsync(key: key, value: value.Ticks, options: options);
+            => cache.SetLongAsync(key: key, value: value.Ticks, options: options, cToken: cToken);
 
-        public static async Task<DateTime?> GetDateTimeAsync(this IDistributedCache cache, string key)
+        public static async Task<DateTime?> GetDateTimeAsync(this IDistributedCache cache, string key, CancellationToken cToken = default)
         {
-            var value = await cache.GetAsync(key);
+            var value = await cache.GetAsync(key, cToken);
             return value is null ? null : new(BitConverter.ToInt64(value, 0));
         }
 
-        public static Task SetTimeSpanAsync(this IDistributedCache cache, string key, TimeSpan value, DistributedCacheEntryOptions? options = null)
+        public static Task SetTimeSpanAsync(this IDistributedCache cache, string key, TimeSpan value, DistributedCacheEntryOptions? options = null, CancellationToken cToken = default)
-            => cache.SetLongAsync(key: key, value: value.Ticks, options: options);
+            => cache.SetLongAsync(key: key, value: value.Ticks, options: options, cToken);
 
-        public static async Task<TimeSpan?> GetTimeSpanAsync(this IDistributedCache cache, string key)
+        public static async Task<TimeSpan?> GetTimeSpanAsync(this IDistributedCache cache, string key, CancellationToken cToken = default)
         {
-            var value = await cache.GetAsync(key);
+            var value = await cache.GetAsync(key, cToken);
             return value is null ? null : new(BitConverter.ToInt64(value, 0));
         }
 
-        public static string GetOrSet(this IDistributedCache cache, string key, Func<string> factory, DistributedCacheEntryOptions? options = null, bool cacheInBackground = false, CancellationToken token = default)
+        //TODO: use code generator
+        #region GetOrSetAsync
+
+        #region string
+        public static async Task<string> GetOrSetAsync(this IDistributedCache cache, string key, Func<string> factory, DistributedCacheEntryOptions? options = null, bool cacheInBackground = false, CancellationToken cToken = default)
         {
-            var value = cache.GetString(key);
+            var value = await cache.GetStringAsync(key, cToken);
             if (value is null)
             {
                 // create new and save
                 value = factory();
 
-                void Cache()
-                {
-                    if (options is null)
-                        cache.SetString(key: key, value: value);
-                    else
-                        cache.SetString(key: key, value: value, options: options);
-                }
-
-                if (cacheInBackground)
-                    _ = Task.Run(() => Cache(), token);
-                else
-                    Cache();
-            }
-
-            return value;
-        }
-
-        public static async Task<string> GetOrSetAsync(this IDistributedCache cache, string key, Func<Task<string>> factory, DistributedCacheEntryOptions? options = null, bool cacheInBackground = false, CancellationToken token = default)
-        {
-            var value = await cache.GetStringAsync(key, token: token);
-            if(value is null)
-            {
-                // create new and save
-                value = await factory();
-
                 Task CacheAsync() => options is null
-                    ? cache.SetStringAsync(key: key, value: value, token: token)
+                        ? cache.SetStringAsync(key, value, cToken)
-                    : cache.SetStringAsync(key: key, value: value, options: options, token: token);
+                        : cache.SetStringAsync(key, value, options, cToken);
 
                 if (cacheInBackground)
-                    _ = Task.Run(async () => await CacheAsync(), token);
+                    _ = Task.Run(async () => await CacheAsync(), cToken);
                 else
                     await CacheAsync();
             }
 
             return value;
         }
+
+        public static async Task<string> GetOrSetAsync(this IDistributedCache cache, string key, Func<Task<string>> factoryAsync, DistributedCacheEntryOptions? options = null, bool cacheInBackground = false, CancellationToken cToken = default)
+        {
+            var value = await cache.GetStringAsync(key, cToken);
+            if(value is null)
+            {
+                // create new and save
+                value = await factoryAsync();
+
+                Task CacheAsync() => options is null
+                    ? cache.SetStringAsync(key: key, value: value, token: cToken)
+                    : cache.SetStringAsync(key: key, value: value, options: options, token: cToken);
+
+                if (cacheInBackground)
+                    _ = Task.Run(async () => await CacheAsync(), cToken);
+                else
+                    await CacheAsync();
+            }
+
+            return value;
+        }
+        #endregion
+
+        #region DateTime
+        public static async Task<DateTime> GetOrSetAsync(this IDistributedCache cache, string key, Func<DateTime> factory, DistributedCacheEntryOptions? options = null, bool cacheInBackground = false, CancellationToken cToken = default)
+        {
+            if (await cache.GetDateTimeAsync(key, cToken) is DateTime dateTimeValue)
+                return dateTimeValue;
+            else
+            {
+                // create new and save
+                var newValue = factory();
+
+                Task CacheAsync() => options is null
+                        ? cache.SetDateTimeAsync(key, newValue, cToken: cToken)
+                        : cache.SetDateTimeAsync(key, newValue, options, cToken);
+
+                if (cacheInBackground)
+                    _ = Task.Run(async () => await CacheAsync(), cToken);
+                else
+                    await CacheAsync();
+
+                return newValue;
+            }
+        }
+
+        public static async Task<DateTime> GetOrSetAsync(this IDistributedCache cache, string key, Func<Task<DateTime>> factory, DistributedCacheEntryOptions? options = null, bool cacheInBackground = false, CancellationToken cToken = default)
+        {
+            if (await cache.GetDateTimeAsync(key, cToken) is DateTime dateTimeValue)
+                return dateTimeValue;
+            else
+            {
+                // create new and save
+                var newValue = await factory();
+
+                Task CacheAsync() => options is null
+                        ? cache.SetDateTimeAsync(key, newValue, cToken: cToken)
+                        : cache.SetDateTimeAsync(key, newValue, options, cToken);
+
+                if (cacheInBackground)
+                    _ = Task.Run(async () => await CacheAsync(), cToken);
+                else
+                    await CacheAsync();
+
+                return newValue;
+            }
+        }
+        #endregion
+
+        #endregion
     }
 }

EnvelopeGenerator.Application/Extensions/DIExtensions.cs

@@ -9,70 +9,61 @@ using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.DependencyInjection.Extensions;
 using DigitalData.Core.Client;
-using EnvelopeGenerator.Application.Configurations.GtxMessaging;
 using QRCoder;
 
-namespace EnvelopeGenerator.Application.Extensions
+namespace EnvelopeGenerator.Application.Extensions;
+
+public static class DIExtensions
 {
-    public static class DIExtensions
+    public static IServiceCollection AddEnvelopeGenerator(this IServiceCollection services, IConfiguration config)
     {
-        public static IServiceCollection AddEnvelopeGenerator(this IServiceCollection services, IConfigurationSection dispatcherConfigSection, IConfigurationSection mailConfigSection, IConfigurationSection smsConfigSection, IConfigurationSection codeGeneratorConfigSection, IConfigurationSection envelopeReceiverCacheParamsSection)
+        //Inject CRUD Service and repositoriesad
-        {
+        services.TryAddScoped<IConfigRepository, ConfigRepository>();
-            //Inject CRUD Service and repositoriesad
+        services.TryAddScoped<IDocumentReceiverElementRepository, DocumentReceiverElementRepository>();
-            services.TryAddScoped<IConfigRepository, ConfigRepository>();
+        services.TryAddScoped<IEnvelopeDocumentRepository, EnvelopeDocumentRepository>();
-            services.TryAddScoped<IDocumentReceiverElementRepository, DocumentReceiverElementRepository>();
+        services.TryAddScoped<IConfigRepository, ConfigRepository>();
-            services.TryAddScoped<IEnvelopeDocumentRepository, EnvelopeDocumentRepository>();
+        services.TryAddScoped<IDocumentReceiverElementRepository, DocumentReceiverElementRepository>();
-            services.TryAddScoped<IConfigRepository, ConfigRepository>();
+        services.TryAddScoped<IDocumentStatusRepository, DocumentStatusRepository>();
-            services.TryAddScoped<IDocumentReceiverElementRepository, DocumentReceiverElementRepository>();
+        services.TryAddScoped<IEmailTemplateRepository, EmailTemplateRepository>();
-            services.TryAddScoped<IDocumentStatusRepository, DocumentStatusRepository>();
+        services.TryAddScoped<IEnvelopeRepository, EnvelopeRepository>();
-            services.TryAddScoped<IEmailTemplateRepository, EmailTemplateRepository>();
+        services.TryAddScoped<IEnvelopeCertificateRepository, EnvelopeCertificateRepository>();
-            services.TryAddScoped<IEnvelopeRepository, EnvelopeRepository>();
+        services.TryAddScoped<IEnvelopeDocumentRepository, EnvelopeDocumentRepository>();
-            services.TryAddScoped<IEnvelopeCertificateRepository, EnvelopeCertificateRepository>();
+        services.TryAddScoped<IEnvelopeHistoryRepository, EnvelopeHistoryRepository>();
-            services.TryAddScoped<IEnvelopeDocumentRepository, EnvelopeDocumentRepository>();
+        services.TryAddScoped<IEnvelopeReceiverRepository, EnvelopeReceiverRepository>();
-            services.TryAddScoped<IEnvelopeHistoryRepository, EnvelopeHistoryRepository>();
+        services.TryAddScoped<IEnvelopeTypeRepository, EnvelopeTypeRepository>();
-            services.TryAddScoped<IEnvelopeReceiverRepository, EnvelopeReceiverRepository>();
+        services.TryAddScoped<IReceiverRepository, ReceiverRepository>();
-            services.TryAddScoped<IEnvelopeTypeRepository, EnvelopeTypeRepository>();
+        services.TryAddScoped<IUserReceiverRepository, UserReceiverRepository>();
-            services.TryAddScoped<IReceiverRepository, ReceiverRepository>();
+        services.TryAddScoped<IEnvelopeReceiverReadOnlyRepository, EnvelopeReceiverReadOnlyRepository>();
-            services.TryAddScoped<IUserReceiverRepository, UserReceiverRepository>();
+        services.TryAddScoped<IConfigService, ConfigService>();
-            services.TryAddScoped<IEnvelopeReceiverReadOnlyRepository, EnvelopeReceiverReadOnlyRepository>();
+        services.TryAddScoped<IDocumentReceiverElementService, DocumentReceiverElementService>();
-            services.TryAddScoped<IConfigService, ConfigService>();
+        services.TryAddScoped<IEnvelopeDocumentService, EnvelopeDocumentService>();
-            services.TryAddScoped<IDocumentReceiverElementService, DocumentReceiverElementService>();
+        services.TryAddScoped<IEnvelopeHistoryService, EnvelopeHistoryService>();
-            services.TryAddScoped<IEnvelopeDocumentService, EnvelopeDocumentService>();
+        services.TryAddScoped<IDocumentStatusService, DocumentStatusService>();
-            services.TryAddScoped<IEnvelopeHistoryService, EnvelopeHistoryService>();
+        services.TryAddScoped<IEmailTemplateService, EmailTemplateService>();
-            services.TryAddScoped<IDocumentStatusService, DocumentStatusService>();
+        services.TryAddScoped<IEnvelopeService, EnvelopeService>();
-            services.TryAddScoped<IEmailTemplateService, EmailTemplateService>();
+        services.TryAddScoped<IEnvelopeCertificateService, EnvelopeCertificateService>();
-            services.TryAddScoped<IEnvelopeService, EnvelopeService>();
+        services.TryAddScoped<IEnvelopeDocumentService, EnvelopeDocumentService>();
-            services.TryAddScoped<IEnvelopeCertificateService, EnvelopeCertificateService>();
+        services.TryAddScoped<IEnvelopeReceiverService, EnvelopeReceiverService>();
-            services.TryAddScoped<IEnvelopeDocumentService, EnvelopeDocumentService>();
+        services.TryAddScoped<IEnvelopeTypeService, EnvelopeTypeService>();
-            services.TryAddScoped<IEnvelopeReceiverService, EnvelopeReceiverService>();
+        services.TryAddScoped<IReceiverService, ReceiverService>();
-            services.TryAddScoped<IEnvelopeTypeService, EnvelopeTypeService>();
+        services.TryAddScoped<IUserReceiverService, UserReceiverService>();
-            services.TryAddScoped<IReceiverService, ReceiverService>();
+        services.TryAddScoped<IEnvelopeReceiverReadOnlyService, EnvelopeReceiverReadOnlyService>();
-            services.TryAddScoped<IUserReceiverService, UserReceiverService>();
-            services.TryAddScoped<IEnvelopeReceiverReadOnlyService, EnvelopeReceiverReadOnlyService>();
 
-            //Auto mapping profiles
+        //Auto mapping profiles
-            services.AddAutoMapper(typeof(BasicDtoMappingProfile).Assembly);
+        services.AddAutoMapper(typeof(BasicDtoMappingProfile).Assembly);
-            services.AddAutoMapper(typeof(UserMappingProfile).Assembly);
+        services.AddAutoMapper(typeof(UserMappingProfile).Assembly);
 
-            services.Configure<DispatcherConfig>(dispatcherConfigSection);
+        services.Configure<DispatcherParams>(config.GetSection(nameof(DispatcherParams)));
-            services.Configure<MailConfig>(mailConfigSection);
+        services.Configure<MailParams>(config.GetSection(nameof(MailParams)));
-            services.Configure<CodeGeneratorParams>(codeGeneratorConfigSection);
+        services.Configure<AuthenticatorParams>(config.GetSection(nameof(AuthenticatorParams)));
-            services.Configure<EnvelopeReceiverCacheParams>(envelopeReceiverCacheParamsSection);
+        services.Configure<TotpSmsParams>(config.GetSection(nameof(TotpSmsParams)));
 
-            services.AddHttpClientService<SmsParams>(smsConfigSection);
+        services.AddHttpClientService<GtxMessagingParams>(config.GetSection(nameof(GtxMessagingParams)));
-            services.TryAddSingleton<IMessagingService, GtxMessagingService>();
+        services.TryAddSingleton<ISmsSender, GTXSmsSender>();
-            services.TryAddSingleton<ICodeGenerator, CodeGenerator>();
+        services.TryAddSingleton<IEnvelopeSmsHandler, EnvelopeSmsHandler>();
-            services.TryAddSingleton<IEnvelopeReceiverCache, EnvelopeReceiverCache>();
+        services.TryAddSingleton<IAuthenticator, Authenticator>();
-            services.TryAddSingleton<QRCodeGenerator>();
+        services.TryAddSingleton<QRCodeGenerator>();
 
-            return services;
+        return services;
-        }
-
-        public static IServiceCollection AddEnvelopeGenerator(this IServiceCollection services, IConfiguration config) => services.AddEnvelopeGenerator(
-            dispatcherConfigSection: config.GetSection("DispatcherConfig"),
-            mailConfigSection: config.GetSection("MailConfig"),
-            smsConfigSection: config.GetSection("SmsConfig"),
-            codeGeneratorConfigSection: config.GetSection("CodeGeneratorParams"),
-            envelopeReceiverCacheParamsSection: config.GetSection("EnvelopeReceiverCacheParams"));
     }
 }

EnvelopeGenerator.Application/Extensions/DTOExtensions.cs

@@ -1,22 +0,0 @@
-using EnvelopeGenerator.Application.DTOs.Receiver;
-using EnvelopeGenerator.Extensions;
-using Newtonsoft.Json;
-
-namespace EnvelopeGenerator.Application.Extensions
-{
-    public static class DTOExtensions
-    {
-        public static bool IsTotpSecretExpired(this ReceiverReadDto dto, int minutesBeforeExpiration = 30)
-            => dto.TotpExpiration < DateTime.Now.AddMinutes(minutesBeforeExpiration * -1);
-
-        public static bool IsTotpSecretInvalid(this ReceiverReadDto dto, int minutesBeforeExpiration = 30)
-            => dto.IsTotpSecretExpired(minutesBeforeExpiration) || dto.TotpSecretkey is null;
-
-        public static bool IsTotpSecretValid(this ReceiverReadDto dto, int minutesBeforeExpiration = 30)
-            => !dto.IsTotpSecretInvalid(minutesBeforeExpiration);
-
-        public static bool IsTotpValid(this ReceiverReadDto dto, string totp) => dto.TotpSecretkey is null ? throw new ArgumentNullException(nameof(dto), $"TotpSecretkey of DTO cannot validate without TotpSecretkey. Dto: {JsonConvert.SerializeObject(dto)}") : totp.IsValidTotp(dto.TotpSecretkey);
-
-        public static bool IsTotpInvalid(this ReceiverReadDto dto, string totp) => !dto.IsTotpValid(totp: totp);
-    }
-}

EnvelopeGenerator.Application/Extensions/MappingExtensions.cs

@@ -1,4 +1,4 @@
-using EnvelopeGenerator.Domain.HttpResponse;
+using EnvelopeGenerator.Application.DTOs.Messaging;
 
 namespace EnvelopeGenerator.Application.Extensions
 {

EnvelopeGenerator.Application/MappingProfiles/BasicDtoMappingProfile.cs

@@ -7,7 +7,6 @@ using EnvelopeGenerator.Application.DTOs.Messaging;
 using EnvelopeGenerator.Application.DTOs.Receiver;
 using EnvelopeGenerator.Application.Extensions;
 using EnvelopeGenerator.Domain.Entities;
-using EnvelopeGenerator.Domain.HttpResponse;
 
 namespace EnvelopeGenerator.Application.MappingProfiles
 {

EnvelopeGenerator.Application/Resources/Resource.de-DE.resx

@@ -163,10 +163,10 @@
     <value>Bitte überprüfen Sie die Standortinformationen. Wenn sie falsch sind, korrigieren Sie diese bitte.</value>
   </data>
   <data name="LockedBodyAccess" xml:space="preserve">
-    <value>Wir haben Ihnen gerade den Zugriffscode an die hinterlegte Email Adresse gesendet. Dies kann evtl. einige Minuten dauern.</value>
+    <value>Wir senden Ihnen nun einen Zugriffscode an Ihre hinterlegte Email-Adresse. Dies kann evtl. einige Minuten dauern!</value>
   </data>
   <data name="LockedBodyAuthenticator" xml:space="preserve">
-    <value>Ihr QR-Code ist bis {0} gültig.</value>
+    <value>Bitte geben Sie den in Ihrer Authenticator-App angegebenen TOTP-Code ein.</value>
   </data>
   <data name="LockedBodyAuthenticatorNew" xml:space="preserve">
     <value>Wir haben den QR-Code an Ihre E-Mail-Adresse gesendet. Ihr QR-Code ist bis {0} gültig. Sie können ihn für alle Umschläge verwenden, die Sie an diese E-Mail-Adresse erhalten.</value>
@@ -184,7 +184,7 @@
     <value>SMS-Code</value>
   </data>
   <data name="LockedFooterBodyAccess" xml:space="preserve">
-    <value>Bitte überprüfen Sie Ihr Email Postfach inklusive Spam-Ordner. Sie können auch den Absender bitten, Ihnen den Code auf anderem Wege zukommen zu lassen.</value>
+    <value>Bitte überprüfen Sie Ihr Email Postfach inklusive Spam-Ordner. Sie können auch den Absender &lt;a class="mail-link" href="mailto:{0}?subject={1}&amp;body={2}" target="_blank"&gt;{0}&lt;/a&gt; bitten, Ihnen den Code auf anderem Wege zukommen zu lassen.</value>
   </data>
   <data name="LockedFooterBodyAuthenticator" xml:space="preserve">
     <value>Der neue QR-Code wird nur einmal für einen bestimmten Zeitraum gesendet und nach dem Scannen in Ihrer Authenticator-App gespeichert. Er kann für alle Umschläge verwendet werden, die an dieselbe E-Mail-Adresse gesendet werden, bis er abläuft. Wenn Sie die QR-Code-Mail nicht erhalten oder sie sowohl aus der Mail als auch aus authenticator löschen, kontaktieren Sie bitte den Absender.</value>

EnvelopeGenerator.Application/Resources/Resource.en-US.resx

@@ -163,10 +163,10 @@
     <value>Please review the location information. If it is incorrect, kindly make the necessary corrections.</value>
   </data>
   <data name="LockedBodyAccess" xml:space="preserve">
-    <value>We have just sent you the access code to the email address you provided. This may take a few minutes.</value>
+    <value>We will now send you an access code to your registered e-mail address. This may take a few minutes!</value>
   </data>
   <data name="LockedBodyAuthenticator" xml:space="preserve">
-    <value>Your QR code is valid until {0}.</value>
+    <value>Please enter the TOTP provided in your Authenticator app.</value>
   </data>
   <data name="LockedBodyAuthenticatorNew" xml:space="preserve">
     <value>We have sent the QR code to your e-mail address. Your QR code is valid until {0}. You can use it for all envelopes received at this email address.</value>
@@ -184,7 +184,7 @@
     <value>SMS Code</value>
   </data>
   <data name="LockedFooterBodyAccess" xml:space="preserve">
-    <value>Please check your email inbox including your spam folder. Furthermore, you can also ask the sender to send the code by other means.</value>
+    <value>Please check your email inbox including the spam folder. You can also ask the sender &lt;a class="mail-link" href="mailto:{0}?subject={1}&amp;body={2}" target="_blank"&gt;{0}&lt;/a&gt; to send you the code by other means.</value>
   </data>
   <data name="LockedFooterBodyAuthenticator" xml:space="preserve">
     <value>The new QR code is sent only once for a given period and is saved in your authenticator app once scanned. It can be used for all envelopes received at the same email address until it expires. If you do not receive the QR code mail or delete it both from the mail and from authenticator, please contact the sender.</value>

EnvelopeGenerator.Application/Services/Authenticator.cs

@@ -7,17 +7,17 @@ using System.Text;
 
 namespace EnvelopeGenerator.Application.Services
 {
-    public class CodeGenerator : ICodeGenerator
+    public class Authenticator : IAuthenticator
     {
-        public static Lazy<CodeGenerator> LazyStatic => new(() => new CodeGenerator(Options.Create<CodeGeneratorParams>(new()), new QRCodeGenerator()));
+        public static Lazy<Authenticator> LazyStatic => new(() => new Authenticator(Options.Create<AuthenticatorParams>(new()), new QRCodeGenerator()));
 
-        public static CodeGenerator Static => LazyStatic.Value;
+        public static Authenticator Static => LazyStatic.Value;
 
-        private readonly CodeGeneratorParams _params;
+        private readonly AuthenticatorParams _params;
 
         private readonly QRCodeGenerator _qrCodeGenerator;
 
-        public CodeGenerator(IOptions<CodeGeneratorParams> options, QRCodeGenerator qrCodeGenerator)
+        public Authenticator(IOptions<AuthenticatorParams> options, QRCodeGenerator qrCodeGenerator)
         {
             _params = options.Value;
             _qrCodeGenerator = qrCodeGenerator;
@@ -62,5 +62,10 @@ namespace EnvelopeGenerator.Application.Services
                 totpUrlFormat: totpUrlFormat,
                 pixelsPerModule: pixelsPerModule);
         }
+
+        public string GenerateTotp(string secretKey, int step = 30) => new Totp(Base32Encoding.ToBytes(secretKey), step).ComputeTotp();
+        
+        public bool VerifyTotp(string totpCode, string secretKey, int step = 30, VerificationWindow? window = null)
+            => new Totp(Base32Encoding.ToBytes(secretKey), step).VerifyTotp(totpCode, out _, window);
     }
 }

EnvelopeGenerator.Application/Services/EnvelopeMailService.cs

@@ -21,19 +21,19 @@ namespace EnvelopeGenerator.Application.Services
     {
 		private readonly IEmailTemplateService _tempService;
 		private readonly IEnvelopeReceiverService _envRcvService;
-		private readonly DispatcherConfig _dConfig;
+		private readonly DispatcherParams _dConfig;
 		private readonly IConfigService _configService;
 		private readonly Dictionary<string, string> _placeholders;
-		private readonly ICodeGenerator _codeGenerator;
+		private readonly IAuthenticator _authenticator;
 
-        public EnvelopeMailService(IEmailOutRepository repository, IMapper mapper, IEmailTemplateService tempService, IEnvelopeReceiverService envelopeReceiverService, IOptions<DispatcherConfig> dispatcherConfigOptions, IConfigService configService, IOptions<MailConfig> mailConfig, ICodeGenerator codeGenerator) : base(repository, mapper)
+        public EnvelopeMailService(IEmailOutRepository repository, IMapper mapper, IEmailTemplateService tempService, IEnvelopeReceiverService envelopeReceiverService, IOptions<DispatcherParams> dispatcherConfigOptions, IConfigService configService, IOptions<MailParams> mailConfig, IAuthenticator authenticator) : base(repository, mapper)
         {
             _tempService = tempService;
 			_envRcvService = envelopeReceiverService;
 			_dConfig = dispatcherConfigOptions.Value;
 			_configService = configService;
 			_placeholders = mailConfig.Value.Placeholders;
-			_codeGenerator = codeGenerator;
+			_authenticator = authenticator;
         }
 
 		private async Task<Dictionary<string, string>> CreatePlaceholders(string? accessCode = null, EnvelopeReceiverDto? envelopeReceiverDto = null)
@@ -164,14 +164,11 @@ namespace EnvelopeGenerator.Application.Services
                 throw new ArgumentNullException(nameof(dto), $"TFA Qr Code cannot sent. Receiver information is missing. Envelope receiver dto is {JsonConvert.SerializeObject(dto)}");
             if (dto.Receiver.TotpSecretkey is null)
                 throw new ArgumentNullException(nameof(dto), $"TFA Qr Code cannot sent. Receiver.TotpSecretKey is null. Envelope receiver dto is {JsonConvert.SerializeObject(dto)}");
-            if (dto.Receiver.TotpExpiration is null)
-                throw new ArgumentNullException(nameof(dto), $"TFA Qr Code cannot sent. Receiver.TotpExpiration is null. Envelope receiver dto is {JsonConvert.SerializeObject(dto)}");
 
-            var totp_qr_64 = _codeGenerator.GenerateTotpQrCode(userEmail: dto.Receiver.EmailAddress, secretKey: dto.Receiver.TotpSecretkey).ToBase64String();
+            var totp_qr_64 = _authenticator.GenerateTotpQrCode(userEmail: dto.Receiver.EmailAddress, secretKey: dto.Receiver.TotpSecretkey).ToBase64String();
             return SendAsync(dto, EmailTemplateType.TotpSecret, new()
 			{
 				{"[TFA_QR_CODE]", totp_qr_64 },
-				{"[TFA_EXPIRATION]", dto.Receiver.TotpExpiration }
 			});
         }
     }

EnvelopeGenerator.Application/Services/EnvelopeReceiverCache.cs

@@ -1,50 +0,0 @@
-using AngleSharp.Dom;
-using EnvelopeGenerator.Application.Configurations;
-using EnvelopeGenerator.Application.Contracts;
-using EnvelopeGenerator.Application.Extensions;
-using Microsoft.Extensions.Caching.Distributed;
-using Microsoft.Extensions.Options;
-
-namespace EnvelopeGenerator.Application.Services
-{
-    public class EnvelopeReceiverCache : IEnvelopeReceiverCache
-    {
-        private readonly EnvelopeReceiverCacheParams _cacheParams;
-
-        private readonly DistributedCacheEntryOptions _codeCacheOptions;
-
-        private readonly IDistributedCache _cache;
-
-        public EnvelopeReceiverCache(IOptions<EnvelopeReceiverCacheParams> cacheParamOptions, IDistributedCache cache)
-        {
-            _cacheParams = cacheParamOptions.Value;
-            _codeCacheOptions = new() { AbsoluteExpirationRelativeToNow = cacheParamOptions.Value.CodeCacheValidityPeriod };
-            _cache = cache;
-        }
-
-        public async Task<string?> GetSmsCodeAsync(string envelopeReceiverId)
-        {
-            var code_key = string.Format(_cacheParams.CodeCacheKeyFormat, envelopeReceiverId);
-            return await _cache.GetStringAsync(code_key);
-        }
-
-        public async Task<DateTime> SetSmsCodeAsync(string envelopeReceiverId, string code)
-        {
-            // set key
-            var code_key = string.Format(_cacheParams.CodeCacheKeyFormat, envelopeReceiverId);
-            await _cache.SetStringAsync(code_key, code, _codeCacheOptions);
-
-            // set expiration
-            var code_expiration_key = string.Format(_cacheParams.CodeExpirationCacheKeyFormat, envelopeReceiverId);
-            var expiration = DateTime.Now + _cacheParams.CodeCacheValidityPeriod;
-            await _cache.SetDateTimeAsync(code_expiration_key, expiration, _codeCacheOptions);
-            return expiration;
-        }
-
-        public async Task<DateTime?> GetSmsCodeExpirationAsync(string envelopeReceiverId)
-        {
-            var code_expiration_key = string.Format(_cacheParams.CodeExpirationCacheKeyFormat, envelopeReceiverId);
-            return await _cache.GetDateTimeAsync(code_expiration_key);
-        }
-    }
-}

EnvelopeGenerator.Application/Services/EnvelopeReceiverService.cs

@@ -17,13 +17,13 @@ namespace EnvelopeGenerator.Application.Services
     {
         private readonly IStringLocalizer<Resource> _localizer;
 
-        private readonly IMessagingService _messagingService;
+        private readonly ISmsSender _smsSender;
 
-        public EnvelopeReceiverService(IEnvelopeReceiverRepository repository, IStringLocalizer<Resource> localizer, IMapper mapper, IMessagingService messagingService)
+        public EnvelopeReceiverService(IEnvelopeReceiverRepository repository, IStringLocalizer<Resource> localizer, IMapper mapper, ISmsSender smsSender)
             : base(repository, mapper)
         {
             _localizer = localizer;
-            _messagingService = messagingService;
+            _smsSender = smsSender;
         }
 
         public async Task<DataResult<IEnumerable<EnvelopeReceiverDto>>> ReadBySignatureAsync(string signature, bool withEnvelope = false, bool withReceiver = true, bool readOnly = true)
@@ -171,7 +171,7 @@ namespace EnvelopeGenerator.Application.Services
                     .Message(Key.PhoneNumberNonexists)
                     .Notice(LogLevel.Error, Flag.NotFound, $"An attempt was made to send sms to the user whose phone number is null. Envelope recipient ID is {envelopeReceiverId}, UUID is {uuid} and signature is {signature}.");
 
-            var res = await _messagingService.SendSmsAsync(recipient: env_rcv.PhoneNumber, message: message);
+            var res = await _smsSender.SendSmsAsync(recipient: env_rcv.PhoneNumber, message: message);
 
             return Result.Success(res);
         }

EnvelopeGenerator.Application/Services/EnvelopeSmsHandler.cs

@@ -0,0 +1,54 @@
+using EnvelopeGenerator.Application.Configurations;
+using EnvelopeGenerator.Application.Contracts;
+using EnvelopeGenerator.Application.DTOs.EnvelopeReceiver;
+using EnvelopeGenerator.Application.DTOs.Messaging;
+using EnvelopeGenerator.Application.Extensions;
+using Microsoft.Extensions.Caching.Distributed;
+using Microsoft.Extensions.Options;
+
+namespace EnvelopeGenerator.Application.Services;
+
+public class EnvelopeSmsHandler : IEnvelopeSmsHandler
+{
+    private readonly ISmsSender _sender;
+
+    private readonly TotpSmsParams _totpSmsParams;
+
+    private readonly IDistributedCache _dCache;
+
+    private readonly IAuthenticator _authenticator;
+
+    public EnvelopeSmsHandler(ISmsSender sender, IOptions<TotpSmsParams> totpSmsParamsOptions, IDistributedCache distributedCache, IAuthenticator authenticator)
+    {
+        _sender = sender;
+        _totpSmsParams = totpSmsParamsOptions.Value;
+        _dCache = distributedCache;
+        _authenticator = authenticator;
+    }
+
+    /// <summary>
+    /// If expiration is passed then, sends sms and returns smsResponse and up-to-date expiration; otherwise send expiration.
+    /// </summary>
+    /// <param name="er_secret"></param>
+    /// <param name="cToken"></param>
+    /// <returns></returns>
+    public async Task<(SmsResponse? SmsResponse, DateTime Expiration)> SendTotpAsync(EnvelopeReceiverSecretDto er_secret, CancellationToken cToken = default)
+    {
+        var key = string.Format(_totpSmsParams.Expiration.CacheKeyFormat, er_secret.EnvelopeId, er_secret.ReceiverId);
+        var expiration = await _dCache.GetDateTimeAsync(key, cToken);
+
+        if(expiration is DateTime expirationDateTime && expirationDateTime >= DateTime.Now)
+            return (null, expirationDateTime);
+        else
+        {
+            var new_expiration = DateTime.Now.AddSeconds(_totpSmsParams.TotpStep);
+            var totp = _authenticator.GenerateTotp(er_secret.Receiver!.TotpSecretkey!, _totpSmsParams.TotpStep);
+            var msg = string.Format(_totpSmsParams.Format, totp, new_expiration.ToString(_totpSmsParams.Expiration.Format, _totpSmsParams.Expiration.CultureInfo));
+            await _dCache.SetDateTimeAsync(key, new_expiration, cToken: cToken);
+            return (await _sender.SendSmsAsync(er_secret.PhoneNumber!, msg), new_expiration);
+        }
+    }
+
+    public bool VerifyTotp(string totpCode, string secretKey) => _authenticator
+        .VerifyTotp(totpCode, secretKey, _totpSmsParams.TotpStep, _totpSmsParams.TotpVerificationWindow);
+}

EnvelopeGenerator.Application/Services/GTXMessagingService.cs

@@ -1,70 +0,0 @@
-using AutoMapper;
-using DigitalData.Core.Abstractions.Client;
-using DigitalData.Core.Client;
-using EnvelopeGenerator.Application.Configurations.GtxMessaging;
-using EnvelopeGenerator.Application.Contracts;
-using EnvelopeGenerator.Application.DTOs.Messaging;
-using EnvelopeGenerator.Application.Extensions;
-using EnvelopeGenerator.Domain.HttpResponse;
-using Microsoft.Extensions.Caching.Distributed;
-using Microsoft.Extensions.Options;
-
-namespace EnvelopeGenerator.Application.Services
-{
-    public class GtxMessagingService : IMessagingService
-    {
-        private readonly IHttpClientService<SmsParams> _smsClient;
-
-        private readonly SmsParams _smsParams;
-
-        private readonly IMapper _mapper;
-
-        private readonly ICodeGenerator _codeGen;
-
-        private readonly IEnvelopeReceiverCache _erCache;
-
-        public string ServiceProvider { get; }
-
-        public GtxMessagingService(IHttpClientService<SmsParams> smsClient, IOptions<SmsParams> smsParamsOptions, IMapper mapper, ICodeGenerator codeGenerator, IEnvelopeReceiverCache envelopeReceiverCache)
-        {
-            _smsClient = smsClient;
-            _smsParams = smsParamsOptions.Value;
-            _mapper = mapper;
-            ServiceProvider = GetType().Name.Replace("Service", string.Empty);
-            _codeGen = codeGenerator;
-            _erCache = envelopeReceiverCache;
-        }
-
-        public async Task<SmsResponse> SendSmsAsync(string recipient, string message)
-        {
-            return await _smsClient.FetchAsync(queryParams: new Dictionary<string, object?>()
-            {
-                { _smsParams.RecipientQueryParamName, recipient },
-                { _smsParams.MessageQueryParamName, message }
-            })
-            .ThenAsync(res => res.Json<GtxMessagingResponse>())
-            .ThenAsync(_mapper.Map<SmsResponse>);
-        }
-
-        public async Task<SmsResponse> SendSmsCodeAsync(string recipient, string envelopeReceiverId)
-        {
-            var code = await _erCache.GetSmsCodeAsync(envelopeReceiverId);
-
-            if (code is null)
-            {
-                code = _codeGen.GenerateCode(_smsParams.CodeLength);                                
-                var expiration = await _erCache.SetSmsCodeAsync(envelopeReceiverId, code);                
-                var res = await SendSmsAsync(recipient: recipient, message: code);
-                res.Expiration = expiration;
-                return res;
-            }
-            else
-            {
-                var code_expiration = await _erCache.GetSmsCodeExpirationAsync(envelopeReceiverId);
-                return code_expiration is null
-                    ? new() { Ok = false }
-                    : new() { Ok = false, AllowedAt = code_expiration };
-            }
-        }
-    }
-}

EnvelopeGenerator.Application/Services/GTXSmsSender.cs

@@ -0,0 +1,40 @@
+using AutoMapper;
+using DigitalData.Core.Abstractions.Client;
+using DigitalData.Core.Client;
+using EnvelopeGenerator.Application.Configurations;
+using EnvelopeGenerator.Application.Contracts;
+using EnvelopeGenerator.Application.DTOs.Messaging;
+using Microsoft.Extensions.Options;
+
+namespace EnvelopeGenerator.Application.Services;
+
+//TODO: move to DigitalData.Core
+public class GTXSmsSender : ISmsSender
+{
+    private readonly IHttpClientService<GtxMessagingParams> _smsClient;
+
+    private readonly GtxMessagingParams _smsParams;
+
+    private readonly IMapper _mapper;
+
+    public string ServiceProvider { get; }
+
+    public GTXSmsSender(IHttpClientService<GtxMessagingParams> smsClient, IOptions<GtxMessagingParams> smsParamsOptions, IMapper mapper)
+    {
+        _smsClient = smsClient;
+        _smsParams = smsParamsOptions.Value;
+        _mapper = mapper;
+        ServiceProvider = GetType().Name.Replace("Service", string.Empty);
+    }
+
+    public async Task<SmsResponse> SendSmsAsync(string recipient, string message)
+    {
+        return await _smsClient.FetchAsync(queryParams: new Dictionary<string, object?>()
+        {
+            { _smsParams.RecipientQueryParamName, recipient },
+            { _smsParams.MessageQueryParamName, message }
+        })
+        .ThenAsync(res => res.Json<GtxMessagingResponse>())
+        .ThenAsync(_mapper.Map<SmsResponse>);
+    }
+}

EnvelopeGenerator.Common/Constants.vb

@@ -112,6 +112,13 @@
     End Enum
 #End Region
 
+#Region "Role"
+    Public NotInheritable Class ReceiverRole
+        Public Const PreAuth As String = "PreAuth"
+        Public Const FullyAuth As String = "FullyAuth"
+    End Class
+#End Region
+
 #Region "Constants"
 
     Public Const DATABASE = "DATABASE"

EnvelopeGenerator.Domain/Entities/Envelope.cs

@@ -84,6 +84,9 @@ namespace EnvelopeGenerator.Domain.Entities
         [Column("EXPIRES_WARNING_WHEN_DAYS")]
         public int? ExpiresWarningWhenDays { get; set; }
 
+        [Column("TFA_ENABLED", TypeName = "bit")]
+        public bool TFAEnabled { get; set; }
+
         /// <summary>
         /// The sender of envelope
         /// </summary>

EnvelopeGenerator.Domain/Entities/EnvelopeReceiverBase.cs

@@ -45,10 +45,7 @@ namespace EnvelopeGenerator.Domain.Entities
         [StringLength(20)]
         [RegularExpression(@"^\+[0-9]+$", ErrorMessage = "Phone number must start with '+' followed by digits.")]
         public string? PhoneNumber { get; set; }
-
+        
-        [Column("TFA_ENABLED", TypeName = "bit")]
-        public bool TFAEnabled { get; set; }
-
         [NotMapped]
         public (int Envelope, int Receiver) Id => (Envelope: EnvelopeId, Receiver: ReceiverId);
 

EnvelopeGenerator.Domain/Entities/Receiver.cs

@@ -2,34 +2,33 @@
 using System.ComponentModel.DataAnnotations;
 using System.ComponentModel.DataAnnotations.Schema;
 
-namespace EnvelopeGenerator.Domain.Entities
+namespace EnvelopeGenerator.Domain.Entities;
+
+[Table("TBSIG_RECEIVER", Schema = "dbo")]
+public class Receiver : IUnique<int>
 {
-    [Table("TBSIG_RECEIVER", Schema = "dbo")]
+    [Key]
-    public class Receiver : IUnique<int>
+    [DatabaseGenerated(DatabaseGeneratedOption.Identity)]
-    {
+    [Column("GUID")]
-        [Key]
+    public int Id { get; set; }
-        [DatabaseGenerated(DatabaseGeneratedOption.Identity)]
+    
-        [Column("GUID")]
+    [Required, EmailAddress]
-        public int Id { get; set; }
+    [Column("EMAIL_ADDRESS", TypeName = "nvarchar(128)")]
-        
+    public required string EmailAddress { get; set; }
-        [Required, EmailAddress]
-        [Column("EMAIL_ADDRESS", TypeName = "nvarchar(128)")]
-        public required string EmailAddress { get; set; }
 
-        [Required]
+    [Required]
-        [Column("SIGNATURE", TypeName = "nvarchar(64)")]
+    [Column("SIGNATURE", TypeName = "nvarchar(64)")]
-        public required string Signature { get; set; }
+    public required string Signature { get; set; }
 
-        [Required]
+    [Required]
-        [Column("ADDED_WHEN", TypeName = "datetime")]
+    [Column("ADDED_WHEN", TypeName = "datetime")]
-        public DateTime AddedWhen { get; set; }
+    public DateTime AddedWhen { get; set; }
 
-        [Column("TOTP_SECRET_KEY", TypeName = "nvarchar(MAX)")]
+    [Column("TOTP_SECRET_KEY", TypeName = "nvarchar(MAX)")]
-        public string? TotpSecretkey { get; set; }
+    public string? TotpSecretkey { get; set; }
 
-        [Column("TOTP_EXPIRATION", TypeName = "datetime")]
+    [Column("TFA_REG_DEADLINE", TypeName = "datetime")]
-        public DateTime? TotpExpiration { get; set; }
+    public DateTime? TfaRegDeadline { get; set; }
 
-        public IEnumerable<EnvelopeReceiver>? EnvelopeReceivers { get; init; }
+    public IEnumerable<EnvelopeReceiver>? EnvelopeReceivers { get; init; }
-    }
 }

EnvelopeGenerator.Web/Controllers/ControllerBaseExtensions.cs

@@ -1,4 +1,7 @@
-using EnvelopeGenerator.Web.Models;
+using EnvelopeGenerator.Application.DTOs.EnvelopeReceiver;
+using EnvelopeGenerator.Web.Models;
+using Microsoft.AspNetCore.Authentication.Cookies;
+using Microsoft.AspNetCore.Authentication;
 using Microsoft.AspNetCore.Mvc;
 using System.Security.Claims;
 
@@ -6,6 +9,7 @@ namespace EnvelopeGenerator.Web.Controllers
 {
     public static class ControllerBaseExtensions
     {
+        #region Auth
         public static string? GetClaimValue(this ControllerBase controller, string claimType) => controller.User.FindFirstValue(claimType);
 
         public static string? GetAuthEnvelopeUuid(this ControllerBase controller) => controller.User.FindFirstValue(ClaimTypes.NameIdentifier);
@@ -23,7 +27,35 @@ namespace EnvelopeGenerator.Web.Controllers
             var env_id_str = controller.User.FindFirstValue(EnvelopeClaimTypes.Id);
             return int.TryParse(env_id_str, out int env_id) ? env_id : null;
         }
+        
+        public static async Task SignInEnvelopeAsync(this HttpContext context, EnvelopeReceiverDto er, string receiverRole)
+        {
+            var claims = new List<Claim> {
+            new(ClaimTypes.NameIdentifier, er.Envelope!.Uuid),
+            new(ClaimTypes.Hash, er.Receiver!.Signature),
+            new(ClaimTypes.Name, er.Name ?? string.Empty),
+            new(ClaimTypes.Email, er.Receiver.EmailAddress),
+            new(EnvelopeClaimTypes.Title, er.Envelope.Title),
+            new(EnvelopeClaimTypes.Id, er.Envelope.Id.ToString()),
+            new(ClaimTypes.Role, receiverRole)
+        };
 
+            var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
+
+            var authProperties = new AuthenticationProperties
+            {
+                AllowRefresh = false,
+                IsPersistent = false
+            };
+
+            await context.SignInAsync(
+                CookieAuthenticationDefaults.AuthenticationScheme,
+                new ClaimsPrincipal(claimsIdentity),
+                authProperties);
+        }
+        #endregion
+
+        #region View error
         //TODO: integrate localizer for ready-to-use views
         public static ViewResult ViewError(this Controller controller, ErrorViewModel errorViewModel) => controller.View("_Error", errorViewModel);
 
@@ -61,5 +93,6 @@ namespace EnvelopeGenerator.Web.Controllers
             Subtitle = "Ein unerwarteter Fehler ist aufgetreten",
             Body = "Bitte kontaktieren Sie das IT-Team."
         });
-	}
+        #endregion
+    }
 }

EnvelopeGenerator.Web/Controllers/DocumentController.cs

@@ -3,12 +3,12 @@ using EnvelopeGenerator.Common;
 using EnvelopeGenerator.Web.Services;
 using EnvelopeGenerator.Application.Contracts;
 using Microsoft.AspNetCore.Authorization;
-using EnvelopeGenerator.Application;
 using EnvelopeGenerator.Extensions;
+using static EnvelopeGenerator.Common.Constants;
 
 namespace EnvelopeGenerator.Web.Controllers
 {
-    [Authorize]
+    [Authorize(Roles = ReceiverRole.FullyAuth)]
     [Route("api/[controller]")]
     public class DocumentController : BaseController
     {
@@ -48,7 +48,7 @@ namespace EnvelopeGenerator.Web.Controllers
             }
         }
 
-        [Authorize]
+        [Authorize(Roles = ReceiverRole.FullyAuth)]
         [HttpPost("{envelopeKey}")]
         public async Task<IActionResult> Open(string envelopeKey)
         {

EnvelopeGenerator.Web/Controllers/EnvelopeController.cs

@@ -10,7 +10,7 @@ using EnvelopeGenerator.Extensions;
 
 namespace EnvelopeGenerator.Web.Controllers
 {
-    [Authorize]
+    [Authorize(Roles = ReceiverRole.FullyAuth)]
     [ApiController]
     [Route("api/[controller]")]
     public class EnvelopeController : BaseController
@@ -64,7 +64,7 @@ namespace EnvelopeGenerator.Web.Controllers
             }
         }
 
-        [Authorize]
+        [Authorize(Roles = ReceiverRole.FullyAuth)]
         [HttpPost("{envelopeKey}")]
         public async Task<IActionResult> Update(string envelopeKey, int index)
         {
@@ -110,7 +110,7 @@ namespace EnvelopeGenerator.Web.Controllers
             }
         }
 
-        [Authorize]
+        [Authorize(Roles = ReceiverRole.FullyAuth)]
         [HttpPost("reject")]
         public async Task<IActionResult> Reject([FromBody] string? reason = null)
         {

EnvelopeGenerator.Web/Controllers/ReadOnlyController.cs

@@ -4,6 +4,7 @@ using EnvelopeGenerator.Application.DTOs.EnvelopeReceiverReadOnly;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 using Newtonsoft.Json;
+using static EnvelopeGenerator.Common.Constants;
 
 namespace EnvelopeGenerator.Web.Controllers
 {
@@ -28,7 +29,7 @@ namespace EnvelopeGenerator.Web.Controllers
         }
 
         [HttpPost]
-        [Authorize]
+        [Authorize(Roles = ReceiverRole.FullyAuth)]
         public async Task<IActionResult> CreateAsync([FromBody] EnvelopeReceiverReadOnlyCreateDto createDto)
         {
             try

EnvelopeGenerator.Web/Controllers/TFARegController.cs

@@ -0,0 +1,87 @@
+using EnvelopeGenerator.Application.Contracts;
+using EnvelopeGenerator.Web.Models;
+using Ganss.Xss;
+using Microsoft.AspNetCore.Mvc;
+using EnvelopeGenerator.Extensions;
+using Microsoft.Extensions.Localization;
+using EnvelopeGenerator.Application.Resources;
+using DigitalData.Core.DTO;
+using EnvelopeGenerator.Application.Extensions;
+using Microsoft.Extensions.Options;
+using Microsoft.AspNetCore.Authorization;
+
+namespace EnvelopeGenerator.Web.Controllers;
+
+//TODO: Add authorization as well as limiting the link duration (intermediate token with different role) or sign it
+[Route("tfa")]
+public class TFARegController : ViewControllerBase
+{
+    private readonly IEnvelopeReceiverService _envRcvService;
+    private readonly IAuthenticator _authenticator;
+    private readonly IReceiverService _rcvService;
+    private readonly TFARegParams _params;
+
+    public TFARegController(ILogger<TFARegController> logger, HtmlSanitizer sanitizer, Cultures cultures, IStringLocalizer<Resource> localizer, IEnvelopeReceiverService erService, IAuthenticator authenticator, IReceiverService receiverService, IOptions<TFARegParams> tfaRegParamsOptions) : base(logger, sanitizer, cultures, localizer)
+    {
+        _envRcvService = erService;
+        _authenticator = authenticator;
+        _rcvService = receiverService;
+        _params = tfaRegParamsOptions.Value;
+    }
+
+    [Authorize]
+    [HttpGet("{envelopeReceiverId}")]
+    public async Task<IActionResult> Reg(string envelopeReceiverId)
+    {
+        try
+        {
+            envelopeReceiverId = _sanitizer.Sanitize(envelopeReceiverId);
+            (string? uuid, string? signature) = envelopeReceiverId.DecodeEnvelopeReceiverId();
+
+            if (uuid is null || signature is null)
+            {
+                _logger.LogEnvelopeError(uuid: uuid, signature: signature, message: _localizer[WebKey.WrongEnvelopeReceiverId]);
+                return Unauthorized();
+            }
+
+            var er_secret_res = await _envRcvService.ReadWithSecretByUuidSignatureAsync(uuid: uuid, signature: signature);
+
+            if (er_secret_res.IsFailed)
+            {
+                _logger.LogNotice(er_secret_res.Notices);
+                return this.ViewEnvelopeNotFound();
+            }
+            var er_secret = er_secret_res.Data;
+
+            if (!er_secret.Envelope!.TFAEnabled)
+                return Unauthorized();
+
+            var rcv = er_secret.Receiver;
+
+            // Generate QR code as base 64
+            rcv!.TotpSecretkey = _authenticator.GenerateTotpSecretKey();
+            await _rcvService.UpdateAsync(rcv);
+            var totp_qr_64 = _authenticator.GenerateTotpQrCode(userEmail: rcv.EmailAddress, secretKey: rcv.TotpSecretkey).ToBase64String();
+
+            // Calculate RFA registiration deadline
+            if (rcv.TfaRegDeadline is null)
+            {
+                rcv.TfaRegDeadline = _params.Deadline;
+                await _rcvService.UpdateAsync(rcv);
+            }
+            else if (rcv.TfaRegDeadline <= DateTime.Now)
+                return View("_Expired");
+
+            ViewData["RegDeadline"] = rcv.TfaRegDeadline;
+
+            ViewData["TotpQR64"] = totp_qr_64;
+
+            return View();
+        }
+        catch(Exception ex)
+        {
+            _logger.LogEnvelopeError(envelopeReceiverId: envelopeReceiverId, exception: ex, message: _localizer[WebKey.UnexpectedError]);
+            return this.ViewInnerServiceError();
+        }
+    }
+}

EnvelopeGenerator.Web/Controllers/Test/TestAuthController.cs

@@ -1,42 +0,0 @@
-using EnvelopeGenerator.Application.Contracts;
-using EnvelopeGenerator.Application.Services;
-using Microsoft.AspNetCore.Authorization;
-using Microsoft.AspNetCore.Mvc;
-using System.Security.Claims;
-
-namespace EnvelopeGenerator.Web.Controllers.Test
-{
-    [ApiController]
-    [Route("api/test/[controller]")]
-    public class TestAuthController : ControllerBase
-    {
-        private readonly IJWTService<string> _authService;
-
-        public TestAuthController(IJWTService<string> authService)
-        {
-            _authService = authService;
-        }
-
-        [HttpPost]
-        public IActionResult ProvideToken([FromQuery] string value)
-        {
-            var token = _authService.GenerateToken(value);
-            return Ok(token);
-        }
-
-        [HttpGet]
-        public IActionResult GetSecurityToken([FromQuery] string token)
-        {
-            var sToken = _authService.ReadSecurityToken(token);
-            return Ok(sToken);
-        }
-
-        [HttpGet("Username")]
-        [Authorize]
-        public IActionResult Getname()
-        {
-            var username = User.Claims?.FirstOrDefault(c => c.Type == ClaimTypes.Name)?.Value;
-            return Ok(username);
-        }
-    }
-}

EnvelopeGenerator.Web/Controllers/Test/TestMessagingController.cs

@@ -7,9 +7,9 @@ namespace EnvelopeGenerator.Web.Controllers.Test
     [ApiController]
     public class TestMessagingController : ControllerBase
     {
-        private readonly IMessagingService _service;
+        private readonly ISmsSender _service;
 
-        public TestMessagingController(IMessagingService service)
+        public TestMessagingController(ISmsSender service)
         {
             _service = service;
         }

EnvelopeGenerator.Web/Controllers/ViewControllerBase.cs

@@ -0,0 +1,23 @@
+using EnvelopeGenerator.Web.Models;
+using Ganss.Xss;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.Extensions.Localization;
+using EnvelopeGenerator.Application.Resources;
+
+namespace EnvelopeGenerator.Web.Controllers;
+
+public class ViewControllerBase : Controller
+{
+    protected readonly ILogger _logger;
+    protected readonly HtmlSanitizer _sanitizer;
+    protected readonly Cultures _cultures;
+    protected readonly IStringLocalizer<Resource> _localizer;
+
+    public ViewControllerBase(ILogger logger, HtmlSanitizer sanitizer, Cultures cultures, IStringLocalizer<Resource> localizer)
+    {
+        _logger = logger;
+        _sanitizer = sanitizer;
+        _cultures = cultures;
+        _localizer = localizer;
+    }
+}

EnvelopeGenerator.Web/Models/TFARegParams.cs

@@ -0,0 +1,17 @@
+namespace EnvelopeGenerator.Web.Models;
+
+/// <summary>
+/// Represents the parameters for two-factor authentication (2FA) registration.
+/// </summary>
+public class TFARegParams
+{
+    /// <summary>
+    /// The maximum allowed time for completing the registration process.
+    /// </summary>
+    public TimeSpan TimeLimit { get; init; } = new(0, 30, 0);
+
+    /// <summary>
+    /// The deadline for registration, calculated as the current time plus the <see cref="TimeLimit"/>.
+    /// </summary>
+    public DateTime Deadline => DateTime.Now.AddTicks(TimeLimit.Ticks);
+}

EnvelopeGenerator.Web/Program.cs

@@ -49,6 +49,8 @@ try
     // Add higher order services
     builder.Services.AddScoped<EnvelopeOldService>();
 
+    builder.ConfigureBySection<TFARegParams>();
+
     // Add controllers and razor views
     builder.Services.AddControllersWithViews(options =>
     {

EnvelopeGenerator.Web/Views/Home/EnvelopeLocked.cshtml

@@ -2,20 +2,23 @@
 @using Newtonsoft.Json
 @model Auth;
 @{
+    //TODO: Create view model
     var nonce = _accessor.HttpContext?.Items["csp-nonce"] as string;
     var logo = _logoOpt.Value;
     ViewData["Title"] = _localizer[WebKey.DocProtected];
     var userCulture = ViewData["UserCulture"] as Culture;
     string codeType = ViewData["CodeType"] is string _codeType ? _codeType : "accessCode";
-    string codePropName = char.ToUpper(codeType[0]) + codeType.Substring(1);
+    string codeKeyName = (char.ToUpper(codeType[0]) + codeType.Substring(1)).Replace("Code", "");
-    string codeKeyName = codePropName.Replace("Code", "");
     bool viaSms = codeType == "smsCode";
     bool viaAuthenticator = codeType == "authenticatorCode";
     bool viaTFA = viaSms || viaAuthenticator;
     DateTime? smsExpiration = ViewData["SmsExpiration"] is DateTime _smsExpiration ? _smsExpiration : null;
-    DateTime? qrCodeExpiration = ViewData["QRCodeExpiration"] is DateTime _qrCodeExpiration ? _qrCodeExpiration : null;
     bool tfaEnabled = ViewData["TFAEnabled"] is bool _tfaEnabled && _tfaEnabled;
     bool hasPhoneNumber = ViewData["HasPhoneNumber"] is bool _hasPhoneNumber && _hasPhoneNumber;
+    var envelopeKey = ViewData["EnvelopeKey"] as string;
+    DateTime? tfaRegDeadline = ViewData["TfaRegDeadline"] is DateTime _deadline ? _deadline : null;
+    var senderEmail = ViewData["SenderEmail"] as string ?? string.Empty;
+    var envelopeTitle = ViewData["EnvelopeTitle"] as string ?? string.Empty;
 }
 <div class="page container py-4 px-4">
     <header class="text-center">
@@ -31,12 +34,25 @@
         </div>
         <h1>@_localizer[WebKey.Formats.LockedTitle.Format(codeKeyName)]</h1>
     </header>
+    @if (viaAuthenticator && (tfaRegDeadline is null || tfaRegDeadline > DateTime.Now))
+    {
     <section class="text-center">
-        <p>@_localizer[WebKey.Formats.LockedBody.Format(codeKeyName)].Value.Format(qrCodeExpiration.ToString())</p>
+        <p class="m-0 p-0">
+            Klicken Sie auf den
+            <a class="icon-link m-0 p-0" href="/tfa/@envelopeKey" style="text-decoration: none;" target="_blank">
+                Link
+                <i class="bi bi-box-arrow-up-right"></i>
+            </a>
+             um Ihre Authenticator-App einzurichten.
+        </p>
+    </section>
+    }
+    <section class="text-center">
+        <p>@_localizer[WebKey.Formats.LockedBody.Format(codeKeyName)].Value</p>
     </section>
     <div class="row m-0 p-0">
         <div class="access-code-panel justify-content-center align-items-center p-0 m-0">
-            <form id="form-access-code" class="form form-floating mb-0" method="post"> 
+            <form id="form-access-code" class="form form-floating mb-0" method="post">
                 <div class="form-floating access-code-form-floating">
                     <input type="password" id="access_code" class="form-control" name="@codeType" placeholder="@_localizer[WebKey.Formats.LockedCodeLabel.Format(codeKeyName)]" required="required">
                     <label for="access_code">@_localizer[WebKey.Formats.LockedCodeLabel.Format(codeKeyName)]</label>
@@ -47,21 +63,21 @@
                     </button>
                     @if (tfaEnabled)
                     {
-                    <div class="form-check form-switch tfa-sms">
+                        <div class="form-check form-switch tfa-sms">
                         @if(hasPhoneNumber)
-                        {
+                            {
-                        <input asp-for="UserSelectSMS" class="form-check-input" name="userSelectSMS" type="checkbox" role="switch" id="flexSwitchCheckChecked">
+                                <input asp-for="UserSelectSMS" class="form-check-input" name="userSelectSMS" type="checkbox" role="switch" id="flexSwitchCheckChecked">
-                        }
+                            }
-                        else
+                            else
-                        {
+                            {
-                        <input asp-for="UserSelectSMS" class="form-check-input" name="userSelectSMS" type="checkbox" role="switch" id="flexSwitchCheckChecked" disabled>
+                                <input asp-for="UserSelectSMS" class="form-check-input" name="userSelectSMS" type="checkbox" role="switch" id="flexSwitchCheckChecked" disabled>
-                        }                        
+                            }
-                        <label class="form-check-label" for="flexSwitchCheckChecked">2FA per SMS</label>
+                            <label class="form-check-label" for="flexSwitchCheckChecked">2FA per SMS</label>
-                    </div>
+                        </div>
                     }
                     @if (smsExpiration is not null)
                     {
-                    <div id="sms-timer" class="alert alert-primary" role="alert">00:00</div>
+                        <div id="sms-timer" class="alert alert-primary" role="alert">00:00</div>
                     }
                 </div>
             </form>
@@ -69,15 +85,15 @@
     </div>
     @if (ViewData["ErrorMessage"] is string errMsg)
     {
-    <div id="access-code-error-message" class="alert alert-danger row" role="alert">
+        <div id="access-code-error-message" class="alert alert-danger row" role="alert">
             @_sanitizer.Sanitize(errMsg)
 
-    </div>
+        </div>
     }
     <section class="no-receiver-explanation text-center">
         <details>
             <summary>@_localizer[WebKey.Formats.LockedFooterTitle.Format(codeKeyName)]</summary>
-            <p>@_localizer[WebKey.Formats.LockedFooterBody.Format(codeKeyName)]</p>
+            <p>@Html.Raw(_localizer[WebKey.Formats.LockedFooterBody.Format(codeKeyName)].Value.Format(senderEmail, "Envelope - " + envelopeTitle, string.Empty))</p>
         </details>
     </section>
 </div>

EnvelopeGenerator.Web/Views/Shared/_Expired.cshtml

@@ -0,0 +1,25 @@
+@{
+    ViewData["Title"] = "Abgelaufen";
+    var head = ViewData["Head"] as string ?? "Abgelaufen!";
+    var body = ViewData["Body"] as string ?? "Die Gültigkeitsdauer der Verbindung ist abgelaufen.";
+}
+<div class="page container p-5">
+    <header class="text-center">
+        <div class="icon expired">
+            <svg width="72" height="72" viewBox="0 0 48 48" version="1" xmlns="http://www.w3.org/2000/svg" enable-background="new 0 0 48 48">
+                <circle fill="#00ACC1" cx="17" cy="17" r="14" />
+                <circle fill="#eee" cx="17" cy="17" r="11" />
+                <rect x="16" y="8" width="2" height="9" />
+                <rect x="18.2" y="16" transform="matrix(-.707 .707 -.707 -.707 46.834 19.399)" width="2.4" height="6.8" />
+                <circle cx="17" cy="17" r="2" />
+                <circle fill="#00ACC1" cx="17" cy="17" r="1" />
+                <path fill="#FFC107" d="M11.9,42l14.4-24.1c0.8-1.3,2.7-1.3,3.4,0L44.1,42c0.8,1.3-0.2,3-1.7,3H13.6C12.1,45,11.1,43.3,11.9,42z" />
+                <path fill="#263238" d="M26.4,39.9c0-0.2,0-0.4,0.1-0.6s0.2-0.3,0.3-0.5s0.3-0.2,0.5-0.3s0.4-0.1,0.6-0.1s0.5,0,0.7,0.1 s0.4,0.2,0.5,0.3s0.2,0.3,0.3,0.5s0.1,0.4,0.1,0.6s0,0.4-0.1,0.6s-0.2,0.3-0.3,0.5s-0.3,0.2-0.5,0.3s-0.4,0.1-0.7,0.1 s-0.5,0-0.6-0.1s-0.4-0.2-0.5-0.3s-0.2-0.3-0.3-0.5S26.4,40.1,26.4,39.9z M29.2,36.8h-2.3L26.5,27h3L29.2,36.8z" />
+            </svg>
+        </div>
+        <h1>@head</h1>
+    </header>
+    <section class="text-center">
+        <p>@body</p>
+    </section>
+</div>

EnvelopeGenerator.Web/Views/Shared/_Layout.cshtml

@@ -26,6 +26,7 @@
     <link rel="stylesheet" href="~/lib/alertifyjs/css/alertify.min.css" />
     <link href="https://fonts.googleapis.com/icon?family=Material+Symbols+Outlined" rel="stylesheet">
     <link rel="stylesheet" href="https://fonts.googleapis.com/css2?family=Material+Symbols+Outlined:opsz,wght,FILL,GRAD@24,400,0,0" />
+    <link rel="stylesheet" href="~/lib/bootstrap-icons/font/bootstrap-icons.min.css">
 </head>
 <body>
     <style>
@@ -67,7 +68,7 @@
         {
             ContractResolver = new CamelCasePropertyNamesContractResolver()
         };
-        var lStrsJson = JsonConvert.SerializeObject(_localizer.ToDictionary(), settings).TrySanitize(_sanitizer);
+        var lStrsJson = JsonConvert.SerializeObject(_localizer.ToDictionary(), settings);
     }
     <script nonce="@nonce">
         var localized = @Html.Raw(lStrsJson)

EnvelopeGenerator.Web/Views/TFAReg/Reg.cshtml

@@ -0,0 +1,75 @@
+@using System.Globalization
+@{
+    ViewData["Title"] = "2FA Registrierung";
+    var totpQR64 = ViewData["TotpQR64"] as string;
+    var regDeadline = ViewData["RegDeadline"] is DateTime _dateTime ? _dateTime : throw new InvalidOperationException("RegDeadline is not added to view in Reg.cshtml view.");
+}
+<div class="page container p-5">
+    <header class="text-center">
+        <div class="icon locked mt-4 mb-1">
+            <svg xmlns="http://www.w3.org/2000/svg" width="72" height="72" fill="currentColor" class="bi bi-shield-lock" viewBox="0 0 16 16">
+                <path d="M5.338 1.59a61 61 0 0 0-2.837.856.48.48 0 0 0-.328.39c-.554 4.157.726 7.19 2.253 9.188a10.7 10.7 0 0 0 2.287 2.233c.346.244.652.42.893.533q.18.085.293.118a1 1 0 0 0 .101.025 1 1 0 0 0 .1-.025q.114-.034.294-.118c.24-.113.547-.29.893-.533a10.7 10.7 0 0 0 2.287-2.233c1.527-1.997 2.807-5.031 2.253-9.188a.48.48 0 0 0-.328-.39c-.651-.213-1.75-.56-2.837-.855C9.552 1.29 8.531 1.067 8 1.067c-.53 0-1.552.223-2.662.524zM5.072.56C6.157.265 7.31 0 8 0s1.843.265 2.928.56c1.11.3 2.229.655 2.887.87a1.54 1.54 0 0 1 1.044 1.262c.596 4.477-.787 7.795-2.465 9.99a11.8 11.8 0 0 1-2.517 2.453 7 7 0 0 1-1.048.625c-.28.132-.581.24-.829.24s-.548-.108-.829-.24a7 7 0 0 1-1.048-.625 11.8 11.8 0 0 1-2.517-2.453C1.928 10.487.545 7.169 1.141 2.692A1.54 1.54 0 0 1 2.185 1.43 63 63 0 0 1 5.072.56" />
+                <path d="M9.5 6.5a1.5 1.5 0 0 1-1 1.415l.385 1.99a.5.5 0 0 1-.491.595h-.788a.5.5 0 0 1-.49-.595l.384-1.99a1.5 1.5 0 1 1 2-1.415" />
+            </svg>
+        </div>
+        <h2 class="mb-0">2-Factor Authentication (2FA)</h2>
+        <h2>Registrierung</h2>
+    </header>
+    <section class="text-center">
+        <p class="p-0 m-0"> @string.Format("Diese Seite ist bis {0} sichtbar.", regDeadline.ToString("d. MMM, HH:mm", new CultureInfo("de-DE")))</p>
+    </section>
+    <section class="text-start mt-4">
+        <div class="accordion" id="tfaRegStep">
+            <div class="accordion-item">
+                <h2 class="accordion-header">
+                    <button class="accordion-button" type="button" data-bs-toggle="collapse" data-bs-target="#collapseOne" aria-expanded="true" aria-controls="collapseOne">
+                        <p class="fw-bolder">Schritt 1 -  Download einer 2FA Applikation</p>
+                    </button>
+                </h2>
+                <div id="collapseOne" class="accordion-collapse collapse show" data-bs-parent="#tfaRegStep">
+                    <div class="accordion-body">
+                        <p class="text-wrap fw-medium">Bitte nehmen Sie Ihr Smartphone zur Hand und laden eine Applikation herunter, die zur Zwei-Faktor-Authentifizierung (2FA) benutzt werden kann.</p>
+                        <p class="text-wrap fw-light">Folgende Applikationen empfehlen wir</p>
+                        <ul class="list-group text-start">
+                            <li class="list-group-item">
+                                <a href="https://support.google.com/accounts/answer/1066447?hl=de&co=GENIE.Platform%3DAndroid" target="_blank" style="text-decoration: none;">
+                                    <samp>Google Authenticator</samp>
+                                </a>
+                            </li>
+                            <li class="list-group-item">
+                                <a href="https://support.microsoft.com/de-de/account-billing/microsoft-authenticator-herunterladen-351498fc-850a-45da-b7b6-27e523b8702a" target="_blank" style="text-decoration: none;">
+                                    <samp>Microsoft Authenticator</samp>
+                                </a>
+                            </li>
+                        </ul>
+                    </div>
+                </div>
+            </div>
+            <div class="accordion-item">
+                <h2 class="accordion-header">
+                    <button class="accordion-button collapsed" type="button" data-bs-toggle="collapse" data-bs-target="#collapseTwo" aria-expanded="false" aria-controls="collapseTwo">
+                        <p class="fw-bolder">Schritt 2 -  Scannen des QR-Codes</p>
+                    </button>
+                </h2>
+                <div id="collapseTwo" class="accordion-collapse collapse" data-bs-parent="#tfaRegStep">
+                    <div class="accordion-body">
+                        <div class="text-center m-0 p-0"><img class="tfaQrCode" src="data:image/png;base64,@totpQR64"></div>
+                        <p class="text-wrap fw-medium">Sobald Sie eine Zwei-Faktor-Authentifizierung App installiert haben, können Sie fortfahren und innerhalb der Applikation die Option zum Scannen eines QR-Codes suchen und bestätigen. Im Anschluss, sobald die Kamera freigegeben wurde, können Sie den QR-Code von uns scannen.</p>
+                    </div>
+                </div>
+            </div>
+            <div class="accordion-item">
+                <h2 class="accordion-header">
+                    <button class="accordion-button collapsed" type="button" data-bs-toggle="collapse" data-bs-target="#collapseThree" aria-expanded="false" aria-controls="collapseThree">
+                        <p class="fw-bolder">Schritt 3 - Verifizierung des Codes</p>
+                    </button>
+                </h2>
+                <div id="collapseThree" class="accordion-collapse collapse" data-bs-parent="#tfaRegStep">
+                    <div class="accordion-body">
+                        <p class="text-wrap fw-medium">Sie können nun in der Zwei-Faktor-Authentifizierung App einen Zahlencode zur Verifizierung des Vorganges ablesen. Bitte tragen Sie diesen Code in das unten aufgeführte Eingabefeld ein und Klicken auf <samp>Absenden</samp>.</p>
+                    </div>
+                </div>
+            </div>
+        </div>
+    </section>
+</div>

EnvelopeGenerator.Web/appsettings.json

@@ -70,11 +70,6 @@
       }
     ]
   },
-  "Jwt": {
-    "Issuer": null,
-    "Audience": null,
-    "Key": "8RGnd7x0G2TYLOIW4m_qlIls7MfbAIGNrpQJzMAUIvULHOLiG723znRa_MG-Z4yw3SErusOU4hTui2rVBMcCaQ"
-  },
   "ContactLink": {
     "Label": "Kontakt",
     "Href": "https://digitaldata.works/",
@@ -113,30 +108,28 @@
     "ShowPageClass": "dd-show-logo",
     "LockedPageClass": "dd-locked-logo"
   },
-  "DispatcherConfig": {
+  "DispatcherParams": {
     "SendingProfile": 1,
     "AddedWho": "DDEnvelopGenerator",
     "ReminderTypeId": 202377,
     "EmailAttmt1": ""
   },
-  "MailConfig": {
+  "MailParams": {
     "Placeholders": {
       "[NAME_PORTAL]": "signFlow",
       "[SIGNATURE_TYPE]": "signieren",
       "[REASON]": ""
     }
   },
-  "GTXMessagingConfig": {
+  "GtxMessagingParams": {
-    "AuthKey": "ep$?A!Gs"
-  },
-  "SmsConfig": {
     "Uri": "https://rest.gtx-messaging.net",
     "Path": "smsc/sendsms/f566f7e5-bdf2-4a9a-bf52-ed88215a432e/json",
     "Headers": {},
     "QueryParams": {
       "from": "signFlow"
-    },
+    }
-    "CodeCacheValidityPeriod": "00:10:00"
   },
-  "EnvelopeReceiverCacheParams": {}
+  "TFARegParams": {
+    "TimeLimit": "00:30:00"
+  }
 }

EnvelopeGenerator.Web/wwwroot/css/site.css

@@ -618,4 +618,8 @@ footer#page-footer {
     .collapse {
         height: 4rem;
     }
+}
+
+#tfaRegStep .tfaQrCode {
+    width: 7rem;
 }

EnvelopeGenerator.Web/wwwroot/lib/bootstrap-icons/LICENSE

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2019-2024 The Bootstrap Authors
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

EnvelopeGenerator.Web/wwwroot/lib/bootstrap-icons/README.md

@@ -0,0 +1,100 @@
+<p align="center">
+  <a href="https://getbootstrap.com/">
+    <img src="https://getbootstrap.com/docs/5.2/assets/brand/bootstrap-logo-shadow.png" alt="Bootstrap logo" width="200" height="165">
+  </a>
+</p>
+
+<h3 align="center">Bootstrap Icons</h3>
+
+<p align="center">
+  Official open source SVG icon library for Bootstrap with over 2,000 icons.
+  <br>
+  <a href="https://icons.getbootstrap.com/"><strong>Explore Bootstrap Icons »</strong></a>
+  <br>
+  <br>
+  <a href="https://getbootstrap.com/">Bootstrap</a>
+  ·
+  <a href="https://themes.getbootstrap.com/">Themes</a>
+  ·
+  <a href="https://blog.getbootstrap.com/">Blog</a>
+  <br>
+</p>
+
+[![Bootstrap Icons preview](https://github.com/twbs/icons/blob/main/.github/preview.png)](https://icons.getbootstrap.com/)
+
+## Install
+
+Bootstrap Icons are packaged up and published to npm. We only include the processed SVGs in this package—it's up to you and your team to implement. [Read our docs](https://icons.getbootstrap.com/) for usage instructions.
+
+```shell
+npm i bootstrap-icons
+```
+
+For those [using Packagist](https://packagist.org/packages/twbs/bootstrap-icons), you can also install Bootstrap Icons via Composer:
+
+```shell
+composer require twbs/bootstrap-icons
+```
+
+[Also available in Figma](https://www.figma.com/community/file/1042482994486402696/Bootstrap-Icons).
+
+## Usage
+
+Depending on your setup, you can include Bootstrap Icons in a handful of ways.
+
+- Copy-paste SVGs as embedded HTML
+- Reference via `<img>` element
+- Use the SVG sprite
+- Include via CSS
+
+[See the docs for more information](https://icons.getbootstrap.com/#usage).
+
+## Development
+
+[![Build Status](https://img.shields.io/github/actions/workflow/status/twbs/icons/test.yml?branch=main&label=Tests&logo=github)](https://github.com/twbs/icons/actions/workflows/test.yml?query=workflow%3ATests+branch%3Amain)
+[![npm version](https://img.shields.io/npm/v/bootstrap-icons?logo=npm&logoColor=fff)](https://www.npmjs.com/package/bootstrap-icons)
+
+Clone the repo, install dependencies, and start the Hugo server locally.
+
+```shell
+git clone https://github.com/twbs/icons/
+cd icons
+npm i
+npm start
+```
+
+Then open `http://localhost:4000` in your browser.
+
+### npm scripts
+
+Here are some key scripts you'll use during development. Be sure to look to our `package.json` or `npm run` output for a complete list of scripts.
+
+| Script       | Description                                                                   |
+|--------------|-------------------------------------------------------------------------------|
+| `start`      | Alias for running `docs-serve`                                                |
+| `docs-serve` | Starts a local Hugo server                                                    |
+| `pages`      | Generates permalink pages for each icon with template Markdown                |
+| `icons`      | Processes and optimizes SVGs in `icons` directory, generates fonts and sprite |
+
+## Adding SVGs
+
+Icons are typically only added by @mdo, but exceptions can be made. New glyphs are designed in Figma first on a 16x16px grid, then exported as flattened SVGs with `fill` (no stroke). Once a new SVG icon has been added to the `icons` directory, we use an npm script to:
+
+1. Optimize our SVGs with SVGO.
+2. Modify the SVGs source code, removing all attributes before setting new attributes and values in our preferred order.
+
+Use `npm run icons` to run the script, run `npm run pages` to build permalink pages, complete those pages, and, finally, commit the results in a new branch for updating.
+
+**Warning**: Please exclude any auto-generated files, like `font/**` and `bootstrap-icons.svg` from your branch because they cause conflicts, and we generally update the dist files before a release.
+
+## Publishing
+
+Documentation is published automatically when a new Git tag is published. See our [GitHub Actions](https://github.com/twbs/icons/tree/main/.github/workflows) and [`package.json`](https://github.com/twbs/icons/blob/main/package.json) for more information.
+
+## License
+
+[MIT](LICENSE)
+
+## Author
+
+[@mdo](https://github.com/mdo)

EnvelopeGenerator.Web/wwwroot/lib/bootstrap-icons/icons/0-circle-fill.svg

@@ -0,0 +1,4 @@
+<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" fill="currentColor" class="bi bi-0-circle-fill" viewBox="0 0 16 16">
+  <path d="M8 4.951c-1.008 0-1.629 1.09-1.629 2.895v.31c0 1.81.627 2.895 1.629 2.895s1.623-1.09 1.623-2.895v-.31c0-1.8-.621-2.895-1.623-2.895"/>
+  <path d="M16 8A8 8 0 1 1 0 8a8 8 0 0 1 16 0m-8.012 4.158c1.858 0 2.96-1.582 2.96-3.99V7.84c0-2.426-1.079-3.996-2.936-3.996-1.864 0-2.965 1.588-2.965 3.996v.328c0 2.42 1.09 3.99 2.941 3.99"/>
+</svg>

EnvelopeGenerator.Web/wwwroot/lib/bootstrap-icons/icons/0-circle.svg

@@ -0,0 +1,4 @@
+<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" fill="currentColor" class="bi bi-0-circle" viewBox="0 0 16 16">
+  <path d="M7.988 12.158c-1.851 0-2.941-1.57-2.941-3.99V7.84c0-2.408 1.101-3.996 2.965-3.996 1.857 0 2.935 1.57 2.935 3.996v.328c0 2.408-1.101 3.99-2.959 3.99M8 4.951c-1.008 0-1.629 1.09-1.629 2.895v.31c0 1.81.627 2.895 1.629 2.895s1.623-1.09 1.623-2.895v-.31c0-1.8-.621-2.895-1.623-2.895"/>
+  <path d="M16 8A8 8 0 1 1 0 8a8 8 0 0 1 16 0M1 8a7 7 0 1 0 14 0A7 7 0 0 0 1 8"/>
+</svg>

EnvelopeGenerator.Web/wwwroot/lib/bootstrap-icons/icons/0-square-fill.svg

@@ -0,0 +1,4 @@
+<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" fill="currentColor" class="bi bi-0-square-fill" viewBox="0 0 16 16">
+  <path d="M8 4.951c-1.008 0-1.629 1.09-1.629 2.895v.31c0 1.81.627 2.895 1.629 2.895s1.623-1.09 1.623-2.895v-.31c0-1.8-.621-2.895-1.623-2.895"/>
+  <path d="M2 0a2 2 0 0 0-2 2v12a2 2 0 0 0 2 2h12a2 2 0 0 0 2-2V2a2 2 0 0 0-2-2zm5.988 12.158c-1.851 0-2.941-1.57-2.941-3.99V7.84c0-2.408 1.101-3.996 2.965-3.996 1.857 0 2.935 1.57 2.935 3.996v.328c0 2.408-1.101 3.99-2.959 3.99"/>
+</svg>

EnvelopeGenerator.Web/wwwroot/lib/bootstrap-icons/icons/0-square.svg

@@ -0,0 +1,4 @@
+<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" fill="currentColor" class="bi bi-0-square" viewBox="0 0 16 16">
+  <path d="M7.988 12.158c-1.851 0-2.941-1.57-2.941-3.99V7.84c0-2.408 1.101-3.996 2.965-3.996 1.857 0 2.935 1.57 2.935 3.996v.328c0 2.408-1.101 3.99-2.959 3.99M8 4.951c-1.008 0-1.629 1.09-1.629 2.895v.31c0 1.81.627 2.895 1.629 2.895s1.623-1.09 1.623-2.895v-.31c0-1.8-.621-2.895-1.623-2.895"/>
+  <path d="M0 2a2 2 0 0 1 2-2h12a2 2 0 0 1 2 2v12a2 2 0 0 1-2 2H2a2 2 0 0 1-2-2zm15 0a1 1 0 0 0-1-1H2a1 1 0 0 0-1 1v12a1 1 0 0 0 1 1h12a1 1 0 0 0 1-1z"/>
+</svg>

EnvelopeGenerator.Web/wwwroot/lib/bootstrap-icons/icons/1-circle-fill.svg

@@ -0,0 +1,3 @@
+<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" fill="currentColor" class="bi bi-1-circle-fill" viewBox="0 0 16 16">
+  <path d="M16 8A8 8 0 1 1 0 8a8 8 0 0 1 16 0M9.283 4.002H7.971L6.072 5.385v1.271l1.834-1.318h.065V12h1.312z"/>
+</svg>

EnvelopeGenerator.Web/wwwroot/lib/bootstrap-icons/icons/1-circle.svg

@@ -0,0 +1,3 @@
+<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" fill="currentColor" class="bi bi-1-circle" viewBox="0 0 16 16">
+  <path d="M1 8a7 7 0 1 0 14 0A7 7 0 0 0 1 8m15 0A8 8 0 1 1 0 8a8 8 0 0 1 16 0M9.283 4.002V12H7.971V5.338h-.065L6.072 6.656V5.385l1.899-1.383z"/>
+</svg>

EnvelopeGenerator.Web/wwwroot/lib/bootstrap-icons/icons/1-square-fill.svg

@@ -0,0 +1,3 @@
+<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" fill="currentColor" class="bi bi-1-square-fill" viewBox="0 0 16 16">
+  <path d="M2 0a2 2 0 0 0-2 2v12a2 2 0 0 0 2 2h12a2 2 0 0 0 2-2V2a2 2 0 0 0-2-2zm7.283 4.002V12H7.971V5.338h-.065L6.072 6.656V5.385l1.899-1.383z"/>
+</svg>

EnvelopeGenerator.Web/wwwroot/lib/bootstrap-icons/icons/1-square.svg

@@ -0,0 +1,4 @@
+<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" fill="currentColor" class="bi bi-1-square" viewBox="0 0 16 16">
+  <path d="M9.283 4.002V12H7.971V5.338h-.065L6.072 6.656V5.385l1.899-1.383z"/>
+  <path d="M0 2a2 2 0 0 1 2-2h12a2 2 0 0 1 2 2v12a2 2 0 0 1-2 2H2a2 2 0 0 1-2-2zm15 0a1 1 0 0 0-1-1H2a1 1 0 0 0-1 1v12a1 1 0 0 0 1 1h12a1 1 0 0 0 1-1z"/>
+</svg>

EnvelopeGenerator.Web/wwwroot/lib/bootstrap-icons/icons/123.svg

@@ -0,0 +1,3 @@
+<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" fill="currentColor" class="bi bi-123" viewBox="0 0 16 16">
+  <path d="M2.873 11.297V4.142H1.699L0 5.379v1.137l1.64-1.18h.06v5.961zm3.213-5.09v-.063c0-.618.44-1.169 1.196-1.169.676 0 1.174.44 1.174 1.106 0 .624-.42 1.101-.807 1.526L4.99 10.553v.744h4.78v-.99H6.643v-.069L8.41 8.252c.65-.724 1.237-1.332 1.237-2.27C9.646 4.849 8.723 4 7.308 4c-1.573 0-2.36 1.064-2.36 2.15v.057zm6.559 1.883h.786c.823 0 1.374.481 1.379 1.179.01.707-.55 1.216-1.421 1.21-.77-.005-1.326-.419-1.379-.953h-1.095c.042 1.053.938 1.918 2.464 1.918 1.478 0 2.642-.839 2.62-2.144-.02-1.143-.922-1.651-1.551-1.714v-.063c.535-.09 1.347-.66 1.326-1.678-.026-1.053-.933-1.855-2.359-1.845-1.5.005-2.317.88-2.348 1.898h1.116c.032-.498.498-.944 1.206-.944.703 0 1.206.435 1.206 1.07.005.64-.504 1.106-1.2 1.106h-.75z"/>
+</svg>

EnvelopeGenerator.Web/wwwroot/lib/bootstrap-icons/icons/2-circle-fill.svg

@@ -0,0 +1,3 @@
+<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" fill="currentColor" class="bi bi-2-circle-fill" viewBox="0 0 16 16">
+  <path d="M16 8A8 8 0 1 1 0 8a8 8 0 0 1 16 0M6.646 6.24c0-.691.493-1.306 1.336-1.306.756 0 1.313.492 1.313 1.236 0 .697-.469 1.23-.902 1.705l-2.971 3.293V12h5.344v-1.107H7.268v-.077l1.974-2.22.096-.107c.688-.763 1.287-1.428 1.287-2.43 0-1.266-1.031-2.215-2.613-2.215-1.758 0-2.637 1.19-2.637 2.402v.065h1.271v-.07Z"/>
+</svg>

EnvelopeGenerator.Web/wwwroot/lib/bootstrap-icons/icons/2-circle.svg

@@ -0,0 +1,3 @@
+<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" fill="currentColor" class="bi bi-2-circle" viewBox="0 0 16 16">
+  <path d="M1 8a7 7 0 1 0 14 0A7 7 0 0 0 1 8m15 0A8 8 0 1 1 0 8a8 8 0 0 1 16 0M6.646 6.24v.07H5.375v-.064c0-1.213.879-2.402 2.637-2.402 1.582 0 2.613.949 2.613 2.215 0 1.002-.6 1.667-1.287 2.43l-.096.107-1.974 2.22v.077h3.498V12H5.422v-.832l2.97-3.293c.434-.475.903-1.008.903-1.705 0-.744-.557-1.236-1.313-1.236-.843 0-1.336.615-1.336 1.306"/>
+</svg>

EnvelopeGenerator.Web/wwwroot/lib/bootstrap-icons/icons/2-square-fill.svg

@@ -0,0 +1,3 @@
+<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" fill="currentColor" class="bi bi-2-square-fill" viewBox="0 0 16 16">
+  <path d="M2 0a2 2 0 0 0-2 2v12a2 2 0 0 0 2 2h12a2 2 0 0 0 2-2V2a2 2 0 0 0-2-2zm4.646 6.24v.07H5.375v-.064c0-1.213.879-2.402 2.637-2.402 1.582 0 2.613.949 2.613 2.215 0 1.002-.6 1.667-1.287 2.43l-.096.107-1.974 2.22v.077h3.498V12H5.422v-.832l2.97-3.293c.434-.475.903-1.008.903-1.705 0-.744-.557-1.236-1.313-1.236-.843 0-1.336.615-1.336 1.306"/>
+</svg>

EnvelopeGenerator.Web/wwwroot/lib/bootstrap-icons/icons/2-square.svg

@@ -0,0 +1,4 @@
+<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" fill="currentColor" class="bi bi-2-square" viewBox="0 0 16 16">
+  <path d="M6.646 6.24v.07H5.375v-.064c0-1.213.879-2.402 2.637-2.402 1.582 0 2.613.949 2.613 2.215 0 1.002-.6 1.667-1.287 2.43l-.096.107-1.974 2.22v.077h3.498V12H5.422v-.832l2.97-3.293c.434-.475.903-1.008.903-1.705 0-.744-.557-1.236-1.313-1.236-.843 0-1.336.615-1.336 1.306"/>
+  <path d="M0 2a2 2 0 0 1 2-2h12a2 2 0 0 1 2 2v12a2 2 0 0 1-2 2H2a2 2 0 0 1-2-2zm15 0a1 1 0 0 0-1-1H2a1 1 0 0 0-1 1v12a1 1 0 0 0 1 1h12a1 1 0 0 0 1-1z"/>
+</svg>

EnvelopeGenerator.Web/wwwroot/lib/bootstrap-icons/icons/3-circle-fill.svg

@@ -0,0 +1,3 @@
+<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" fill="currentColor" class="bi bi-3-circle-fill" viewBox="0 0 16 16">
+  <path d="M16 8A8 8 0 1 1 0 8a8 8 0 0 1 16 0m-8.082.414c.92 0 1.535.54 1.541 1.318.012.791-.615 1.36-1.588 1.354-.861-.006-1.482-.469-1.54-1.066H5.104c.047 1.177 1.05 2.144 2.754 2.144 1.653 0 2.954-.937 2.93-2.396-.023-1.278-1.031-1.846-1.734-1.916v-.07c.597-.1 1.505-.739 1.482-1.876-.03-1.177-1.043-2.074-2.637-2.062-1.675.006-2.59.984-2.625 2.12h1.248c.036-.556.557-1.054 1.348-1.054.785 0 1.348.486 1.348 1.195.006.715-.563 1.237-1.342 1.237h-.838v1.072h.879Z"/>
+</svg>

EnvelopeGenerator.Web/wwwroot/lib/bootstrap-icons/icons/3-circle.svg

@@ -0,0 +1,4 @@
+<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" fill="currentColor" class="bi bi-3-circle" viewBox="0 0 16 16">
+  <path d="M7.918 8.414h-.879V7.342h.838c.78 0 1.348-.522 1.342-1.237 0-.709-.563-1.195-1.348-1.195-.79 0-1.312.498-1.348 1.055H5.275c.036-1.137.95-2.115 2.625-2.121 1.594-.012 2.608.885 2.637 2.062.023 1.137-.885 1.776-1.482 1.875v.07c.703.07 1.71.64 1.734 1.917.024 1.459-1.277 2.396-2.93 2.396-1.705 0-2.707-.967-2.754-2.144H6.33c.059.597.68 1.06 1.541 1.066.973.006 1.6-.563 1.588-1.354-.006-.779-.621-1.318-1.541-1.318"/>
+  <path d="M16 8A8 8 0 1 1 0 8a8 8 0 0 1 16 0M1 8a7 7 0 1 0 14 0A7 7 0 0 0 1 8"/>
+</svg>

EnvelopeGenerator.Web/wwwroot/lib/bootstrap-icons/icons/3-square-fill.svg

@@ -0,0 +1,3 @@
+<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" fill="currentColor" class="bi bi-3-square-fill" viewBox="0 0 16 16">
+  <path d="M2 0a2 2 0 0 0-2 2v12a2 2 0 0 0 2 2h12a2 2 0 0 0 2-2V2a2 2 0 0 0-2-2zm5.918 8.414h-.879V7.342h.838c.78 0 1.348-.522 1.342-1.237 0-.709-.563-1.195-1.348-1.195-.79 0-1.312.498-1.348 1.055H5.275c.036-1.137.95-2.115 2.625-2.121 1.594-.012 2.608.885 2.637 2.062.023 1.137-.885 1.776-1.482 1.875v.07c.703.07 1.71.64 1.734 1.917.024 1.459-1.277 2.396-2.93 2.396-1.705 0-2.707-.967-2.754-2.144H6.33c.059.597.68 1.06 1.541 1.066.973.006 1.6-.563 1.588-1.354-.006-.779-.621-1.318-1.541-1.318"/>
+</svg>

EnvelopeGenerator.Web/wwwroot/lib/bootstrap-icons/icons/3-square.svg

@@ -0,0 +1,4 @@
+<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" fill="currentColor" class="bi bi-3-square" viewBox="0 0 16 16">
+  <path d="M7.918 8.414h-.879V7.342h.838c.78 0 1.348-.522 1.342-1.237 0-.709-.563-1.195-1.348-1.195-.79 0-1.312.498-1.348 1.055H5.275c.036-1.137.95-2.115 2.625-2.121 1.594-.012 2.608.885 2.637 2.062.023 1.137-.885 1.776-1.482 1.875v.07c.703.07 1.71.64 1.734 1.917.024 1.459-1.277 2.396-2.93 2.396-1.705 0-2.707-.967-2.754-2.144H6.33c.059.597.68 1.06 1.541 1.066.973.006 1.6-.563 1.588-1.354-.006-.779-.621-1.318-1.541-1.318"/>
+  <path d="M0 2a2 2 0 0 1 2-2h12a2 2 0 0 1 2 2v12a2 2 0 0 1-2 2H2a2 2 0 0 1-2-2zm15 0a1 1 0 0 0-1-1H2a1 1 0 0 0-1 1v12a1 1 0 0 0 1 1h12a1 1 0 0 0 1-1z"/>
+</svg>

EnvelopeGenerator.Web/wwwroot/lib/bootstrap-icons/icons/4-circle-fill.svg

@@ -0,0 +1,3 @@
+<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" fill="currentColor" class="bi bi-4-circle-fill" viewBox="0 0 16 16">
+  <path d="M16 8A8 8 0 1 1 0 8a8 8 0 0 1 16 0M7.519 5.057c-.886 1.418-1.772 2.838-2.542 4.265v1.12H8.85V12h1.26v-1.559h1.007V9.334H10.11V4.002H8.176zM6.225 9.281v.053H8.85V5.063h-.065c-.867 1.33-1.787 2.806-2.56 4.218"/>
+</svg>

EnvelopeGenerator.Web/wwwroot/lib/bootstrap-icons/icons/4-circle.svg

@@ -0,0 +1,4 @@
+<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" fill="currentColor" class="bi bi-4-circle" viewBox="0 0 16 16">
+  <path d="M7.519 5.057q.33-.527.657-1.055h1.933v5.332h1.008v1.107H10.11V12H8.85v-1.559H4.978V9.322c.77-1.427 1.656-2.847 2.542-4.265ZM6.225 9.281v.053H8.85V5.063h-.065c-.867 1.33-1.787 2.806-2.56 4.218"/>
+  <path d="M16 8A8 8 0 1 1 0 8a8 8 0 0 1 16 0M1 8a7 7 0 1 0 14 0A7 7 0 0 0 1 8"/>
+</svg>

EnvelopeGenerator.Web/wwwroot/lib/bootstrap-icons/icons/4-square-fill.svg

@@ -0,0 +1,4 @@
+<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" fill="currentColor" class="bi bi-4-square-fill" viewBox="0 0 16 16">
+  <path d="M6.225 9.281v.053H8.85V5.063h-.065c-.867 1.33-1.787 2.806-2.56 4.218"/>
+  <path d="M2 0a2 2 0 0 0-2 2v12a2 2 0 0 0 2 2h12a2 2 0 0 0 2-2V2a2 2 0 0 0-2-2zm5.519 5.057q.33-.527.657-1.055h1.933v5.332h1.008v1.107H10.11V12H8.85v-1.559H4.978V9.322c.77-1.427 1.656-2.847 2.542-4.265Z"/>
+</svg>

EnvelopeGenerator.Web/wwwroot/lib/bootstrap-icons/icons/4-square.svg

@@ -0,0 +1,4 @@
+<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" fill="currentColor" class="bi bi-4-square" viewBox="0 0 16 16">
+  <path d="M7.519 5.057q.33-.527.657-1.055h1.933v5.332h1.008v1.107H10.11V12H8.85v-1.559H4.978V9.322c.77-1.427 1.656-2.847 2.542-4.265ZM6.225 9.281v.053H8.85V5.063h-.065c-.867 1.33-1.787 2.806-2.56 4.218"/>
+  <path d="M0 2a2 2 0 0 1 2-2h12a2 2 0 0 1 2 2v12a2 2 0 0 1-2 2H2a2 2 0 0 1-2-2zm15 0a1 1 0 0 0-1-1H2a1 1 0 0 0-1 1v12a1 1 0 0 0 1 1h12a1 1 0 0 0 1-1z"/>
+</svg>

EnvelopeGenerator.Web/wwwroot/lib/bootstrap-icons/icons/5-circle-fill.svg

@@ -0,0 +1,3 @@
+<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" fill="currentColor" class="bi bi-5-circle-fill" viewBox="0 0 16 16">
+  <path d="M16 8A8 8 0 1 1 0 8a8 8 0 0 1 16 0m-8.006 4.158c1.74 0 2.924-1.119 2.924-2.806 0-1.641-1.178-2.584-2.56-2.584-.897 0-1.442.421-1.612.68h-.064l.193-2.344h3.621V4.002H5.791L5.445 8.63h1.149c.193-.358.668-.809 1.435-.809.85 0 1.582.604 1.582 1.57 0 1.085-.779 1.682-1.57 1.682-.697 0-1.389-.31-1.53-1.031H5.276c.065 1.213 1.149 2.115 2.72 2.115Z"/>
+</svg>

EnvelopeGenerator.Web/wwwroot/lib/bootstrap-icons/icons/5-circle.svg

@@ -0,0 +1,3 @@
+<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" fill="currentColor" class="bi bi-5-circle" viewBox="0 0 16 16">
+  <path d="M1 8a7 7 0 1 1 14 0A7 7 0 0 1 1 8m15 0A8 8 0 1 0 0 8a8 8 0 0 0 16 0m-8.006 4.158c-1.57 0-2.654-.902-2.719-2.115h1.237c.14.72.832 1.031 1.529 1.031.791 0 1.57-.597 1.57-1.681 0-.967-.732-1.57-1.582-1.57-.767 0-1.242.45-1.435.808H5.445L5.791 4h4.705v1.103H6.875l-.193 2.343h.064c.17-.258.715-.68 1.611-.68 1.383 0 2.561.944 2.561 2.585 0 1.687-1.184 2.806-2.924 2.806Z"/>
+</svg>

EnvelopeGenerator.Web/wwwroot/lib/bootstrap-icons/icons/5-square-fill.svg

@@ -0,0 +1,3 @@
+<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" fill="currentColor" class="bi bi-5-square-fill" viewBox="0 0 16 16">
+  <path d="M2 0a2 2 0 0 0-2 2v12a2 2 0 0 0 2 2h12a2 2 0 0 0 2-2V2a2 2 0 0 0-2-2zm5.994 12.158c-1.57 0-2.654-.902-2.719-2.115h1.237c.14.72.832 1.031 1.529 1.031.791 0 1.57-.597 1.57-1.681 0-.967-.732-1.57-1.582-1.57-.767 0-1.242.45-1.435.808H5.445L5.791 4h4.705v1.103H6.875l-.193 2.343h.064c.17-.258.715-.68 1.611-.68 1.383 0 2.561.944 2.561 2.585 0 1.687-1.184 2.806-2.924 2.806Z"/>
+</svg>

EnvelopeGenerator.Web/wwwroot/lib/bootstrap-icons/icons/5-square.svg

@@ -0,0 +1,4 @@
+<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" fill="currentColor" class="bi bi-5-square" viewBox="0 0 16 16">
+  <path d="M7.994 12.158c-1.57 0-2.654-.902-2.719-2.115h1.237c.14.72.832 1.031 1.529 1.031.791 0 1.57-.597 1.57-1.681 0-.967-.732-1.57-1.582-1.57-.767 0-1.242.45-1.435.808H5.445L5.791 4h4.705v1.103H6.875l-.193 2.343h.064c.17-.258.715-.68 1.611-.68 1.383 0 2.561.944 2.561 2.585 0 1.687-1.184 2.806-2.924 2.806Z"/>
+  <path d="M0 2a2 2 0 0 1 2-2h12a2 2 0 0 1 2 2v12a2 2 0 0 1-2 2H2a2 2 0 0 1-2-2zm15 0a1 1 0 0 0-1-1H2a1 1 0 0 0-1 1v12a1 1 0 0 0 1 1h12a1 1 0 0 0 1-1z"/>
+</svg>

EnvelopeGenerator.Web/wwwroot/lib/bootstrap-icons/icons/6-circle-fill.svg

@@ -0,0 +1,3 @@
+<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" fill="currentColor" class="bi bi-6-circle-fill" viewBox="0 0 16 16">
+  <path d="M16 8A8 8 0 1 1 0 8a8 8 0 0 1 16 0M8.21 3.855c-1.868 0-3.116 1.395-3.116 4.407 0 1.183.228 2.039.597 2.642.569.926 1.477 1.254 2.409 1.254 1.629 0 2.847-1.013 2.847-2.783 0-1.676-1.254-2.555-2.508-2.555-1.125 0-1.752.61-1.98 1.155h-.082c-.012-1.946.727-3.036 1.805-3.036.802 0 1.213.457 1.312.815h1.29c-.06-.908-.962-1.899-2.573-1.899Zm-.099 4.008c-.92 0-1.564.65-1.564 1.576 0 1.032.703 1.635 1.558 1.635.868 0 1.553-.533 1.553-1.629 0-1.06-.744-1.582-1.547-1.582"/>
+</svg>

EnvelopeGenerator.Web/wwwroot/lib/bootstrap-icons/icons/6-circle.svg

@@ -0,0 +1,3 @@
+<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" fill="currentColor" class="bi bi-6-circle" viewBox="0 0 16 16">
+  <path d="M1 8a7 7 0 1 0 14 0A7 7 0 0 0 1 8m15 0A8 8 0 1 1 0 8a8 8 0 0 1 16 0M8.21 3.855c1.612 0 2.515.99 2.573 1.899H9.494c-.1-.358-.51-.815-1.312-.815-1.078 0-1.817 1.09-1.805 3.036h.082c.229-.545.855-1.155 1.98-1.155 1.254 0 2.508.88 2.508 2.555 0 1.77-1.218 2.783-2.847 2.783-.932 0-1.84-.328-2.409-1.254-.369-.603-.597-1.459-.597-2.642 0-3.012 1.248-4.407 3.117-4.407Zm-.099 4.008c-.92 0-1.564.65-1.564 1.576 0 1.032.703 1.635 1.558 1.635.868 0 1.553-.533 1.553-1.629 0-1.06-.744-1.582-1.547-1.582"/>
+</svg>

EnvelopeGenerator.Web/wwwroot/lib/bootstrap-icons/icons/6-square-fill.svg

@@ -0,0 +1,4 @@
+<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" fill="currentColor" class="bi bi-6-square-fill" viewBox="0 0 16 16">
+  <path d="M8.111 7.863c-.92 0-1.564.65-1.564 1.576 0 1.032.703 1.635 1.558 1.635.868 0 1.553-.533 1.553-1.629 0-1.06-.744-1.582-1.547-1.582"/>
+  <path d="M2 0a2 2 0 0 0-2 2v12a2 2 0 0 0 2 2h12a2 2 0 0 0 2-2V2a2 2 0 0 0-2-2zm6.21 3.855c1.612 0 2.515.99 2.573 1.899H9.494c-.1-.358-.51-.815-1.312-.815-1.078 0-1.817 1.09-1.805 3.036h.082c.229-.545.855-1.155 1.98-1.155 1.254 0 2.508.88 2.508 2.555 0 1.77-1.218 2.783-2.847 2.783-.932 0-1.84-.328-2.409-1.254-.369-.603-.597-1.459-.597-2.642 0-3.012 1.248-4.407 3.117-4.407Z"/>
+</svg>

EnvelopeGenerator.Web/wwwroot/lib/bootstrap-icons/icons/6-square.svg

@@ -0,0 +1,4 @@
+<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" fill="currentColor" class="bi bi-6-square" viewBox="0 0 16 16">
+  <path d="M8.21 3.855c1.612 0 2.515.99 2.573 1.899H9.494c-.1-.358-.51-.815-1.312-.815-1.078 0-1.817 1.09-1.805 3.036h.082c.229-.545.855-1.155 1.98-1.155 1.254 0 2.508.88 2.508 2.555 0 1.77-1.218 2.783-2.847 2.783-.932 0-1.84-.328-2.409-1.254-.369-.603-.597-1.459-.597-2.642 0-3.012 1.248-4.407 3.117-4.407Zm-.099 4.008c-.92 0-1.564.65-1.564 1.576 0 1.032.703 1.635 1.558 1.635.868 0 1.553-.533 1.553-1.629 0-1.06-.744-1.582-1.547-1.582"/>
+  <path d="M0 2a2 2 0 0 1 2-2h12a2 2 0 0 1 2 2v12a2 2 0 0 1-2 2H2a2 2 0 0 1-2-2zm15 0a1 1 0 0 0-1-1H2a1 1 0 0 0-1 1v12a1 1 0 0 0 1 1h12a1 1 0 0 0 1-1z"/>
+</svg>

EnvelopeGenerator.Web/wwwroot/lib/bootstrap-icons/icons/7-circle-fill.svg

@@ -0,0 +1,3 @@
+<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" fill="currentColor" class="bi bi-7-circle-fill" viewBox="0 0 16 16">
+  <path d="M16 8A8 8 0 1 1 0 8a8 8 0 0 1 16 0M5.37 5.11h3.972v.07L6.025 12H7.42l3.258-6.85V4.002H5.369v1.107Z"/>
+</svg>