I am using Secure Android OTP & Account Verification using the SMS Retriever API, In oreder for the service to work My incoming sms should be in the foloowing format:
<#> Your code is: 401947
FA+9qCX9VSu
With the <#> At the begging and the hash in the end, is there a wy to remove this (or at least make it invisible for the user?
Thanks!
No, I think the SDK reads that character to determine if it should continue reading the rest of the text that is why it is required according to the documentation.
Related
I am trying to use the Android [SMSRetriever][1] API to auto-read a token sent using Authy. However, I am unable to find out how to include a custom string (in this case, my app's Android hash) in the text that Authy will send.
Is this a matter of an extra request parameter to be sent to Authy, or something I need to set up on the dashboard in Twilio? Or is this not possible?
Twilio developer evangelist here.
I believe that if you include the parameters action and action_message you can set the message sent as an SMS when you request a token. Note that you need to set the action to the same when you verify the token too.
I am trying to automated a flow where I can read sms and then parse the SMS to read the OTP and enter it in another webapp. Looked through all forums but couldn't find an answer.
I am writing code in java and trying to run a webapp on android device using appium.
Can someone suggest how to do it?
If you want to read sms from device in Appium session there is a good approach described in discuss.appium.io
I think you can create several sessions in one test: 1 - to get sms with native app, 2 - open webApp in mobile browser and do whatever you need
This approach worked for me
Suppose your OTP sms is like "OTP is 12345 for your order", and it shows up in your notification panel,
Reach the OTP Screen
Pull down the notification bar ((AndroidDriver) driver).openNotifications();
Wait for this element otpElement with xpath //android.widget.TextView[contains(#text,'OTP is')] is displayed (ie, While the sms arrives)
Use OTPmessage = otpElement.getText() to get the OTP message text
Extract OTP using this code : String OTP = StringUtils.substringBetween(OTPmessage, "OTP is ", " for ");
Close notification panel using ((AndroidDriver) driver).pressKey(new KeyEvent(AndroidKey.BACK));
I dont think this is a good approach if you are testing the app. It might take lot of time for the OTP to arrive thereby failing your test unnecessarily. Better ask your devs keep the OTP fixed so you don't need to receive it through the sms everytime.
You can add a key to store last OTP in an in-memory storage like Redis or closured Dictionary in your backend language, you will then update this key with the value of the OTP you want to send out via an SMS service provider. The last sent OTP stored in this key should then be exposed via an additional api endpoint in your service, which you would then call as part of your automated script after doing an action that will make the OTP to be sent.
A more reliable and robust modification of this will be to expose an API that retrieves the OTP stored against each phone number, you must have this stored already of course before you could do the verification in-app. This endpoint must only be exposed within a test environment, that's the precaution to pay attention to, or you make the endpoint available only to authorized user roles.
I am adding OTP in Android app . With one edit text user will enter his mobile no will get otp with sms gateway provider .
Please tell me for above condition what will be best method to send otp and verify otp ? Why ?
GET or POST method ?
To verify OTP you should use POST as in GET the parameters are visible, also to make it secure you can use https connection for verify OTP service (provided your webservice supports it) . For further security you can encrypt your OTP at client side and decrypt it at server side before verification.
When I use parse.com, I am not sure whether there a module for Mobile registration, it will use my mobile number and a sms verification coder, the way just like like WhatsApp does?
I don't believe Parse has a service like that.
Nexmo, where I work, has an API that enables you to easily verify that a user has access to a specific mobile device. Nexmo sends a single use code by SMS or Voice, retrying when needed. Once the user enters the code to your app/website, the Verify API confirms if it is valid.
Nexmo’s Verify API
Make a call to https://api.nexmo.com/verify/json (or /xml)
Add parameters: api_key, api_secret, number (to be verified), & brand/app name
Optional parameters: language, length, etc. (Full list of parameters in documentation)
Take a look at the Nexmo's Verify documentation here
[Background]
I am looking for some way to automate phone verification (6 digit code sent on cell phones(android) )
[My Way-probably really lame]
Create an app that polls messages coming in, search for keyword "verification".
If found ,get the 6 digit number from the message and update the file over network from cell.
Script on PC will read entry of file after the verification code was sent and use it.
Are there any API's exposed?
Verification is similar to what we have on gmail.
Thanks in advance for any inputs
Sync Messages to another Gmail acocunt where such login is not required.
Create an Console app that reads you gmail folders
poll for latest message, and voila, you have your code.