I am trying to automated a flow where I can read sms and then parse the SMS to read the OTP and enter it in another webapp. Looked through all forums but couldn't find an answer.
I am writing code in java and trying to run a webapp on android device using appium.
Can someone suggest how to do it?
If you want to read sms from device in Appium session there is a good approach described in discuss.appium.io
I think you can create several sessions in one test: 1 - to get sms with native app, 2 - open webApp in mobile browser and do whatever you need
This approach worked for me
Suppose your OTP sms is like "OTP is 12345 for your order", and it shows up in your notification panel,
Reach the OTP Screen
Pull down the notification bar ((AndroidDriver) driver).openNotifications();
Wait for this element otpElement with xpath //android.widget.TextView[contains(#text,'OTP is')] is displayed (ie, While the sms arrives)
Use OTPmessage = otpElement.getText() to get the OTP message text
Extract OTP using this code : String OTP = StringUtils.substringBetween(OTPmessage, "OTP is ", " for ");
Close notification panel using ((AndroidDriver) driver).pressKey(new KeyEvent(AndroidKey.BACK));
I dont think this is a good approach if you are testing the app. It might take lot of time for the OTP to arrive thereby failing your test unnecessarily. Better ask your devs keep the OTP fixed so you don't need to receive it through the sms everytime.
You can add a key to store last OTP in an in-memory storage like Redis or closured Dictionary in your backend language, you will then update this key with the value of the OTP you want to send out via an SMS service provider. The last sent OTP stored in this key should then be exposed via an additional api endpoint in your service, which you would then call as part of your automated script after doing an action that will make the OTP to be sent.
A more reliable and robust modification of this will be to expose an API that retrieves the OTP stored against each phone number, you must have this stored already of course before you could do the verification in-app. This endpoint must only be exposed within a test environment, that's the precaution to pay attention to, or you make the endpoint available only to authorized user roles.
Related
I am currently working on implementing a mobile app for our site that uses Ruby on Rails and Devise. The idea here is, at first, create a mobile login form that on successful login opens a web frame that is authenticated and allows the normal use of the (mobile optimised) site. Theoretically that should be possible.
I am having trouble with the following issues:
How do you get the pure session key for the user session via a json request? What methods can be used to manually generate it from devise, something that the sign_in(:user, user) method does?
Is it even possible to take that key and put it into the browser cookie the way it normally happens in devise, but on the mobile side?
I know that this is not the standard method of making mobile applications for the site, but I believe it should be possible.
You might want to consider using Devise Token Auth and treating your mobile application like just another webapp that requests permission from your main site. DTA is particularly nice since it takes care of managing the session tokens (renewing/expiring) and passing them onto the app requiring access. The issue is overriding your session controllers so that it automatically logs in after you already log in on the mobile app (or just rewriting your log in so it occurs in conjunction with the Rails site, rather than before). Considering you're already using Devise, this may also be more refactoring than you'd like.
If you want to put your authentication form on the mobile UI and pass the credentials over to the web frame, you need a way to pass data from the mobile app to the web frame.
How you accomplish this depends on what platform you're building on. I'm not really a mobile developer so I don't know for certain how difficult / easy these options are:
When opening the web frame, instantiate it with session data
Find a way to call methods on the client from the web frame. Something like getSessionData.
You could generate a fingerprint for the web frame, have the mobile UI send this data to the server, and then have the web frame authenticate with the server by sending the fingerprint.
Again, I'm not entirely sure how possible all these options are.
You should use token authorization and Android deep linking. It will allow you to login in the web browser and send a token to your app via deep linking.
OK, so I decided to make a webframe solution as follows, basically you post the login and password to a certain sign_in method specially designed to generate one-time sign in tokens for the application. You need two methods in the system to do that:
routes.rb
devise_scope :user do
get "sign_in_with_token/:token" => "sessions#sign_in_with_token"
post "get_login_token" => "sessions#get_login_token"
end
sessions_controller.rb (don't forget to add the method that increases the failed_sign_in_count on wrong password, otherwise that can allow brute force attacks)
def get_login_token
user = User.find_by_email(sign_in_params["login"])
password = sign_in_params["password"]
if user and user.valid_password?(password)
token = SecureRandom.hex(16)
user.update_attribute(:authentication_token, token)
render json: {token: token}, status: 200
else
render json: {error: "error"}, status: 403
end
end
and the method to sign in with that token
def sign_in_with_token
#user = User.where(authentication_token: params[:token], email: Base64.decode64(params[:email])).first
if #user
#user.update_attribute(:authentication_token, nil)
sign_in(#user, bypass: true)
end
redirect_to '/' # or user_root_url
end
That way the mobile app will work like this:
use the generic web frame to send ajax requests to the server and get that token for the user email if password is correct.
make a /sign_in_with_token/#{token from ajax}?email=#{base46 encoded email} link inside the app.
open that link inside the web frame and use the app as though you were logged in normally. Now the app can save email and password locally and use that logic to get the token again for another session. Later logging in will also be able to set the app id so that push notifications can be sent.
Appreciate any feedback or criticism on this solution.
When I use parse.com, I am not sure whether there a module for Mobile registration, it will use my mobile number and a sms verification coder, the way just like like WhatsApp does?
I don't believe Parse has a service like that.
Nexmo, where I work, has an API that enables you to easily verify that a user has access to a specific mobile device. Nexmo sends a single use code by SMS or Voice, retrying when needed. Once the user enters the code to your app/website, the Verify API confirms if it is valid.
Nexmo’s Verify API
Make a call to https://api.nexmo.com/verify/json (or /xml)
Add parameters: api_key, api_secret, number (to be verified), & brand/app name
Optional parameters: language, length, etc. (Full list of parameters in documentation)
Take a look at the Nexmo's Verify documentation here
[Background]
I am looking for some way to automate phone verification (6 digit code sent on cell phones(android) )
[My Way-probably really lame]
Create an app that polls messages coming in, search for keyword "verification".
If found ,get the 6 digit number from the message and update the file over network from cell.
Script on PC will read entry of file after the verification code was sent and use it.
Are there any API's exposed?
Verification is similar to what we have on gmail.
Thanks in advance for any inputs
Sync Messages to another Gmail acocunt where such login is not required.
Create an Console app that reads you gmail folders
poll for latest message, and voila, you have your code.
I'm just wondering is it possible to send a Message from the app without using actionView or actionSend ( meaning no asking for chooser to send via google or hotmail etc.. ) from the Intent ?
what I want to make is like a TextView and a Button
the user will enter a text in the textview and then click the Button to send the message, then the message will be automiatlly sent to the developer ( me )
I hope what I'm thinking of is possible.
I'm not sure what kind of message you are trying to send, but you can use the SMS feature of the phone to send not only a SMS, but an email, too.
SmsManager sms = SmsManager.getDefault();
sms.sendTextMessage("1"+yourPhoneNumber, userPhoneNumber, message, null, null);
You can replace phone numbers with emails and it will work without user interaction (unlike sending an email through an email client which cannot be done automatically). You can try it out by texting your own email. For your specific situation, you could set up a developer email that handles all of these messages that you are trying to send. The only issue with this is that you may not know who you are receiving messages from. For example, if you send a SMS -> email, it might show up as from something#vz.com or something. However, you can mitigate this by including addition info in the message payload itself.
Yes, it is possible. You can use the internet connection to have the message saved to some cloud storage or something. Personally, I prefer using Parse.com because they have an amazing API that saves you a lot of hassle.
Just add the message from the EditText to a ParseObject and call the saveEventually() method. As soon as the internet is back on, the message will be sent to your cloud storage.
I have seen many times the ease of sending an email in the foreground using the Android Intent Action.SEND.
However I need to implement a feedback form which emails us the details on completion. This doesnt really suit the Android Intent because the user wouldnt want to see the generated email before sending.
Does anyone have any sample code which can send an email form the background if we assume the smtp server is lol.does.thiswork and the username = lala, password = po.
Cheers
Possible duplicate of this: Sending Email in Android using JavaMail API without using the default/built-in app and plenty of example code in there.
as an editorial note, anytime an application I am using on a phone sends an email, I personally WOULD want it in the foreground. If its just feedback from a form on your application, you could also use several solutions other than email: a web form in a webview, or create a socket back to a server you host, or a use a webservice etc...