1

I am using SMS Retriever API, I followed this tutorial https://androidwave.com/automatic-sms-verification-android. I followed all the steps correctly. I am receiving the SMS, but my broadcast receiver is unable to detect the SMS. why?

OTP Message :

<#> Your otp code is : 8765

I forgot one step to add finally got solution

I forgot to add Applcation Hash Key in messages

Constructing a verification message :

When your server receives a request to verify a phone number, first construct the verification message that you will send to the user’s device. This message must:

1.Be no longer than 140 bytes
2.Begin with the prefix <#>
3.Contain a one-time code that the client sends back to your server to complete the verification flow 
4.End with an 11-character hash string that identifies your app

Changed OTP Message:

<#> Your otp code is : 8765 FA+9qCX9VSu

How to get APK’s hashcode for SMS construction:

Create a class named is AppSignatureHelper and paste the below code. This is the simplest way to get Hashcode.

import android.content.Context;
import android.content.ContextWrapper;
import android.content.pm.PackageManager;
import android.content.pm.Signature;
import android.util.Base64;
import android.util.Log;
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.Arrays;

public class AppSignatureHelper extends ContextWrapper {

  private static final String TAG = "AppSignatureHelper";
  private static final String HASH_TYPE = "SHA-256";
  public static final int NUM_HASHED_BYTES = 9;
  public static final int NUM_BASE64_CHAR = 11;

  public AppSignatureHelper(Context context) {
    super(context);
  }

  /**
   * Get all the app signatures for the current package
   */
  public ArrayList<String> getAppSignatures() {
    ArrayList<String> appCodes = new ArrayList<>();

    try {
      // Get all package signatures for the current package
      String packageName = getPackageName();
      PackageManager packageManager = getPackageManager();
      Signature[] signatures = packageManager.getPackageInfo(packageName,
          PackageManager.GET_SIGNATURES).signatures;

      // For each signature create a compatible hash
      for (Signature signature : signatures) {
        String hash = hash(packageName, signature.toCharsString());
        if (hash != null) {
          appCodes.add(String.format("%s", hash));
        }
      }
    } catch (PackageManager.NameNotFoundException e) {
      Log.e(TAG, "Unable to find package to obtain hash.", e);
    }
    return appCodes;
  }

  private static String hash(String packageName, String signature) {
    String appInfo = packageName + " " + signature;
    try {
      MessageDigest messageDigest = MessageDigest.getInstance(HASH_TYPE);
      messageDigest.update(appInfo.getBytes(StandardCharsets.UTF_8));
      byte[] hashSignature = messageDigest.digest();

      // truncated into NUM_HASHED_BYTES
      hashSignature = Arrays.copyOfRange(hashSignature, 0, NUM_HASHED_BYTES);
      // encode into Base64
      String base64Hash = Base64.encodeToString(hashSignature, Base64.NO_PADDING | Base64.NO_WRAP);
      base64Hash = base64Hash.substring(0, NUM_BASE64_CHAR);

      Log.d(TAG, String.format("pkg: %s -- hash: %s", packageName, base64Hash));
      return base64Hash;
    } catch (NoSuchAlgorithmException e) {
      Log.e(TAG, "hash:NoSuchAlgorithm", e);
    }
    return null;
  }
}

Hopefully it should work.

Steve Vinoski
  • 18,969
  • 3
  • 26
  • 38
aarti25
  • 11
  • 3
  • 1
    Does this answer your question? [OTP (token) should be automatically read from the message](https://stackoverflow.com/questions/30862162/otp-token-should-be-automatically-read-from-the-message) – Pratik PSB Dec 17 '20 at 12:09
  • Thanks for your help @PratikBharad I already got solution here. – aarti25 Dec 18 '20 at 04:59

0 Answers0