The SMS message format should follow the origin-bound one-time code specification:
- Can optionally begin with human-readable explanatory text. This consists of all but the last line of the message.
- The last line of the message contains both a host and a code, each prefixed with a sigil: U+0040 (@) before the host, and U+0023 (#) before the code.
Here is an example:
747723 is your ExampleCo authentication code. @example.com #747723
Note: This interface works only for the default browser app set by the current
user. Any other calls will fail with
Public Method Summary
SmsCodeRetriever, which looks for an origin-bound one-time code from SMS
messages recently received (up to 1 minute prior). If there is no matching message
found from the SMS inbox, it waits for new incoming SMS messages until it finds a
matching message or reaches the timeout (about 5 minutes). Calling this method multiple
times only returns one result, but it can extend the timeout period to the last call.
Once the result is returned or it reaches the timeout,
will stop automatically.
The SMS verification code will be sent via a Broadcast Intent with
SMS_CODE_RETRIEVED_ACTION. This Intent contains Extras with keys:
EXTRA_SMS_CODE_LINEfor the retrieved line that contains the origin-bound one-time code and the metadata, or
nullin failed cases.
If the caller has not been granted or denied permission by the user, it will fail
The caller can use
startResolutionForResult(Activity, int) to show a consent dialog for
requesting permission from the user. The dialog result is returned via
onActivityResult(int, int, Intent). If the user grants the permission, the
activity result returns with
RESULT_OK. Then you can start the retriever
again to retrieve the verification code.
registerReceiver(BroadcastReceiver, IntentFilter, String, Handler) while
registering the receiver to detect that the broadcast intent is from the SMS