TaCode Tuesdays: How to Set-Up Two-Factor Authentication on Android (Part 2)

Posted by Alex Misevski on September 13, 2016

tacode-tues-blog-wk12

Welcome back to TaCode Tuesdays! This is the only place you can find snippets of code for use in your very own text/voice apps, along with a weekly dose of taco puns. I’m a developer here at Zang and not only am I a big fan of tacos (if that wasn’t already apparent), I’m also a fan of open source. My goal is to share a new app idea each week that you're free to use “as is” or modify and use as the basis for your next app.

Last week, I posted the first part of "How to Set-Up Two-Factor Authentication on Android"you can check that out here, and as always, if you’d like to learn how to get started on Zang, take a look at our very first post.

This week I’m continuing with the two-factor authentication app (for Android) that I started last week. I covered some background and steps 1 to 4 in that post, so make sure to review it before reading this post. This week I'm going to list the remaining steps and it's also important to note that this app only works when it's tailored to fit your specific instance (or app).

Step 5:  Use Zang’s Send SMS API to map the variables for your To, From, Body field names

The following is a code snippet for making a post request via HashMap function

@Override
   protected Map<String, String> getParams() throws AuthFailureError
   {
       Map<String,String> params=new HashMap<String,String>();
       params.put("To","############);
       params.put("From","############");  
       params.put("Body",OtpMessageString);
       params.put("StatusCallbackMethod",POST);
                            return params;
   }
   

Step 6: Send the OTP using the Send SMS API.

The following is an example of connecting your post request where URL is the API Call to Send Message method of Zang. Take note that the variable “params” should be in JSON format.

Send SMS API

               https://api.zang.io/v2/Accounts/:AccountSid/SMS/Messages.json

Sample Code

               StringRequest postRequest=new StringRequest
               (
                    Request.Method.POST,url,new Response.Listener<String>()
                    {
                          @Override
                          public void onResponse(String response)
                          {   Log.d("accessToken:",response); }
                    },  new Response.ErrorListener()
                           {
                                @Override
                                public void onErrorResponse(VolleyError volleyError)
                                {   Log.d("error:",volleyError.toString()); }
                           }
               )
               {
                     @Override
                     protected Map<String, String> getParams() throws AuthFailureError
                     {
       
       
                         Map<String,String> params=new HashMap<String,String>();
                         params.put("To","639173893535");
                         params.put("From","639178297611");  
                         params.put("Body","Your six digit One Time PIN is 961662. Please enter  
                         this to proceed with your secure transaction");
                         params.put("StatusCallbackMethod",POST);
   
                         return params;
                    }
   
   
                    @Override
                    public Map<String, String> getHeaders() throws AuthFailureError
                    {
                        Map<String,String> headers=new HashMap<String,String>();
                         headers.put("Accept","application/json");
                         headers.put("Content-Type","application/x-www-form-urlencoded");
                         return headers;
                    }
               };
 

Step 7: Verify the OTP

The response from the server will be in JSON format. To verify, you need to cross reference the OTP code you sent against the OTP code given by the user on your input box, hence properly authenticating the credentials.

Zang will also send you a confirmation that the call is successful. The format will look something like this (keep in mind, this is an example):

{
   "api_version": "v2",
   "sid": "{SmsSid}",
   "account_sid": "{AccountSid}",
   "date_created": "Sat, 06 Aug 2016 14:08:23 +0000",   "date_updated": " Sat, 06 Aug 2016 14:08:24 +0000",
   "date_sent": " Sat, 06 Aug 2016 14:08:24 +0000",
   "to": #############",
   "from": ############",
   "body": “Your six digit One Time PIN is 961662. Please enter this to proceed with your secure transaction",
   "status": "sent",
   "direction": "outbound-api",
   "price": "0.070000",
   "uri": "/v2/Accounts/Account SID/SMS/Messages/{SmsSid}.json"
}
 

Summing It Up

Setting up two-factor authentication for Android using Zang’s Send SMS API requires seven easy steps: (1) Establish a successful connection with Zang; (2) Use the Android Volley Library to establish REST API call with Zang; (3) Generate OTP code using a basic random number generator using the sample code provided; (4) Concatenate (link) your OTP Code with the body of your message; (5) Use Zang’s Send SMS API to map the variables for your To, From, Body field names; (6) Send the OTP using the Send SMS API; and (7) Verify the OTP through your input box and verify that your Send SMS API call is successful.

Well, that’s it for this week! If you have any thoughts about the app, need some help, or just want to share your own taco-related thoughts, you can comment below. If you want a reminder, sign up to get notifications of new blog posts. I'll be back in TWO weeks, as I need time to prepare a three-part app tutorial, so make sure to check back then.

Topics: Communication Apps, Ideas, TaCode Tuesday, cPaaS

IMAGINE IT. BUILD IT.

Communicate better. 

Cloud communication technology that transforms your conversations — and your business.

 

Subscribe to Email Updates