要求一次性同意以讀取簡訊驗證碼

本頁面說明如何使用 SMS User Consent API 要求使用者同意 讀取單一 SMS 驗證訊息。如果使用者同意,API 會傳回 簡訊文字,供您取得驗證碼並 完成驗證程序

安裝依附元件

在應用程式的 build.gradle 檔案中加入 Play 服務驗證元件:

implementation 'com.google.android.gms:play-services-auth:17.0.0'
implementation
'com.google.android.gms:play-services-auth-api-phone:17.4.0'

1. 取得使用者的電話號碼

如果還沒有使用者的電話號碼,請先要求號碼,再開始傳送簡訊 驗證流程

取得使用者電話號碼時, 應用程式。建議使用 密碼專用 Smart Lock 提示選取器 協助使用者填寫電話號碼。 建立使用者帳戶。如何使用提示選取器:

KotlinJava
private val CREDENTIAL_PICKER_REQUEST = 1  // Set to an unused request code

// Construct a request for phone numbers and show the picker
private fun requestHint() {
   
val hintRequest = HintRequest.Builder()
       
.setPhoneNumberIdentifierSupported(true)
       
.build()
   
val credentialsClient = Credentials.getClient(this)
   
val intent = credentialsClient.getHintPickerIntent(hintRequest)
    startIntentSenderForResult
(
        intent
.intentSender,
        CREDENTIAL
_PICKER_REQUEST,
       
null, 0, 0, 0
   
)
}

public override fun onActivityResult(requestCode: Int, resultCode: Int, data: Intent?) {
   
super.onActivityResult(requestCode, resultCode, data)
   
when (requestCode) {
        CREDENTIAL
_PICKER_REQUEST ->
           
// Obtain the phone number from the result
           
if (resultCode == Activity.RESULT_OK && data != null) {
               
val credential = data.getParcelableExtra<Credential>(Credential.EXTRA_KEY)
               
// credential.getId();  <-- will need to process phone number string
           
}
       
// ...
   
}
}
private static final int CREDENTIAL_PICKER_REQUEST = 1;  // Set to an unused request code

// Construct a request for phone numbers and show the picker
private void requestHint() throws IntentSender.SendIntentException {
   
HintRequest hintRequest = new HintRequest.Builder()
           
.setPhoneNumberIdentifierSupported(true)
           
.build();
   
PendingIntent intent = Credentials.getClient(this).getHintPickerIntent(hintRequest);
    startIntentSenderForResult
(intent.getIntentSender(),
            RESOLVE_HINT
, null, 0, 0, 0);
}

@Override
public void onActivityResult(int requestCode, int resultCode, Intent data) {
   
super.onActivityResult(requestCode, resultCode, data);
   
switch (requestCode) {
       
case CREDENTIAL_PICKER_REQUEST:
           
// Obtain the phone number from the result
           
if (resultCode == RESULT_OK) {
               
Credential credential = data.getParcelableExtra(Credential.EXTRA_KEY);
               
// credential.getId();  <-- will need to process phone number string
           
}
           
break;
       
// ...
   
}
}

2. 開始監聽收到的訊息

接著,呼叫 SMS User Consent API 的 startSmsUserConsent() 方法以開始 監聽收到的訊息如果您知道用於傳送簡訊的電話號碼 並指定訊息來源 (否則請傳遞 null)。如此一來 只有來自這組號碼的訊息會觸發 User Consent API。

如要開始聆聽內容:

KotlinJava
// Start listening for SMS User Consent broadcasts from senderPhoneNumber
// The Task<Void> will be successful if SmsRetriever was able to start
// SMS User Consent, and will error if there was an error starting.
val task = SmsRetriever.getClient(context).startSmsUserConsent(senderPhoneNumber /* or null */)
// Start listening for SMS User Consent broadcasts from senderPhoneNumber
// The Task<Void> will be successful if SmsRetriever was able to start
// SMS User Consent, and will error if there was an error starting.
Task<Void> task = SmsRetriever.getClient(context).startSmsUserConsent(senderPhoneNumber /* or null */);

聽取傳入的簡訊後,即可完成驗證 系統會將驗證碼傳送到使用者的電話號碼 第一個步驟

接下來五分鐘,當裝置收到簡訊含有 一次性程式碼,Play 服務就會向您的應用程式廣播 使用者有權讀取訊息。訊息觸發廣播 前提是符合以下條件:

  • 訊息包含長度介於 4 至 10 個英數字元的字串,當中至少一個字串 號碼。
  • 如果您指定傳送者的電話號碼,則訊息會由該號碼傳送 號碼。

使用具有 SEND_PERMISSION 的廣播接收器處理這些廣播訊息 權限,以及回應 SMS_RETRIEVED_ACTION 意圖。如要建立和 註冊廣播接收器:

KotlinJava
private val SMS_CONSENT_REQUEST = 2  // Set to an unused request code
private val smsVerificationReceiver = object : BroadcastReceiver() {
   
override fun onReceive(context: Context, intent: Intent) {
       
if (SmsRetriever.SMS_RETRIEVED_ACTION == intent.action) {
           
val extras = intent.extras
           
val smsRetrieverStatus = extras?.get(SmsRetriever.EXTRA_STATUS) as Status

           
when (smsRetrieverStatus.statusCode) {
               
CommonStatusCodes.SUCCESS -> {
                   
// Get consent intent
                   
val consentIntent = extras.getParcelable<Intent>(SmsRetriever.EXTRA_CONSENT_INTENT)
                   
try {
                       
// Start activity to show consent dialog to user, activity must be started in
                       
// 5 minutes, otherwise you'll receive another TIMEOUT intent
                        startActivityForResult
(consentIntent, SMS_CONSENT_REQUEST)
                   
} catch (e: ActivityNotFoundException) {
                       
// Handle the exception ...
                   
}
               
}
               
CommonStatusCodes.TIMEOUT -> {
                   
// Time out occurred, handle the error.
               
}
           
}
       
}
   
}
}

override fun onCreate(savedInstanceState: Bundle?) {
   
// ...

   
val intentFilter = IntentFilter(SmsRetriever.SMS_RETRIEVED_ACTION)
    registerReceiver
(smsVerificationReceiver, SmsRetriever.SEND_PERMISSION, intentFilter)
}
private static final int SMS_CONSENT_REQUEST = 2;  // Set to an unused request code
private final BroadcastReceiver smsVerificationReceiver = new BroadcastReceiver() {
   
@Override
   
public void onReceive(Context context, Intent intent) {
       
if (SmsRetriever.SMS_RETRIEVED_ACTION.equals(intent.getAction())) {
           
Bundle extras = intent.getExtras();
           
Status smsRetrieverStatus = (Status) extras.get(SmsRetriever.EXTRA_STATUS);

           
switch (smsRetrieverStatus.getStatusCode()) {
               
case CommonStatusCodes.SUCCESS:
                   
// Get consent intent
                   
Intent consentIntent = extras.getParcelable(SmsRetriever.EXTRA_CONSENT_INTENT);
                   
try {
                       
// Start activity to show consent dialog to user, activity must be started in
                       
// 5 minutes, otherwise you'll receive another TIMEOUT intent
                        startActivityForResult
(consentIntent, SMS_CONSENT_REQUEST);
                   
} catch (ActivityNotFoundException e) {
                       
// Handle the exception ...
                   
}
                   
break;
               
case CommonStatusCodes.TIMEOUT:
                   
// Time out occurred, handle the error.
                   
break;
           
}
       
}
   
}
};

@Override
protected void onCreate(Bundle savedInstanceState) {
   
super.onCreate(savedInstanceState);
    setContentView
(R.layout.activity_main);

   
// ...

   
IntentFilter intentFilter = new IntentFilter(SmsRetriever.SMS_RETRIEVED_ACTION);
    registerReceiver
(smsVerificationReceiver, SmsRetriever.SEND_PERMISSION, intentFilter);
}

開始執行「EXTRA_CONSENT_INTENT」的活動,即表示您提示使用者 讀取訊息內容的單次授權。

3. 透過訊息取得驗證碼

onActivityResult() 方法中,處理使用者針對要求的回應 。如果您取得的結果代碼為 RESULT_OK,系統會將使用者授予 讀取訊息內容的權限,方便你接收訊息文字 從意圖中提取出來

KotlinJava
public override fun onActivityResult(requestCode: Int, resultCode: Int, data: Intent?) {
   
super.onActivityResult(requestCode, resultCode, data)
   
when (requestCode) {
       
// ...
        SMS
_CONSENT_REQUEST ->
           
// Obtain the phone number from the result
           
if (resultCode == Activity.RESULT_OK && data != null) {
               
// Get SMS message content
               
val message = data.getStringExtra(SmsRetriever.EXTRA_SMS_MESSAGE)
               
// Extract one-time code from the message and complete verification
               
// `message` contains the entire text of the SMS message, so you will need
               
// to parse the string.
               
val oneTimeCode = parseOneTimeCode(message) // define this function

               
// send one time code to the server
           
} else {
               
// Consent denied. User can type OTC manually.
           
}
   
}
}
@Override
public void onActivityResult(int requestCode, int resultCode, Intent data) {
   
super.onActivityResult(requestCode, resultCode, data);
   
switch (requestCode) {
       
// ...
       
case SMS_CONSENT_REQUEST:
           
if (resultCode == RESULT_OK) {
               
// Get SMS message content
               
String message = data.getStringExtra(SmsRetriever.EXTRA_SMS_MESSAGE);
               
// Extract one-time code from the message and complete verification
               
// `sms` contains the entire text of the SMS message, so you will need
               
// to parse the string.
               
String oneTimeCode = parseOneTimeCode(message); // define this function

               
// send one time code to the server
           
} else {
               
// Consent canceled, handle the error ...
           
}
           
break;
   
}
}

收到簡訊後,您可以剖析出驗證碼,並 自動填入表單或完成驗證程序。