Example for implementing two factor authentication in Android using Twilio's Authy API and firebase. | TUTORIAL : https://pragmatictheories.tech/android-implementing-two-step-authentication-through-google-authenticator/
This is a sample for implementing two-factor authentication in Android using Authy API
You can use this project and the following tutorials to implement:
Tutorial: Android - Implementing two-step authentication through Google authenticator
/** get auth creds from previous activity **/Bundle extras = getIntent().getExtras();if (extras != null) {userId= extras.getString("userId");}qrCodeCallUrl="https://api.authy.com/protected/json/users/"+userId+"/secret?api_key=CCb8fPiHfTdFp332cefjTuRjgMNprVOx";/** call authy api to get qr code **/JsonObjectRequest jsObjRequest = new JsonObjectRequest(Request.Method.POST,qrCodeCallUrl,null,new Response.Listener<JSONObject>() {@Overridepublic void onResponse(JSONObject response) {try {String qrCodePath = response.getString("qr_code");/** set the imageView's src **/ImageView qrCodeImgVw = findViewById(R.id.qrCodeImgVw);Picasso.get().load(qrCodePath).into(qrCodeImgVw);} catch (JSONException e) {e.printStackTrace();}}},new Response.ErrorListener() {@Overridepublic void onErrorResponse(VolleyError error) {Log.e("ERROR! ",error.getMessage());}});(AppSingleton.getInstance(getApplicationContext()).getRequestQueue()).add(jsObjRequest);/** pass the code provided by user to the Authy API to verify it **/(findViewById(R.id.confirmSignupBtn)).setOnClickListener(new View.OnClickListener() {@Overridepublic void onClick(View v) {Statics.validateSecurityCode(((EditText)findViewById(R.id.validationCode)).getText().toString(),userId,QRCodeActivity.this,((EditText)findViewById(R.id.validationCode)),((TextView)findViewById(R.id.errorTxt)));}});
Tutorial: Android - Implementing two-step authentication through Google authenticator
/************************************************************************************************** 2FA using Authenticator app on this device ** **********************************************************************************************/(findViewById(R.id.authAppOnThisPhone)).setOnClickListener(new View.OnClickListener() {@Overridepublic void onClick(View v) {Statics.usersTable.child(FirebaseAuth.getInstance().getCurrentUser().getUid()).addListenerForSingleValueEvent(new ValueEventListener() {@Overridepublic void onDataChange(DataSnapshot dataSnapshot) {/** 1.Get user's creds! phone number included.. **/email = (dataSnapshot.getValue(User.class)).getEmailAddress();username = (dataSnapshot.getValue(User.class)).getFirstName()+" "+(dataSnapshot.getValue(User.class)).getLastName();phoneNumber = (dataSnapshot.getValue(User.class)).getPhoneNumber();countryCode = (dataSnapshot.getValue(User.class)).getPhoneCountryCode();addUserUrl = "https://api.authy.com/protected/json/users/new?user[email]="+email+"&user[cellphone]="+phoneNumber+"&user[country_code]="+countryCode+"&api_key=CCb8fPiHfTdFp332cefjTuRjgMNprVOx";/** 2.Add the user to the Authy API **/// post call for Authy api to add a user | response contains the added user's idJsonObjectRequest jsObjRequest = new JsonObjectRequest(Request.Method.POST,addUserUrl,null,new Response.Listener<JSONObject>() {@Overridepublic void onResponse(JSONObject response) {Gson gson = new Gson();try {/** get the returned id **/JsonObject addedUser = gson.fromJson(response.getString("user"),JsonObject.class);addedUserId = (addedUser.get("id")).getAsString();//Toast.makeText(getApplicationContext(), "Res: "+addedUserId, Toast.LENGTH_LONG).show();/** 3.Call the Authy API to generate appropriate passcode* then open GoogleAuthenticator on this device to use it ! **/String uri = "otpauth://totp/AdsChain:" + email + "?secret=" + "811854" + "&issuer=AdsChain";Intent intent = new Intent(Intent.ACTION_VIEW, Uri.parse(uri));getContext().startActivity(intent);/** 4.Ask user for passcode and validate it **/AlertDialog.Builder alertDialog = new AlertDialog.Builder(getContext());......alertDialog.setPositiveButton("Validate",new DialogInterface.OnClickListener() {public void onClick(DialogInterface dialog, int which) {/** call authy api to validate code provided by the user **/Statics.validateSecurityCode(input.getText().toString(),addedUserId,getContext());}});...alertDialog.show();} catch (JSONException e) {e.printStackTrace();}}},new Response.ErrorListener() {@Overridepublic void onErrorResponse(VolleyError error) {Log.e("ERROR! ",error.getMessage());}});(AppSingleton.getInstance(getContext()).getRequestQueue()).add(jsObjRequest);}});}});
Tutorial: Android - Implementing two-step authentication through SMS code
/************************************************************************************************** 2FA using text messages ** **********************************************************************************************/(findViewById(R.id.smsOptionLyt)).setOnClickListener(new View.OnClickListener() {@Overridepublic void onClick(View v) {dismiss();Statics.usersTable.child(FirebaseAuth.getInstance().getCurrentUser().getUid()).addListenerForSingleValueEvent(new ValueEventListener() {@Overridepublic void onDataChange(DataSnapshot dataSnapshot) {/** 1.Get user's creds! phone number included.. **/email = (dataSnapshot.getValue(User.class)).getEmailAddress();username = (dataSnapshot.getValue(User.class)).getFirstName() + " " + (dataSnapshot.getValue(User.class)).getLastName();phoneNumber = (dataSnapshot.getValue(User.class)).getPhoneNumber();countryCode = (dataSnapshot.getValue(User.class)).getPhoneCountryCode();addUserUrl = "https://api.authy.com/protected/json/users/new?user[email]=" + email+ "&user[cellphone]=" + phoneNumber+ "&user[country_code]=" + countryCode + "&api_key=CCb8fPiHfTdFp332cefjTuRjgMNprVOx";/** 2.Add the user to the Authy API **/// post call for Authy api to add a user | response contains the added user's idJsonObjectRequest jsObjRequest = new JsonObjectRequest(Request.Method.POST, addUserUrl, null,new Response.Listener<JSONObject>() {@Overridepublic void onResponse(JSONObject response) {Gson gson = new Gson();try {/** get the returned id **/JsonObject addedUser = gson.fromJson(response.getString("user"), JsonObject.class);addedUserId = (addedUser.get("id")).getAsString();/** 3.call the Authy API to send a code through sms **//** 4.call the Authy API to validate code provided by user [embedded in sendSecurityCodeTo method **/sendSecurityCodeTo(addedUserId);} catch (JSONException e) {e.printStackTrace();}}},new Response.ErrorListener() {@Overridepublic void onErrorResponse(VolleyError error) {Log.e("ERROR! ", "ee: " + error.getMessage());}});(AppSingleton.getInstance(getContext()).getRequestQueue()).add(jsObjRequest);}@Overridepublic void onCancelled(DatabaseError databaseError) {throw databaseError.toException();}});}});
Clone this repository and import into Android Studio
git clone https://github.com/AmalH/Android-2FA-with-Google-authenticator.git