OTP Broadcaster : Automating OTP login scenarios
OTP login is a common feature in most of the applications today. While it was implemented for safer authentication and transaction security, it is a pain for the test engineers to automate these type of scenarios.
In this article I will be explaining how I solved this problem when working on a project for which we had to automate multiple OTP login scenarios.
OTP BROADCASTER:
OTP broadcaster, as I call it, is a simple application with mainly 2 component,
- An android app which reads the OTP from the device on which it is installed.
- A node application which acts as a webhook to receive these OTP and store it in a mongo db server.
For this demo, I had deployed my node application on heroku and for mongo DB, I have used Mongo DB atlas.
You can find the link to the github repository below:
- OTP Broadcaster Android app : https://github.com/ShinuMathew/otp-broadcaster
- OTP Broadcaster webhook : https://github.com/ShinuMathew/otp-broadcaster-webhook
EXPLAINATION:
- The OTPBroadcaster android app needs to be installed on the android device which is registered for receiving the OTP.
- The app’s OTPReceiver module fetches the OTP from the incoming message.
- Once the OTP is fetched, BroadcastHelper publishes the the OTP to the server using the webhook api.
- The consumer application fetches the latest OTP’s received by the webhook within 100 seconds and filters the expected OTP using the producers ID or number.
Conclusion:
Although there are alternative solutions to solve this scenario, one of it being Twilio’s SMS service, the above mentioned is a free implementation and mimics a real user kind behaviour.