SMS Retriver API not working on Playstore Derived Build, But working in uploaded original build.

[ghost]

Environment

• React Native Version - 0.59.5
• Platform: Android
• react-native-sms-retriever version - 1.0.3

Description

I worked on SMS retriever API (React Native Application Version = 0.59.5) and it worked successfully for my earlier app versions on debug mode, release mode and Play store also using package react-native-sms-retriever V-1.0.3. But last time, I updated build and SMS retriver API is stopped auto fetch message functionality. I tried to generate Hash key once again and they were same as in earlier builds. I used both commands and also AppSignatreHelper to generate hash key and both are same in the release mode and working fine. But when I updated APK in google play console it is not working.

[Bruno-Furtado]

@sanjay-dev-19 can you try to use the latest version of the module?

[ghost]

Latest version of this module, I tried and the issue remains the same. It is working fine in our generated production build but when we upload to the playstore it is not autofetching the message. I think it can be hash code mismatch and tried to generate hash using signature helper class and checked with that hash code but still not working.

[CarlosMayoralMX]

As long as i know derived app is resigned with another cert. I figured out days ago when i tried to install an update of my app trough Android Studio (using the same certificate i used to sign the previus version), it can't be installed because the signature wasn't the same.

[ghost]

Yes. Before our goes App goes live, play store will resigns our app using there deployment certificate. I think there may be some problem in play store resignig our apps. I am getting this issue in our 2 production App in playstore. In our Both Apps previously auto fetch message working fine. When I recently updated our both apps in playstore, Both apps stopped autofetching message in play store builds and they are working fine in our generated APK builds.

[CarlosMayoralMX]

Why dont you try to make the hash with the certificate Play Store is using to resigning your app and put it into your sms messages instead the one you are using to upload your apps?

[ThakurBallary]

Hi All, @sanjay-dev-19 did you try the above suggestion from @CarlosMayoralMX . Please update us.

[ghost]

@CarlosMayoralMX @ThakurBallary Yes, Thanks for your suggestions. I tried using both certificates. But they are not working once I upload build to Play store.

[hariks789]

See if this helps @sanjay-dev-19 https://stackoverflow.com/a/55829661/6423570

[ghost]

@hariks789 Thanks for the reply, I tried that and generated hash at first and it is working perfectly fine at the beginning. In third app updation time it stopped working in Playstore live app. Any how, I removed the auto fetch message functionality in our app.

[tanmoythander]

Same Problem here. I am using, react-native: 0.63.3, react-native-sms-retriever: 1.1.1

I was really happy to see that it was working on production build, but after launching on play store, i found the issue.

[tanmoythander]

The reason behind the sms retrieving issue on google play version is the signing certificate. When you are building the app for uploading the app to play store, you use a certificate to sign the app is referred to as Upload key certificate. After you upload the build to play store, play store checks the upload certificate to make sure the build is really built by you. But before publishing the app, google play uses another certificate to sign it, which is referred to as, App signing key certificate. If you create the sms-hash using the Upload key certificate (resides inside your keystore), local release builds will capture the sms but the play store version won't.

So you need to create the sms-hash using the App signing key certificate instead of Upload key certificate. But don't replace the existing keystore including the Upload key certificate. In my case I solved it creating a new keystore in the android/app directory (where my existing keystores are kept). Then created the sms hash using the new keystore.

Go to the Google Play Console and download the certificate,

you should get a file deployment_cert.der.

On the terminal, go to directory, /android/app,

    keytool -importcert -alias ALIAS -file CERTIFICATE_PATH -keystore certificate.jks

CERTIFICATE_PATH is the path to deployment_cert.der ALIAS is the new alias name under the new store (remember it !!!)

When asked, set a password for new keystore (remember it !!!) and keep following. You will find the new keystore certificate.jks under the directory android/app and make sure you never use it while building. Now you can extract the sms-hash from the new keystore and alias using your preffered way. Hope this stops you bleeding...