# TextMe Mobile Token Capture Guide

Since TextMe's web auth is broken (DNS doesn't resolve), we need to capture tokens from the mobile app.

## Prerequisites

```bash
# Install mitmproxy
brew install mitmproxy

# Or with pip
pip install mitmproxy
```

## Step 1: Start the Proxy

```bash
cd ~/.clawdbot/workspace/textme-integration/scripts
mitmproxy -s capture-token.py
```

This starts an intercepting proxy on port 8080.

## Step 2: Configure Your Phone

### Find Your Computer's IP
```bash
ipconfig getifaddr en0  # or en1 for ethernet
```

### iOS
1. Settings → Wi-Fi → tap (i) on your network
2. Scroll to "Configure Proxy" → Manual
3. Server: `<your-computer-ip>`
4. Port: `8080`

### Android
1. Settings → Wi-Fi → long press your network → Modify
2. Show advanced options
3. Proxy: Manual
4. Hostname: `<your-computer-ip>`
5. Port: `8080`

## Step 3: Install mitmproxy Certificate

With proxy configured, open Safari/Chrome on your phone:

1. Go to `http://mitm.it`
2. Download the certificate for your OS
3. **iOS**: Settings → General → VPN & Device Management → Install the cert
4. **iOS**: Settings → General → About → Certificate Trust Settings → Enable full trust
5. **Android**: Settings → Security → Install from storage

## Step 4: Capture the Token

1. Open the TextMe app on your phone
2. Log in or just use the app (if already logged in)
3. Watch mitmproxy terminal for "🎉 TOKEN CAPTURED!"

The token is saved to `~/.textme/captured-token.json`

## Step 5: Use the Token

```bash
# Copy token to credentials file
cat ~/.textme/captured-token.json

# Test with CLI (after updating auth to use saved token)
textme whoami
```

## Step 6: Disable Proxy

**Important!** After capturing, remove the proxy settings from your phone or it won't have internet access.

## Troubleshooting

### App shows SSL errors
- Make sure the mitmproxy CA cert is trusted
- Some apps use certificate pinning - may need to use Frida/objection to bypass

### No traffic appears
- Check firewall allows port 8080
- Verify phone and computer are on same network
- Try `mitmweb` for a web UI

### Token expires quickly
- TextMe tokens typically last 24 hours
- The CLI will need token refresh support (already built in auth.ts)

## Alternative: Android Emulator

If you don't want to proxy a physical phone:

```bash
# Install Android Studio, create an emulator
# Root the emulator and install the APK
# Use adb to set proxy:
adb shell settings put global http_proxy <your-ip>:8080
```

## Files Created

After capture:
- `~/.textme/captured-token.json` - The JWT token
- `~/.textme/discovered-endpoints.json` - All API endpoints seen