Firebase auth:import doesn't import password SHA256

0
votes

i'm trying to migrate users to firebase using the cli command auth:import.

My passwordHash is a SHA256 without salt from PHP hash function hash('sha256', $password);

When i use auth:import my user is added to my firebase users but without the password.

firebase auth:import user.json --hash-algo=SHA256 --rounds=64

For the passwordHash string i've tried with/without base64 and with diffrents --rounds (0/1/64/80 ...)

There's my user.json

passwordHash is mypass
SHA256 ea71c25a7a602246b4c39824b855678894a96f43bb9b71319c39700a1e045222
Base64 ZWE3MWMyNWE3YTYwMjI0NmI0YzM5ODI0Yjg1NTY3ODg5NGE5NmY0M2JiOWI3MTMxOWMzOTcwMGExZTA0NTIyMg== 

{
  "users": [
    {
      "localId": 1,
      "email" : "[email protected]",
      "emailVerified": true,
      "passwordHash" : "ZWE3MWMyNWE3YTYwMjI0NmI0YzM5ODI0Yjg1NTY3ODg5NGE5NmY0M2JiOWI3MTMxOWMzOTcwMGExZTA0NTIyMg==",
      "displayName" : "test",
      "createdAt" : 1501452000000,
    }
  ]
}

I've tried with a MD5 and it was working so i wondering what i've missing here.

Thank's, Julien.

1
firebasefirebase-authenticationfirebase-tools
Maybe this can help github.com/firebase/firebase-tools/issues/337DoesData
@DoesData Thank's for the comment. I've already read this one, i did not get same error message but i've tried differents rounds and base64 string because of this thread.Julien
@Julien, I think github.com/firebase/firebase-tools/issues/337 can help. ea71c25a7a602246b4c39824b855678894a96f43bb9b71319c39700a1e045222 is actually base16 encoded. The base64 string should be 6nHCWnpgIka0w5gkuFVniJSpb0O7m3ExnDlwCh4EUiI=. I verified it worked.wyhao31
@wyhao31 Thank's, the problem was my sha256 was base16 encoded. There is a way to know that ? Anyway thank's and if you post your comment as a answer i'll mark it as the answer.Julien

1 Answers

0
votes

ea71c25a7a602246b4c39824b855678894a96f43bb9b71319c39700a1e04‌​5222 is actually hex, or base16 encoded. So the base64 string should be 6nHCWnpgIka0w5gkuFVniJSpb0O7m3ExnDlwCh4EUiI=.

How can I know the hashed string is base16 encoded? I think the lib you use should indicate that. For instance, if I use NodeJS, the following code can be used to generate the string you got (ea71c25a7a6...):

const crypto = require('crypto');
let hash = crypto.createHash('sha256');
hash.update('mypass').digest('hex');

I call .digest('hex') to convert bytes to hex, so I know the string is hex. If you specify base64 instead of hex inside digest function, you can get correct base64 encoded string.