Imported user hash base64 encoding

[ghinda]

Environment

• Operating System version: Linux 4.19.20 Arch
• Firebase SDK version: 6.3.1
• Library version: 7.0.0
• Firebase Product: auth

Problem

I'm trying to import a user with a hmac_sha512 password, but after a successful import the hash and salt look a bit different for the Firebase user.

I'm guessing it has something to do with base64 encoding, maybe related to url safety? Or am I doing something wrong?

I'm importing the user with:

admin.auth().importUsers([{
  uid: '1',
  email: '[email protected]',
  passwordHash: Buffer.from('ik.oq2fGYGn.ialc9fJL4kGXDha29CQluvW44W1iTSXuMu.nRwKq3V2.JJC80LyAlGBLxUESnkw/Ma0qYyQTY.', 'base64'),
  passwordSalt: Buffer.from('FZcoH1oE/Gli.S7w', 'base64'),
}], {
  hash: {
    algorithm: 'HMAC_SHA512',
    key: Buffer.from('secret')
  }
})

The imported user ends up having:

passwordHash: 'ikoq2fGYGnialc9fJL4kGXDha29CQluvW44W1iTSXuMunRwKq3V2JJC80LyAlGBLxUESnkw_Ma0qYyQT',
passwordSalt: 'FZcoH1oE_GliS7w='

So the new hash and salt look slightly different.

Trying to log-in with the new user throws a wrong password error.

The initial hash was created with passlib through Flask-Security.

[bojeil-google]

I think base64 encoding should not result with dots. You should probably check how the initial hash was created.

[hiranya911]

This looks like a usage question. Please follow up on Stackoverflow.