-
Notifications
You must be signed in to change notification settings - Fork 379
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: add support for migration of firebase scrypt passwords (#1768)
## What kind of change does this PR introduce? Fix #1750. Firebase uses a [modified version of scrypt](https://github.com/firebase/scrypt) We add support for Firebase Scrypt hashes so that developers can move over from Firebase (or similar) without the obligation to force a password reset for all users. As there is no pre-defined convention for Firebase scrypt hashes, we establish the following: ``` $fbscrypt$v=1,n=<N>,r=<r>,p=<p>[,ss=<salt_separator>][,sk=<signer_key>]$<salt>$<hash> ``` ``` $fbscrypt: Firebase scrypt Identifier $v: version identifier. Intended to allow for flexibility in parameters used. $n: N is the CPU/memory cost parameter. $r: block size $p: parallelization $ss: salt seperator, optional, only if using firebase, base64-encoded string used to separate the salt from other parameters. $sk: signer key, a base64-encoded string used as an additional input to the hash function. $<salt>: base64 encoded salt $<hash>: base64 encoded output ```` Developers can extract their [hash parameters from the firebase console](https://firebaseopensource.com/projects/firebase/scrypt/) For testing and debugging, clone this [utility](https://github.com/firebase/scrypt/#finding-the-password-hash-parameters) and follow the instructions in `BUILDING`. On MacOS please add the following flags when attempting to build so as to guard against error: `AES_FUNCTION` missing ``` export CFLAGS="-I$(brew --prefix openssl)/include" export LDFLAGS="-L$(brew --prefix openssl)/lib -L/usr/local/opt/openssl/lib" ``` [More details about export from CLI](https://firebase.google.com/docs/cli/auth)
- Loading branch information
Showing
4 changed files
with
206 additions
and
3 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters