← 返回首页
Updating argon2 password guidance. by oeribo · Pull Request #848 · firebase/firebase-admin-java · GitHub
Skip to content

Navigation Menu

Toggle navigation
Sign in
Appearance settings
Search or jump to...

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Include my email address so I can be contacted

Saved searches

Use saved searches to filter your results more quickly

Appearance settings
Resetting focus

Updating argon2 password guidance.#848

Open
oeribo wants to merge 1 commit into
firebase:mainfrom
oeribo:updating-argon2-password-sample
Open

Updating argon2 password guidance.#848
oeribo wants to merge 1 commit into
firebase:mainfrom
oeribo:updating-argon2-password-sample

Conversation

oeribo commented Aug 2, 2023

Copy link
Copy Markdown

Hey there! So you want to contribute to a Firebase SDK?
Before you file this pull request, please read these guidelines:

Discussion

  • Read the contribution guidelines (CONTRIBUTING.md).
  • If this has been discussed in an issue, make sure to link to the issue here.
    If not, go file an issue about this before creating a pull request to discuss.

Testing

  • Make sure all existing tests in the repository pass after your change.
  • If you fixed a bug or added a feature, add a new test to cover your code.

API Changes

  • At this time we cannot accept changes that affect the public API. If you'd like to help
    us make Firebase APIs better, please propose your change in an issue so that we
    can discuss it together.

.setPasswordSalt("salt".getBytes())
.setEmailVerified(true)
.setPasswordSalt(Base64.getDecoder().decode("VERvRWRsRklaVERQckJzUg")) // Provide the password salt only
.setPasswordHash(Base64.getDecoder().decode("dYpfJgmRyTZefxRiToYFpO+4PyaHPsHIKz5VI/FE06w")) // Provide the password key only

ssbushi Oct 10, 2023
edited
Loading

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Choose a reason Spam Abuse Off Topic Outdated Duplicate Resolved Low Quality Hide comment

Hi @oeribo,

Thank you very much for contributing.

  • Could you provide a little more context on the new guidance that you are suggesting for Argon2 here? It looks like to me that you're trying to match other snippets that use the Base64 decoding libraries in the other examples from https://firebase.google.com/docs/auth/admin/import-users#java_2 (which is perfectly fine! I wanted to make sure that I got this right).

.setPasswordHash("password-hash".getBytes())
.setPasswordSalt("salt".getBytes())
.setEmailVerified(true)
.setPasswordSalt(Base64.getDecoder().decode("VERvRWRsRklaVERQckJzUg")) // Provide the password salt only

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Choose a reason Spam Abuse Off Topic Outdated Duplicate Resolved Low Quality Hide comment

Since this is just a snippet, could you please revert this string back to the the descriptive version ("password-hash" or "salt"), since it makes it clearer to the developer where this input comes from, and matches other examples.

This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants

Footer

© 2026 GitHub, Inc.