Can't import user account with CLI Firebase auth:import command

Question

I need to import a list of users, with email and password, in Firebase.

I'm trying to import users in Firebase using the CLI auth:import command. (https://firebase.google.com/docs/cli/auth-import)

I've choosed the HMAC_MD5 hash-algo,

I'm using helpmeplease as secret string for encritption -> in Base64 becames aGVscG1lcGxlYXNl

I'm using mypass as a test password: crypted with HMAC_MD5 and secret "helpmeplease" it becames 3a52377f6635d298436013953a1ce4dd and in Bas64 becames M2E1MjM3N2Y2NjM1ZDI5ODQzNjAxMzk1M2ExY2U0ZGQ=

I'm using a users.json

  {    "users": [ 

    { 

      "localId": "9997", 

      "email": "[email protected]", 

      "passwordHash": "M2E1MjM3N2Y2NjM1ZDI5ODQzNjAxMzk1M2ExY2U0ZGQ=", 

      "displayName": "9997", 

    }

  ]  }

I use the command:

**firebase auth:import --hash-algo='HMAC_MD5' --hash-key='aGVscG1lcGxlYXNl' --project='my-project-name-test' users.json** 

and the result is:

Processing users.json (194 bytes)

Starting importing 1 account(s).

✔ Imported successfully.

and the user is imported in the users database.

BUT .. when I try to login using the auth().signInWithEmailAndPassword('[email protected]', 'mypass') .. I get this error:

{ [Error: The password is invalid or the user does not have a password.] code: 'auth/wrong-password',

message: 'The password is invalid or the user does not have a password.' }

I can't figure out what's wrong.. Can you help me?

Thanks

Answer 1

It seems that your password hash is not correct. Could you point out how do you generate HMAC_MD5 hash?

I use the following NodeJS code snippet to create HMAC_MD5 password hash.

var crypto = require('crypto');
crypto.createHmac('md5', 'helpmeplease').update('mypass').digest().toString('base64');

And I get "OlI3f2Y10phDYBOVOhzk3Q==" as a result. Then I use the command in your post to import user to Firebase Auth. I verified I can sign in successfully.

Answer 2

Thank you @wyhao31

I use PHP to get user, data and password I need to import in Firebase.

I used the hash_hmac() PHP function in a wrong way:

$secret = "helpmeplease";  
$password = "mypass";  
$hmac_md5 = hash_hmac('md5', $password, $secret);  //3a52377f6635d298436013953a1ce4dd
$base64 = base64_encode($hmac_md5); //M2E1MjM3N2Y2NjM1ZDI5ODQzNjAxMzk1M2ExY2U0ZGQ=

To fix the problem I need to force the hmac_md5 output raw binary data:

$secret = "helpmeplease";  
$password = "mypass";  
$base64 = base64_encode(hash_hmac('md5', $password, $secret, TRUE));  //OlI3f2Y10phDYBOVOhzk3Q==

So I get your result, that works correctly!

Thank you!