password_hash obtained from Firebase Auth backend needs to be base64URL decoded before import to avoid double encoding #652
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is implementing the same change as firebase/firebase-admin-go#480 just on this python Admin SDK.
When developers export users from Firebase Auth's backend they arrive with an encoded password hash and salt. This change decodes the password hash and salt, so that it isn't double encoded upon importing these users back to Firebase.
We don't need to change other python samples (e.g. HMAC) that provide password hash and salt as they are being migrated from other auth systems that use other hashing algorithms. It is fair to assume (we won't know) that the password hash and salt from those other backends has been decoded properly.
Tests: