|
15 | 15 | package snippets |
16 | 16 |
|
17 | 17 | import ( |
| 18 | + "encoding/base64" |
18 | 19 | "log" |
19 | 20 |
|
20 | 21 | "golang.org/x/net/context" |
21 | 22 |
|
22 | 23 | firebase "firebase.google.com/go" |
23 | 24 | "firebase.google.com/go/auth" |
| 25 | + "firebase.google.com/go/auth/hash" |
24 | 26 | "google.golang.org/api/iterator" |
25 | 27 | ) |
26 | 28 |
|
@@ -379,3 +381,196 @@ func listUsers(ctx context.Context, client *auth.Client) { |
379 | 381 | } |
380 | 382 | // [END list_all_users_golang] |
381 | 383 | } |
| 384 | + |
| 385 | +func importUsers(ctx context.Context, app *firebase.App) { |
| 386 | + // [START build_user_list] |
| 387 | + // Up to 1000 users can be imported at once. |
| 388 | + var users []*auth.UserToImport |
| 389 | + users = append(users, (&auth.UserToImport{}). |
| 390 | + UID("uid1"). |
| 391 | + |
| 392 | + PasswordHash([]byte("passwordHash1")). |
| 393 | + PasswordSalt([]byte("salt1"))) |
| 394 | + users = append(users, (&auth.UserToImport{}). |
| 395 | + UID("uid2"). |
| 396 | + |
| 397 | + PasswordHash([]byte("passwordHash2")). |
| 398 | + PasswordSalt([]byte("salt2"))) |
| 399 | + // [END build_user_list] |
| 400 | + |
| 401 | + // [START import_users] |
| 402 | + client, err := app.Auth(ctx) |
| 403 | + if err != nil { |
| 404 | + log.Fatalln("Error initializing Auth client", err) |
| 405 | + } |
| 406 | + |
| 407 | + h := hash.HMACSHA256{ |
| 408 | + Key: []byte("secretKey"), |
| 409 | + } |
| 410 | + result, err := client.ImportUsers(ctx, users, auth.WithHash(h)) |
| 411 | + if err != nil { |
| 412 | + log.Fatalln("Unrecoverable error prevented the operation from running", err) |
| 413 | + } |
| 414 | + |
| 415 | + log.Printf("Successfully imported %d users\n", result.SuccessCount) |
| 416 | + log.Printf("Failed to import %d users\n", result.FailureCount) |
| 417 | + for _, e := range result.Errors { |
| 418 | + log.Printf("Failed to import user at index: %d due to error: %s\n", e.Index, e.Reason) |
| 419 | + } |
| 420 | + // [END import_users] |
| 421 | +} |
| 422 | + |
| 423 | +func importWithHMAC(ctx context.Context, client *auth.Client) { |
| 424 | + // [START import_with_hmac] |
| 425 | + users := []*auth.UserToImport{ |
| 426 | + (&auth.UserToImport{}). |
| 427 | + UID("some-uid"). |
| 428 | + |
| 429 | + PasswordHash([]byte("password-hash")). |
| 430 | + PasswordSalt([]byte("salt")), |
| 431 | + } |
| 432 | + h := hash.HMACSHA256{ |
| 433 | + Key: []byte("secret"), |
| 434 | + } |
| 435 | + result, err := client.ImportUsers(ctx, users, auth.WithHash(h)) |
| 436 | + if err != nil { |
| 437 | + log.Fatalln("Error importing users", err) |
| 438 | + } |
| 439 | + for _, e := range result.Errors { |
| 440 | + log.Println("Failed to import user", e.Reason) |
| 441 | + } |
| 442 | + // [END import_with_hmac] |
| 443 | +} |
| 444 | + |
| 445 | +func importWithPBKDF(ctx context.Context, client *auth.Client) { |
| 446 | + // [START import_with_pbkdf] |
| 447 | + users := []*auth.UserToImport{ |
| 448 | + (&auth.UserToImport{}). |
| 449 | + UID("some-uid"). |
| 450 | + |
| 451 | + PasswordHash([]byte("password-hash")). |
| 452 | + PasswordSalt([]byte("salt")), |
| 453 | + } |
| 454 | + h := hash.PBKDF2SHA256{ |
| 455 | + Rounds: 100000, |
| 456 | + } |
| 457 | + result, err := client.ImportUsers(ctx, users, auth.WithHash(h)) |
| 458 | + if err != nil { |
| 459 | + log.Fatalln("Error importing users", err) |
| 460 | + } |
| 461 | + for _, e := range result.Errors { |
| 462 | + log.Println("Failed to import user", e.Reason) |
| 463 | + } |
| 464 | + // [END import_with_pbkdf] |
| 465 | +} |
| 466 | + |
| 467 | +func importWithStandardScrypt(ctx context.Context, client *auth.Client) { |
| 468 | + // [START import_with_standard_scrypt] |
| 469 | + users := []*auth.UserToImport{ |
| 470 | + (&auth.UserToImport{}). |
| 471 | + UID("some-uid"). |
| 472 | + |
| 473 | + PasswordHash([]byte("password-hash")). |
| 474 | + PasswordSalt([]byte("salt")), |
| 475 | + } |
| 476 | + h := hash.StandardScrypt{ |
| 477 | + MemoryCost: 1024, |
| 478 | + Parallelization: 16, |
| 479 | + BlockSize: 8, |
| 480 | + DerivedKeyLength: 64, |
| 481 | + } |
| 482 | + result, err := client.ImportUsers(ctx, users, auth.WithHash(h)) |
| 483 | + if err != nil { |
| 484 | + log.Fatalln("Error importing users", err) |
| 485 | + } |
| 486 | + for _, e := range result.Errors { |
| 487 | + log.Println("Failed to import user", e.Reason) |
| 488 | + } |
| 489 | + // [END import_with_standard_scrypt] |
| 490 | +} |
| 491 | + |
| 492 | +func importWithBcrypt(ctx context.Context, client *auth.Client) { |
| 493 | + // [START import_with_bcrypt] |
| 494 | + users := []*auth.UserToImport{ |
| 495 | + (&auth.UserToImport{}). |
| 496 | + UID("some-uid"). |
| 497 | + |
| 498 | + PasswordHash([]byte("password-hash")). |
| 499 | + PasswordSalt([]byte("salt")), |
| 500 | + } |
| 501 | + h := hash.Bcrypt{} |
| 502 | + result, err := client.ImportUsers(ctx, users, auth.WithHash(h)) |
| 503 | + if err != nil { |
| 504 | + log.Fatalln("Error importing users", err) |
| 505 | + } |
| 506 | + for _, e := range result.Errors { |
| 507 | + log.Println("Failed to import user", e.Reason) |
| 508 | + } |
| 509 | + // [END import_with_bcrypt] |
| 510 | +} |
| 511 | + |
| 512 | +func importWithScrypt(ctx context.Context, client *auth.Client) { |
| 513 | + // [START import_with_scrypt] |
| 514 | + users := []*auth.UserToImport{ |
| 515 | + (&auth.UserToImport{}). |
| 516 | + UID("some-uid"). |
| 517 | + |
| 518 | + PasswordHash([]byte("password-hash")). |
| 519 | + PasswordSalt([]byte("salt")), |
| 520 | + } |
| 521 | + b64decode := func(s string) []byte { |
| 522 | + b, err := base64.StdEncoding.DecodeString(s) |
| 523 | + if err != nil { |
| 524 | + log.Fatalln("Failed to decode string", err) |
| 525 | + } |
| 526 | + return b |
| 527 | + } |
| 528 | + |
| 529 | + // All the parameters below can be obtained from the Firebase Console's "Users" |
| 530 | + // section. Base64 encoded parameters must be decoded into raw bytes. |
| 531 | + h := hash.Scrypt{ |
| 532 | + Key: b64decode("base64-secret"), |
| 533 | + SaltSeparator: b64decode("base64-salt-separator"), |
| 534 | + Rounds: 8, |
| 535 | + MemoryCost: 14, |
| 536 | + } |
| 537 | + result, err := client.ImportUsers(ctx, users, auth.WithHash(h)) |
| 538 | + if err != nil { |
| 539 | + log.Fatalln("Error importing users", err) |
| 540 | + } |
| 541 | + for _, e := range result.Errors { |
| 542 | + log.Println("Failed to import user", e.Reason) |
| 543 | + } |
| 544 | + // [END import_with_scrypt] |
| 545 | +} |
| 546 | + |
| 547 | +func importWithoutPassword(ctx context.Context, client *auth.Client) { |
| 548 | + // [START import_without_password] |
| 549 | + users := []*auth.UserToImport{ |
| 550 | + (&auth.UserToImport{}). |
| 551 | + UID("some-uid"). |
| 552 | + DisplayName("John Doe"). |
| 553 | + |
| 554 | + PhotoURL("http://www.example.com/12345678/photo.png"). |
| 555 | + EmailVerified(true). |
| 556 | + PhoneNumber("+11234567890"). |
| 557 | + CustomClaims(map[string]interface{}{"admin": true}). // set this user as admin |
| 558 | + ProviderData([]*auth.UserProvider{ // user with Google provider |
| 559 | + { |
| 560 | + UID: "google-uid", |
| 561 | + |
| 562 | + DisplayName: "John Doe", |
| 563 | + PhotoURL: "http://www.example.com/12345678/photo.png", |
| 564 | + ProviderID: "google.com", |
| 565 | + }, |
| 566 | + }), |
| 567 | + } |
| 568 | + result, err := client.ImportUsers(ctx, users) |
| 569 | + if err != nil { |
| 570 | + log.Fatalln("Error importing users", err) |
| 571 | + } |
| 572 | + for _, e := range result.Errors { |
| 573 | + log.Println("Failed to import user", e.Reason) |
| 574 | + } |
| 575 | + // [END import_without_password] |
| 576 | +} |
0 commit comments