Level 1
Happens with me too. Not only with Socialite. Hashes are only returning "algoName" as bcrypt when it starts with $2y... so, my hash starts with $2a$08 and the same problem occurs. It makes inviable to me upgrade to this version.
1 like
Sep 16, 2018
3
Level 1
Socialite Login: This password does not use the Bcrypt algorithm
I have added Socialite social authentication to my Laravel 5.7 project, updating the User model to have a nullable password since OAuth2 doesn't require a password.
Trying to login to the account made via Socialite using the same email and any password gives a This password does not use the Bcrypt algorithm. exception.
It seems that the algoName in the following method in BcryptHasher is returning unknown.
public function check($value, $hashedValue, array $options = [])
{
if ($this->info($hashedValue)['algoName'] !== 'bcrypt') {
throw new RuntimeException('This password does not use the Bcrypt algorithm.');
}
return parent::check($value, $hashedValue, $options);
}
I'm not sure how to see what is calling check() in order to debug further but it's certainly related to Socialite.
Level 1
Unfortunately the Socialite Github has Issues disabled, so I can't report this to them. No idea why they would do that.
Level 1
I think we have a bigger problem. There is nothing to do with the Socialite plugin. Laravel makes use of password_get_info from PHP. This method returns bcrypt only for hashes starting with $2y. Here:
PHP source code Method: php_password_determine_algo
const size_t len = ZSTR_LEN(hash);
if (len == 60 && h[0] == '$' && h[1] == '2' && h[2] == 'y') {
return PHP_PASSWORD_BCRYPT;
}
On laravel 5.6, the check method (class BcryptHasher) was inherited from abstract class AbstractHasher. There is no algoName checking.
So, its a 5.7 problem.
You can work around this overriding the default Hashing mechanism (Bcrypt) with your own. Just hiding this info check. But I think it is a little weird that PHP 7.2 only recognizes hashes starting $2y as bcrypt.
Please or to participate in this conversation.