Hey,
I was following the Keycloak guide on creating the secret question extension and was wondering about the appropriate way to go about hashing credentials?
Would it be correct/necessary to create a Secret Question hash provider similar to PasswordCredentialProvider
then create all the required implementations argon2 etc.
Or i was considering storing my secret questions as passwords (So i could use the existing hashing implementations) then keeping the secret question within the additional parameters section of the PasswordCredentialData
and manually changing the type on the model to be secret-question during the create stage. e.g credentialModel.setType(‘secret-question’) then PasswordCredentialModel.createFromCredentialModel(credentialModel)
Any advice would be appreciated
Thanks.