Help with legacy authenticator verification "BackupEligible flag inconsistency detected during login validation"

[sarvesh-ranjan]

Hello everyone :-)

I am trying to figure out a way to support "legacy authenticator credential" which didn't have the conditional Flags saved during creation as these were not part of this library's v0.10.2. I'm specifically concerned about BackupEligible flag.

Now, when I try to validate logins using those passkeys I get error verify:BackupEligible flag inconsistency detected during login validation:... as expected.

How are you trying to support those passkeys?

I have considered trying both true and false values for BE and update the stored credential retrospectively.

Reference to the code github.com/go-webauthn/webauthn@v0.12.2/webauthn/login.go:373

	// Check if the BackupEligible flag has changed.
	if credential.Flags.BackupEligible != parsedResponse.Response.AuthenticatorData.Flags.HasBackupEligible() {
		return nil, protocol.ErrBadRequest.WithDetails("BackupEligible flag inconsistency detected during login validation")
	}