allowCredentials) === 0) { return; } foreach ($publicKeyCredentialOptions->allowCredentials as $allowedCredential) { if (hash_equals($allowedCredential->id, $publicKeyCredentialSource->publicKeyCredentialId)) { return; } } throw AuthenticatorResponseVerificationException::create('The credential ID is not allowed.'); } }