userHandle; $responseUserHandle = $authenticatorResponse->userHandle; if ($userHandle !== null) { //If the user was identified before the authentication ceremony was initiated, $credentialUserHandle === $userHandle || throw InvalidUserHandleException::create(); if ($responseUserHandle !== null && $responseUserHandle !== '') { $credentialUserHandle === $responseUserHandle || throw InvalidUserHandleException::create(); } } else { ($responseUserHandle !== '' && $credentialUserHandle === $responseUserHandle) || throw InvalidUserHandleException::create(); } } }