userVerification : $publicKeyCredentialOptions->authenticatorSelection?->userVerification; if ($userVerification !== AuthenticatorSelectionCriteria::USER_VERIFICATION_REQUIREMENT_REQUIRED) { return; } $authData = $authenticatorResponse instanceof AuthenticatorAssertionResponse ? $authenticatorResponse->authenticatorData : $authenticatorResponse->attestationObject->authData; $authData->isUserVerified() || throw AuthenticatorResponseVerificationException::create( 'User authentication required.' ); } }