Webauthn\PublicKeyCredentialSourceRepository. It will retrieve the credential source and update them when needed.
none: no attestation is provided.
fido-u2f: for non-FIDO2 compatible devices (old U2F security tokens).
packed: generally used by authenticators with limited resources (e.g., secure elements). It uses a very compact but still extensible encoding method.
android key: commonly used by old or disconnected Android devices.
android safety net: for new Android devices like smartphones.
trusted platform module: for devices with built-in security chips.
Webauthn\AuthenticationExtensions\ExtensionOutputCheckerand throw a
Webauthn\AuthenticationExtensions\ExtensionOutputErrorin case of an error.