diff --git a/src/webauthn/src/AuthenticatorAssertionResponseValidator.php b/src/webauthn/src/AuthenticatorAssertionResponseValidator.php
index 477fae1d5..43b604081 100644
--- a/src/webauthn/src/AuthenticatorAssertionResponseValidator.php
+++ b/src/webauthn/src/AuthenticatorAssertionResponseValidator.php
@@ -139,9 +139,17 @@ public function check(
                     ->getHost(),
                 'userHandle' => $userHandle,
             ]);
-            $publicKeyCredentialSource = is_string(
-                $credentialId
-            ) ? $this->publicKeyCredentialSourceRepository?->findOneByCredentialId($credentialId) : $credentialId;
+            $publicKeyCredentialSource = null;
+            if ($credentialId instanceof PublicKeyCredentialSource) {
+                $publicKeyCredentialSource = $credentialId;
+            } else {
+                $this->publicKeyCredentialSourceRepository instanceof PublicKeyCredentialSourceRepository || throw AuthenticatorResponseVerificationException::create(
+                    'The parameter "$publicKeyCredentialSourceRepository" is required.'
+                );
+                $publicKeyCredentialSource = $this->publicKeyCredentialSourceRepository->findOneByCredentialId(
+                    $credentialId
+                );
+            }
             $publicKeyCredentialSource !== null || throw AuthenticatorResponseVerificationException::create(
                 'The credential ID is invalid.'
             );