Stellar PHP SDK API Documentation

ChallengeResponse extends Response
in package

Response from the SEP-10 challenge endpoint containing the authentication challenge transaction.

This response is returned by the authentication server when a client requests a challenge transaction (GET to the auth endpoint). The response contains a base64-encoded XDR transaction envelope that the client must sign to prove control of their account.

Structure: The response contains a single field 'transaction' which is the challenge transaction as a base64-encoded XDR TransactionEnvelope. This transaction has sequence number 0, time bounds set to expire in approximately 15 minutes, and ManageData operations for authentication.

Usage: After receiving this response, clients should:

  1. Decode and validate the challenge transaction
  2. Verify the transaction has sequence number 0 (cannot be executed)
  3. Verify the server's signature on the transaction
  4. Verify time bounds, home domain, and other security requirements
  5. Sign the transaction with the client's private key(s)
  6. Submit the signed transaction back to the token endpoint

The optional 'network_passphrase' field may be included to help clients verify they're using the correct network passphrase when signing.

Tags
see
https://github.com/stellar/stellar-protocol/blob/v3.4.1/ecosystem/sep-0010.md#challenge

SEP-10 Challenge Response

see
WebAuth::jwtToken()

For the complete authentication flow

Table of Contents

Properties

$httpClient  : Client|null
$rateLimitLimit  : int|null
$rateLimitRemaining  : int|null
$rateLimitReset  : int|null

Methods

fromJson()  : ChallengeResponse
getHttpClient()  : Client|null
Gets the HTTP client used for pagination requests
getRateLimitLimit()  : int|null
Returns X-RateLimit-Limit header from the response.
getRateLimitRemaining()  : int|null
Returns X-RateLimit-Remaining header from the response.
getRateLimitReset()  : int|null
Returns X-RateLimit-Reset header from the response. Seconds until a new window starts.
getTransaction()  : string
setHeaders()  : void
Extracts and sets rate limiting information from HTTP response headers
setHttpClient()  : void
Sets the HTTP client for making follow-up requests
setTransaction()  : void
loadFromJson()  : void
Loads response data from a JSON array

Properties

$httpClient

protected Client|null $httpClient = null

$rateLimitLimit

protected int|null $rateLimitLimit = null

$rateLimitRemaining

protected int|null $rateLimitRemaining = null

$rateLimitReset

protected int|null $rateLimitReset = null

Methods

getHttpClient()

Gets the HTTP client used for pagination requests

public getHttpClient() : Client|null
Return values
Client|null

The HTTP client instance, or null if not set

getRateLimitLimit()

Returns X-RateLimit-Limit header from the response.

public getRateLimitLimit() : int|null

This number represents the he maximum number of requests that the current client can make in one hour.

Tags
see
https://developers.stellar.org

Stellar developer docs Rate limiting documentation

Return values
int|null

getRateLimitRemaining()

Returns X-RateLimit-Remaining header from the response.

public getRateLimitRemaining() : int|null

The number of remaining requests for the current window.

Tags
see
https://developers.stellar.org

Stellar developer docs Rate limiting documentation

Return values
int|null

getRateLimitReset()

Returns X-RateLimit-Reset header from the response. Seconds until a new window starts.

public getRateLimitReset() : int|null
Tags
see
https://developers.stellar.org

Stellar developer docs Rate limiting documentation

Return values
int|null

setHeaders()

Extracts and sets rate limiting information from HTTP response headers

public setHeaders(array<string|int, mixed> $headers) : void

This method processes the X-Ratelimit-* headers from the HTTP response and stores them for client access.

Parameters
$headers : array<string|int, mixed>

Associative array of HTTP headers from the response

setHttpClient()

Sets the HTTP client for making follow-up requests

public setHttpClient([Client|null $httpClient = null ]) : void

Paginated responses contain links to next/previous pages. This HTTP client is used when following those links to fetch additional pages.

Parameters
$httpClient : Client|null = null

The Guzzle HTTP client to use for pagination

setTransaction()

public setTransaction(string $transaction) : void
Parameters
$transaction : string

loadFromJson()

Loads response data from a JSON array

protected loadFromJson(array<string|int, mixed> $json) : void

This method is used internally to populate response objects from parsed JSON. Subclasses override this to extract their specific data fields.

Parameters
$json : array<string|int, mixed>

Associative array of parsed JSON data


        

        
    




    

    

                                

                

                                
    

        On this page

        
    


                

                            

            

    

        

            
Search results