ContractChallengeResponse
extends Response
in package
Response from the SEP-45 challenge endpoint containing contract authentication authorization entries.
This response is returned by the authentication server when a client requests a challenge for contract account authentication (GET to the WEB_AUTH_FOR_CONTRACTS_ENDPOINT). The response contains base64-encoded XDR authorization entries that the client must sign to prove control of their contract account.
Structure: The response contains an 'authorization_entries' field which is a base64-encoded XDR array of SorobanAuthorizationEntry objects. Each entry contains:
- credentials: Address-based credentials with signature placeholder
- rootInvocation: The web_auth_verify function call with no sub-invocations
The entries include:
- A server entry (already signed by the server's signing key)
- A client entry (to be signed by the client)
- Optionally, a client domain entry (to be signed by the client domain key)
Usage: After receiving this response, clients should:
- Decode and validate the authorization entries
- Verify no sub-invocations exist in any entry
- Verify the contract address matches WEB_AUTH_CONTRACT_ID
- Verify the function name is "web_auth_verify"
- Verify all function arguments (account, home_domain, web_auth_domain, etc.)
- Verify the server entry has a valid signature
- Verify nonce consistency across all entries
- Sign the client entry with the client's key(s)
- Submit the signed entries back to the token endpoint
The optional 'network_passphrase' field may be included to help clients verify they're using the correct network passphrase when signing.
Tags
Table of Contents
Properties
- $httpClient : Client|null
- $rateLimitLimit : int|null
- $rateLimitRemaining : int|null
- $rateLimitReset : int|null
Methods
- fromJson() : ContractChallengeResponse
- Creates a ContractChallengeResponse from JSON data.
- getAuthorizationEntries() : string
- Returns the base64-encoded XDR array of SorobanAuthorizationEntry objects.
- getHttpClient() : Client|null
- Gets the HTTP client used for pagination requests
- getNetworkPassphrase() : string|null
- Returns the network passphrase if provided by the server.
- getRateLimitLimit() : int|null
- Returns X-RateLimit-Limit header from the response.
- getRateLimitRemaining() : int|null
- Returns X-RateLimit-Remaining header from the response.
- getRateLimitReset() : int|null
- Returns X-RateLimit-Reset header from the response. Seconds until a new window starts.
- setAuthorizationEntries() : void
- Sets the authorization entries.
- setHeaders() : void
- Extracts and sets rate limiting information from HTTP response headers
- setHttpClient() : void
- Sets the HTTP client for making follow-up requests
- setNetworkPassphrase() : void
- Sets the network passphrase.
- loadFromJson() : void
- Loads this response from JSON data.
Properties
$httpClient
protected
Client|null
$httpClient
= null
$rateLimitLimit
protected
int|null
$rateLimitLimit
= null
$rateLimitRemaining
protected
int|null
$rateLimitRemaining
= null
$rateLimitReset
protected
int|null
$rateLimitReset
= null
Methods
fromJson()
Creates a ContractChallengeResponse from JSON data.
public
static fromJson(array<string|int, mixed> $json) : ContractChallengeResponse
Parameters
- $json : array<string|int, mixed>
-
JSON data array from the server response
Return values
ContractChallengeResponse —the created response object
getAuthorizationEntries()
Returns the base64-encoded XDR array of SorobanAuthorizationEntry objects.
public
getAuthorizationEntries() : string
Return values
string —base64-encoded XDR authorization entries
getHttpClient()
Gets the HTTP client used for pagination requests
public
getHttpClient() : Client|null
Return values
Client|null —The HTTP client instance, or null if not set
getNetworkPassphrase()
Returns the network passphrase if provided by the server.
public
getNetworkPassphrase() : string|null
Return values
string|null —the network passphrase, or null if not provided
getRateLimitLimit()
Returns X-RateLimit-Limit header from the response.
public
getRateLimitLimit() : int|null
This number represents the he maximum number of requests that the current client can make in one hour.
Tags
Return values
int|nullgetRateLimitRemaining()
Returns X-RateLimit-Remaining header from the response.
public
getRateLimitRemaining() : int|null
The number of remaining requests for the current window.
Tags
Return values
int|nullgetRateLimitReset()
Returns X-RateLimit-Reset header from the response. Seconds until a new window starts.
public
getRateLimitReset() : int|null
Tags
Return values
int|nullsetAuthorizationEntries()
Sets the authorization entries.
public
setAuthorizationEntries(string $authorizationEntries) : void
Parameters
- $authorizationEntries : string
-
base64-encoded XDR authorization entries
setHeaders()
Extracts and sets rate limiting information from HTTP response headers
public
setHeaders(array<string|int, mixed> $headers) : void
This method processes the X-Ratelimit-* headers from the HTTP response and stores them for client access.
Parameters
- $headers : array<string|int, mixed>
-
Associative array of HTTP headers from the response
setHttpClient()
Sets the HTTP client for making follow-up requests
public
setHttpClient([Client|null $httpClient = null ]) : void
Paginated responses contain links to next/previous pages. This HTTP client is used when following those links to fetch additional pages.
Parameters
- $httpClient : Client|null = null
-
The Guzzle HTTP client to use for pagination
setNetworkPassphrase()
Sets the network passphrase.
public
setNetworkPassphrase(string|null $networkPassphrase) : void
Parameters
- $networkPassphrase : string|null
-
the network passphrase
loadFromJson()
Loads this response from JSON data.
protected
loadFromJson(array<string|int, mixed> $json) : void
Parameters
- $json : array<string|int, mixed>
-
JSON data array from the server response