SubmitContractChallengeResponse
in package
Response from the SEP-45 token endpoint after submitting signed authorization entries.
This response is returned by the authentication server when a client submits signed authorization entries (POST to the WEB_AUTH_FOR_CONTRACTS_ENDPOINT). The response either contains a JWT token for successful authentication or an error message.
Response Fields:
- token: JWT token for authenticated session (present on success)
- error: Error message describing why authentication failed (present on failure)
JWT Token Structure: The JWT token contains the following claims:
- iss: Issuer (authentication server URI)
- sub: Subject (client contract account C... address)
- iat: Issued at timestamp
- exp: Expiration timestamp
- client_domain: Optional client domain if verification was performed
Usage: After submitting signed authorization entries, check if the response contains a token or an error. If successful, the token can be used to authenticate subsequent requests to protected services (SEP-12, SEP-24, SEP-31, etc.).
Error Handling: If an error is present, it indicates the server rejected the signed authorization entries. Common reasons include invalid signatures, expired signatures, nonce reuse, or unauthorized contract accounts.
Security: Store JWT tokens securely and never expose them in logs or URLs. Tokens grant access to authenticated services and should be treated as credentials. Respect token expiration times.
Tags
Table of Contents
Methods
- fromJson() : SubmitContractChallengeResponse
- Creates a SubmitContractChallengeResponse from JSON data.
- getError() : string|null
- Returns the error message if authentication failed.
- getJwtToken() : string|null
- Returns the JWT token if authentication was successful.
- setError() : void
- Sets the error message.
- setJwtToken() : void
- Sets the JWT token.
Methods
fromJson()
Creates a SubmitContractChallengeResponse from JSON data.
public
static fromJson(array<string|int, mixed> $json) : SubmitContractChallengeResponse
Parameters
- $json : array<string|int, mixed>
-
JSON data array from the server response
Return values
SubmitContractChallengeResponse —the created response object
getError()
Returns the error message if authentication failed.
public
getError() : string|null
Return values
string|null —the error message, or null if authentication was successful
getJwtToken()
Returns the JWT token if authentication was successful.
public
getJwtToken() : string|null
Return values
string|null —the JWT token, or null if authentication failed
setError()
Sets the error message.
public
setError(string|null $error) : void
Parameters
- $error : string|null
-
the error message
setJwtToken()
Sets the JWT token.
public
setJwtToken(string|null $jwtToken) : void
Parameters
- $jwtToken : string|null
-
the JWT token