org.stellar.sdk

Class Sep10Challenge

java.lang.Object

org.stellar.sdk.Sep10Challenge

public class Sep10Challenge
extends java.lang.Object

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	Sep10Challenge.ChallengeTransaction Used to store the results produced by readChallengeTransaction(String, String, Network, String[], String).
static class	Sep10Challenge.Signer Represents a transaction signer.

Method Summary

Modifier and Type	Method and Description
static Transaction	newChallenge(KeyPair signer, Network network, java.lang.String clientAccountId, java.lang.String domainName, java.lang.String webAuthDomain, TimeBounds timebounds) Returns a valid SEP 10 challenge, for use in web authentication.
static Transaction	newChallenge(KeyPair signer, Network network, java.lang.String clientAccountId, java.lang.String domainName, java.lang.String webAuthDomain, TimeBounds timebounds, java.lang.String clientDomain, java.lang.String clientSigningKey) Returns a valid SEP 10 challenge, for use in web authentication.
static Sep10Challenge.ChallengeTransaction	readChallengeTransaction(java.lang.String challengeXdr, java.lang.String serverAccountId, Network network, java.lang.String[] domainNames, java.lang.String webAuthDomain) Reads a SEP 10 challenge transaction and returns the decoded transaction envelope and client account ID contained within.
static Sep10Challenge.ChallengeTransaction	readChallengeTransaction(java.lang.String challengeXdr, java.lang.String serverAccountId, Network network, java.lang.String domainName, java.lang.String webAuthDomain) Reads a SEP 10 challenge transaction and returns the decoded transaction envelope and client account ID contained within.
static java.util.Set<java.lang.String>	verifyChallengeTransactionSigners(java.lang.String challengeXdr, java.lang.String serverAccountId, Network network, java.lang.String[] domainNames, java.lang.String webAuthDomain, java.util.Set<java.lang.String> signers) Verifies that for a SEP 10 challenge transaction all signatures on the transaction are accounted for.
static java.util.Set<java.lang.String>	verifyChallengeTransactionSigners(java.lang.String challengeXdr, java.lang.String serverAccountId, Network network, java.lang.String domainName, java.lang.String webAuthDomain, java.util.Set<java.lang.String> signers) Verifies that for a SEP 10 challenge transaction all signatures on the transaction are accounted for.
static java.util.Set<java.lang.String>	verifyChallengeTransactionThreshold(java.lang.String challengeXdr, java.lang.String serverAccountId, Network network, java.lang.String[] domainNames, java.lang.String webAuthDomain, int threshold, java.util.Set<Sep10Challenge.Signer> signers) Verifies that for a SEP-0010 challenge transaction all signatures on the transaction are accounted for and that the signatures meet a threshold on an account.
static java.util.Set<java.lang.String>	verifyChallengeTransactionThreshold(java.lang.String challengeXdr, java.lang.String serverAccountId, Network network, java.lang.String domainName, java.lang.String webAuthDomain, int threshold, java.util.Set<Sep10Challenge.Signer> signers) Verifies that for a SEP-0010 challenge transaction all signatures on the transaction are accounted for and that the signatures meet a threshold on an account.

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

newChallenge

public static Transaction newChallenge(KeyPair signer,
                                       Network network,
                                       java.lang.String clientAccountId,
                                       java.lang.String domainName,
                                       java.lang.String webAuthDomain,
                                       TimeBounds timebounds)
                                throws InvalidSep10ChallengeException

Returns a valid SEP 10 challenge, for use in web authentication.

Parameters:

signer - The server's signing account.

network - The Stellar network used by the server.

clientAccountId - The stellar account belonging to the client.

domainName - The fully qualified domain name of the service requiring authentication.

webAuthDomain - The fully qualified domain name of the service issuing the challenge.

timebounds - The lifetime of the challenge token.

Throws:

InvalidSep10ChallengeException

newChallenge

public static Transaction newChallenge(KeyPair signer,
                                       Network network,
                                       java.lang.String clientAccountId,
                                       java.lang.String domainName,
                                       java.lang.String webAuthDomain,
                                       TimeBounds timebounds,
                                       java.lang.String clientDomain,
                                       java.lang.String clientSigningKey)
                                throws InvalidSep10ChallengeException

Returns a valid SEP 10 challenge, for use in web authentication.

Parameters:

signer - The server's signing account.

network - The Stellar network used by the server.

clientAccountId - The stellar account belonging to the client.

domainName - The fully qualified domain name of the service requiring authentication.

webAuthDomain - The fully qualified domain name of the service issuing the challenge.

timebounds - The lifetime of the challenge token.

clientDomain - The domain of the client application requesting authentication.

clientSigningKey - The stellar account listed as the SIGNING_KEY on the client domain's TOML file.

Throws:

InvalidSep10ChallengeException

readChallengeTransaction

public static Sep10Challenge.ChallengeTransaction readChallengeTransaction(java.lang.String challengeXdr,
                                                                           java.lang.String serverAccountId,
                                                                           Network network,
                                                                           java.lang.String[] domainNames,
                                                                           java.lang.String webAuthDomain)
                                                                    throws InvalidSep10ChallengeException,
                                                                           java.io.IOException

Reads a SEP 10 challenge transaction and returns the decoded transaction envelope and client account ID contained within.

It also verifies that transaction is signed by the server.

It does not verify that the transaction has been signed by the client or that any signatures other than the servers on the transaction are valid. Use one of the following functions to completely verify the transaction: verifyChallengeTransactionSigners(String, String, Network, String, String, Set) or verifyChallengeTransactionThreshold(String, String, Network, String, String, int, Set) or verifyChallengeTransactionSigners(String, String, Network, String[], String, Set) or verifyChallengeTransactionThreshold(String, String, Network, String[], String, int, Set) or

Parameters:

challengeXdr - SEP-0010 transaction challenge transaction in base64.

serverAccountId - Account ID for server's account.

network - The network to connect to for verifying and retrieving.

domainNames - An array of home domains, one of which is expected to be included in the first Manage Data operation's string key.

webAuthDomain - The home domain that is expected to be included as the value of the Manage Data operation with the 'web_auth_domain' key. If no such operation is included, this parameter is not used.

Returns:

Sep10Challenge.ChallengeTransaction, the decoded transaction envelope and client account ID contained within.

Throws:

InvalidSep10ChallengeException - If the SEP-0010 validation fails, the exception will be thrown.

java.io.IOException - If read XDR string fails, the exception will be thrown.

readChallengeTransaction

public static Sep10Challenge.ChallengeTransaction readChallengeTransaction(java.lang.String challengeXdr,
                                                                           java.lang.String serverAccountId,
                                                                           Network network,
                                                                           java.lang.String domainName,
                                                                           java.lang.String webAuthDomain)
                                                                    throws InvalidSep10ChallengeException,
                                                                           java.io.IOException

Reads a SEP 10 challenge transaction and returns the decoded transaction envelope and client account ID contained within.

It also verifies that transaction is signed by the server.

It does not verify that the transaction has been signed by the client or that any signatures other than the servers on the transaction are valid. Use one of the following functions to completely verify the transaction: verifyChallengeTransactionSigners(String, String, Network, String, String, Set) or verifyChallengeTransactionThreshold(String, String, Network, String, String, int, Set) or verifyChallengeTransactionSigners(String, String, Network, String[], String, Set) or verifyChallengeTransactionThreshold(String, String, Network, String[], String, int, Set) or

Parameters:

challengeXdr - SEP-0010 transaction challenge transaction in base64.

serverAccountId - Account ID for server's account.

network - The network to connect to for verifying and retrieving.

domainName - The home domain that is expected to be included in the first Manage Data operation's string key.

webAuthDomain - The home domain that is expected to be included as the value of the Manage Data operation with the 'web_auth_domain' key, if present.

Returns:

Sep10Challenge.ChallengeTransaction, the decoded transaction envelope and client account ID contained within.

Throws:

InvalidSep10ChallengeException - If the SEP-0010 validation fails, the exception will be thrown.

java.io.IOException - If read XDR string fails, the exception will be thrown.

verifyChallengeTransactionSigners

public static java.util.Set<java.lang.String> verifyChallengeTransactionSigners(java.lang.String challengeXdr,
                                                                                java.lang.String serverAccountId,
                                                                                Network network,
                                                                                java.lang.String domainName,
                                                                                java.lang.String webAuthDomain,
                                                                                java.util.Set<java.lang.String> signers)
                                                                         throws InvalidSep10ChallengeException,
                                                                                java.io.IOException

Verifies that for a SEP 10 challenge transaction all signatures on the transaction are accounted for. A transaction is verified if it is signed by the server account, and all other signatures match a signer that has been provided as an argument. Additional signers can be provided that do not have a signature, but all signatures must be matched to a signer for verification to succeed. If verification succeeds a list of signers that were found is returned, excluding the server account ID.

Parameters:

challengeXdr - SEP-0010 transaction challenge transaction in base64.

serverAccountId - Account ID for server's account.

network - The network to connect to for verifying and retrieving.

domainName - The home domain that is expected to be included in the first Manage Data operation's string key.

webAuthDomain - The home domain that is expected to be included as the value of the Manage Data operation with the 'web_auth_domain' key, if present.

signers - The signers of client account.

Returns:

a list of signers that were found is returned, excluding the server account ID.

Throws:

InvalidSep10ChallengeException - If the SEP-0010 validation fails, the exception will be thrown.

java.io.IOException - If read XDR string fails, the exception will be thrown.

verifyChallengeTransactionSigners

public static java.util.Set<java.lang.String> verifyChallengeTransactionSigners(java.lang.String challengeXdr,
                                                                                java.lang.String serverAccountId,
                                                                                Network network,
                                                                                java.lang.String[] domainNames,
                                                                                java.lang.String webAuthDomain,
                                                                                java.util.Set<java.lang.String> signers)
                                                                         throws InvalidSep10ChallengeException,
                                                                                java.io.IOException

Verifies that for a SEP 10 challenge transaction all signatures on the transaction are accounted for. A transaction is verified if it is signed by the server account, and all other signatures match a signer that has been provided as an argument. Additional signers can be provided that do not have a signature, but all signatures must be matched to a signer for verification to succeed. If verification succeeds a list of signers that were found is returned, excluding the server account ID.

Parameters:

challengeXdr - SEP-0010 transaction challenge transaction in base64.

serverAccountId - Account ID for server's account.

network - The network to connect to for verifying and retrieving.

domainNames - An array of home domains, one of which is expected to be included in the first Manage Data operation's string key.

webAuthDomain - The home domain that is expected to be included as the value of the Manage Data operation with the 'web_auth_domain' key, if present.

signers - The signers of client account.

Returns:

a list of signers that were found is returned, excluding the server account ID.

Throws:

InvalidSep10ChallengeException - If the SEP-0010 validation fails, the exception will be thrown.

java.io.IOException - If read XDR string fails, the exception will be thrown.

verifyChallengeTransactionThreshold

public static java.util.Set<java.lang.String> verifyChallengeTransactionThreshold(java.lang.String challengeXdr,
                                                                                  java.lang.String serverAccountId,
                                                                                  Network network,
                                                                                  java.lang.String[] domainNames,
                                                                                  java.lang.String webAuthDomain,
                                                                                  int threshold,
                                                                                  java.util.Set<Sep10Challenge.Signer> signers)
                                                                           throws InvalidSep10ChallengeException,
                                                                                  java.io.IOException

Verifies that for a SEP-0010 challenge transaction all signatures on the transaction are accounted for and that the signatures meet a threshold on an account. A transaction is verified if it is signed by the server account, and all other signatures match a signer that has been provided as an argument, and those signatures meet a threshold on the account.

Parameters:

challengeXdr - SEP-0010 transaction challenge transaction in base64.

serverAccountId - Account ID for server's account.

network - The network to connect to for verifying and retrieving.

domainNames - An array of home domains, one of which is expected to be included in the first Manage Data operation's string key.

webAuthDomain - The home domain that is expected to be included as the value of the Manage Data operation with the 'web_auth_domain' key, if present.

threshold - The threshold on the client account.

signers - The signers of client account.

Returns:

a list of signers that were found is returned, excluding the server account ID.

Throws:

InvalidSep10ChallengeException - If the SEP-0010 validation fails, the exception will be thrown.

java.io.IOException - If read XDR string fails, the exception will be thrown.

verifyChallengeTransactionThreshold

public static java.util.Set<java.lang.String> verifyChallengeTransactionThreshold(java.lang.String challengeXdr,
                                                                                  java.lang.String serverAccountId,
                                                                                  Network network,
                                                                                  java.lang.String domainName,
                                                                                  java.lang.String webAuthDomain,
                                                                                  int threshold,
                                                                                  java.util.Set<Sep10Challenge.Signer> signers)
                                                                           throws InvalidSep10ChallengeException,
                                                                                  java.io.IOException

Verifies that for a SEP-0010 challenge transaction all signatures on the transaction are accounted for and that the signatures meet a threshold on an account. A transaction is verified if it is signed by the server account, and all other signatures match a signer that has been provided as an argument, and those signatures meet a threshold on the account.

Parameters:

challengeXdr - SEP-0010 transaction challenge transaction in base64.

serverAccountId - Account ID for server's account.

network - The network to connect to for verifying and retrieving.

domainName - The home domain that is expected to be included in the first Manage Data operation's string key.

webAuthDomain - The home domain that is expected to be included as the value of the Manage Data operation with the 'web_auth_domain' key, if present.

threshold - The threshold on the client account.

signers - The signers of client account.

Returns:

a list of signers that were found is returned, excluding the server account ID.

Throws:

InvalidSep10ChallengeException - If the SEP-0010 validation fails, the exception will be thrown.

java.io.IOException - If read XDR string fails, the exception will be thrown.