Skip to content

castle/castle-php

develop
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
7 branches 21 tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
.circleci
 
 
certs
 
 
lib
 
 
test
 
 
.coveralls.yml
 
 
.gitattributes
 
 
.gitignore
 
 
CHANGELOG.md
 
 
LICENSE
 
 
README.md
 
 
composer.json
 
 
phpunit.xml
 
 
PHP SDK for Castle Usage Getting started Optional Configurations Request context Origin IP Address Errors Running test suite

README.md

Latest Stable Version Total Downloads License

Code Climate Coverage Status

PHP SDK for Castle

Castle analyzes user behavior in web and mobile apps to stop fraud before it happens.

Usage

See the documentation for how to use this SDK with the Castle APIs

Getting started

Obtain the latest version of the Castle PHP bindings with:

git clone --single-branch --branch master https://github.com/castle/castle-php

To get started, add the following to your PHP script:

require_once("/path/to/castle-php/lib/Castle.php");

Configure the library with your Castle API secret.

Castle::setApiKey('YOUR_API_SECRET');

Optional Configurations

Set preferred connection and request timeouts: valid options for setting are:

  • CURLOPT_CONNECTTIMEOUT
  • CURLOPT_CONNECTTIMEOUT_MS
  • CURLOPT_TIMEOUT
  • CURLOPT_TIMEOUT_MS
Castle::setCurlOpts($curlOpts)

Set a specified list of request headers to include with event context (optional, not recommended):

Castle::setUseAllowlist($headers)

Request context

By default, Castle extracts all the necessary information, such as IP and request headers, from the PHP globals in order to build and send the requests to the Castle API. However in some cases you want to track data to Castle from a context where these globals are not available, eg. when tracking async in a background worker. In this case you can build the request context manually.

Origin IP Address

By default, the SDK extracts the contextual client IP address from headers in the following priority:

  1. X-Forwarded-For
  2. X-Real-Ip
  3. REMOTE_ADDR

If the true client IP address is not specified in the above headers, you can manually set the IP address like so:

Castle_RequestContext['ip'] = '1.1.1.1'
$context = Castle_RequestContext::extractJson();

Errors

Whenever something unexpected happens, an exception is thrown to indicate what went wrong.

Name Description
Castle_Error A generic error
Castle_RequestError A request failed. Probably due to a network error
Castle_ApiError An unexpected error for the Castle API
Castle_ConfigurationError The Castle secret API key has not been set
Castle_UnauthorizedError Wrong Castle API secret key
Castle_BadRequest The request was invalid. For example if a challenge is created without the user having MFA enabled.
Castle_ForbiddenError The user has entered the wrong code too many times and a new challenge has to be requested.
Castle_NotFoundError The resource requestd was not found. For example if a session has been revoked.
Castle_InvalidParametersError One or more of the supplied parameters are incorrect. Check the response for more information.
Castle_InvalidRequestTokenError The request token parameter is missing or invalid

Running test suite

Execute vendor/bin/phpunit test to run the full test suite

About

PHP library for Castle

castle.io

Topics

php sdk castle fraud-prevention fraud-detection

Resources

Readme

License

MIT license
Activity

Stars

6 stars

Watchers

19 watching

Forks

8 forks
Report repository

Releases 15

Release 3.0.0 Latest
Jun 3, 2021
+ 14 releases

Packages

No packages published

Contributors 11

Languages