This sample SP has been retired. It was used for early prototyping for integrations with login.gov and has not been maintained. It has confirmed vulnerabilities and should not be used for production itegrations.
For maintained examples of integrations with login.gov please refer to:
An example Login.gov client application which authenticates users via OpenID Connect (OIDC). Written in Go. Uses the Gin web framework and the Goth authentication package. Disclaimer: Goth is not (yet) a certified OpenID Relaying Party.
Demo:
Install Go (version 1.9.4).
Install the source code:
go get github.com/18F/identity-oidc-gin
cd $GOPATH/src/github.com/18F/identity-oidc-ginConfigure environment variables using a .env file. At a minimum, set the SESSION_SECRET variable. For an example, see the .env.example file.
Set the PROVIDER_URL environment variable to http://localhost:3000.
Run a Login.gov (identity-idp) instance locally on port 3000:
cd path/to/identity-idp
make runSet the PROVIDER_URL environment variable to to one of the sandbox urls:
https://idp.dev.identitysandbox.govhttps://idp.int.identitysandbox.gov
NOTE: this application's credentials have not yet been deployed to the sandbox environments. this note will be removed when the credentials have been deployed and this application has been tested against these sandbox environments.
Run the app:
go run app.goThen view in browser at localhost:8080.