This sample SP has been retired. It was used for early prototyping for integrations with login.gov and has not been maintained. It has confirmed vulnerabilities and should not be used for production itegrations.
For maintained examples of integrations with login.gov please refer to:
An example Login.gov client application which authenticates users via OpenID Connect (OIDC). Written in Go. Uses the Gin web framework and the Goth authentication package. Disclaimer: Goth is not (yet) a certified OpenID Relaying Party.
Demo:
Install Go (version 1.9.4).
Install the source code:
go get github.com/18F/identity-oidc-gin
cd $GOPATH/src/github.com/18F/identity-oidc-gin
Configure environment variables using a .env
file. At a minimum, set the SESSION_SECRET
variable. For an example, see the .env.example
file.
Set the PROVIDER_URL
environment variable to http://localhost:3000.
Run a Login.gov (identity-idp) instance locally on port 3000:
cd path/to/identity-idp
make run
Set the PROVIDER_URL
environment variable to to one of the sandbox urls:
https://idp.dev.identitysandbox.gov
https://idp.int.identitysandbox.gov
NOTE: this application's credentials have not yet been deployed to the sandbox environments. this note will be removed when the credentials have been deployed and this application has been tested against these sandbox environments.
Run the app:
go run app.go
Then view in browser at localhost:8080.