public IEnumerable <Client> Get() { if ((_sharedOptions.IsProduction() || _sharedOptions.IsPreProduction()) && _sharedOptions.AuthSecret.EqualsI("secret", "", null)) { throw new Exception( "Invalid ClientSecret for IdentityServer. You must set 'AuthSecret' to a unique key"); } return(new[] { new Client { ClientName = "Modern Slavery reporting service", ClientId = "ModernSlaveryServiceWebsite", ClientSecrets = new List <Secret> { new Secret(_sharedOptions.AuthSecret.GetSHA256Checksum()) }, ClientUri = _sharedOptions.SiteAuthority, AllowedGrantTypes = GrantTypes.Implicit, AllowAccessTokensViaBrowser = true, RequireConsent = false, RedirectUris = new List <string> { _sharedOptions.SiteAuthority, _sharedOptions.SiteAuthority + "signin-oidc", _sharedOptions.SiteAuthority + "manage-organisations", _sharedOptions.DoneUrl }, PostLogoutRedirectUris = new List <string> { _sharedOptions.SiteAuthority, _sharedOptions.SiteAuthority + "signout-callback-oidc", _sharedOptions.SiteAuthority + "manage-organisations", _sharedOptions.SiteAuthority + "manage-account/complete-change-email", _sharedOptions.SiteAuthority + "manage-account/close-account-completed", _sharedOptions.DoneUrl }, AllowedScopes = new List <string> { IdentityServerConstants.StandardScopes.OpenId, IdentityServerConstants.StandardScopes.Profile, "roles" }, Properties = new Dictionary <string, string> { { "AutomaticRedirectAfterSignOut", "true" } } } }); }