public IEnumerable <Client> Get()
{
if ((_sharedOptions.IsProduction() || _sharedOptions.IsPreProduction()) &&
_sharedOptions.AuthSecret.EqualsI("secret", "", null))
{
throw new Exception(
"Invalid ClientSecret for IdentityServer. You must set 'AuthSecret' to a unique key");
}
return(new[]
{
new Client
{
ClientName = "Modern Slavery reporting service",
ClientId = "ModernSlaveryServiceWebsite",
ClientSecrets = new List <Secret> {
new Secret(_sharedOptions.AuthSecret.GetSHA256Checksum())
},
ClientUri = _sharedOptions.SiteAuthority,
AllowedGrantTypes = GrantTypes.Implicit,
AllowAccessTokensViaBrowser = true,
RequireConsent = false,
RedirectUris =
new List <string>
{
_sharedOptions.SiteAuthority,
_sharedOptions.SiteAuthority + "signin-oidc",
_sharedOptions.SiteAuthority + "manage-organisations",
_sharedOptions.DoneUrl
},
PostLogoutRedirectUris =
new List <string>
{
_sharedOptions.SiteAuthority,
_sharedOptions.SiteAuthority + "signout-callback-oidc",
_sharedOptions.SiteAuthority + "manage-organisations",
_sharedOptions.SiteAuthority + "manage-account/complete-change-email",
_sharedOptions.SiteAuthority + "manage-account/close-account-completed",
_sharedOptions.DoneUrl
},
AllowedScopes =
new List <string>
{
IdentityServerConstants.StandardScopes.OpenId,
IdentityServerConstants.StandardScopes.Profile, "roles"
},
Properties = new Dictionary <string, string> {
{ "AutomaticRedirectAfterSignOut", "true" }
}
}
});
}
