Update the entire code base to use collection expressions

Directory.Build.props

@@ -93,6 +93,10 @@
     <Serviceable>false</Serviceable>
   </PropertyGroup>
 
+  <PropertyGroup Condition=" $(RepoRelativeProjectDir.Contains('src')) Or $(RepoRelativeProjectDir.Contains('test')) ">
+    <IncludeInternalExtensions Condition=" '$(IncludeInternalExtensions)' == '' ">true</IncludeInternalExtensions>
+  </PropertyGroup>
+
   <PropertyGroup>
     <PolySharpIncludeRuntimeSupportedAttributes>true</PolySharpIncludeRuntimeSupportedAttributes>
   </PropertyGroup>
@@ -102,4 +106,8 @@
     <ProjectCapability Include="DynamicFileNesting" />
   </ItemGroup>
 
+  <ItemGroup Condition=" '$(IncludeInternalExtensions)' == 'true' ">
+    <Compile Include="$(MSBuildThisFileDirectory)shared\OpenIddict.Extensions\*.cs" Visible="false" />
+  </ItemGroup>
+
 </Project>

gen/OpenIddict.Client.WebIntegration.Generators/OpenIddictClientWebIntegrationGenerator.cs

@@ -1038,7 +1038,7 @@ public sealed partial class OpenIddictClientWebIntegrationConfiguration
                                         {
                                             { Count: > 0 } methods => methods.Select(type => (string?) type.Attribute("Value")).ToList(),
 
-                                            _ => (IList<string>) Array.Empty<string>()
+                                            _ => []
                                         },
 
                                         GrantTypesSupported = configuration.Elements("GrantType").ToList() switch
@@ -1046,7 +1046,7 @@ public sealed partial class OpenIddictClientWebIntegrationConfiguration
                                             { Count: > 0 } types => types.Select(type => (string?) type.Attribute("Value")).ToList(),
 
                                             // If no explicit grant type was set, assume the provider only supports the code flow.
-                                            _ => (IList<string>) new[] { GrantTypes.AuthorizationCode }
+                                            _ => [GrantTypes.AuthorizationCode]
                                         },
 
                                         ResponseModesSupported = configuration.Elements("ResponseMode").ToList() switch
@@ -1054,7 +1054,7 @@ public sealed partial class OpenIddictClientWebIntegrationConfiguration
                                             { Count: > 0 } modes => modes.Select(type => (string?) type.Attribute("Value")).ToList(),
 
                                             // If no explicit response mode was set, assume the provider only supports the query response mode.
-                                            _ => (IList<string>) new[] { ResponseModes.Query }
+                                            _ => [ResponseModes.Query]
                                         },
 
                                         ResponseTypesSupported = configuration.Elements("ResponseType").ToList() switch
@@ -1062,14 +1062,14 @@ public sealed partial class OpenIddictClientWebIntegrationConfiguration
                                             { Count: > 0 } types => types.Select(type => (string?) type.Attribute("Value")).ToList(),
 
                                             // If no explicit response type was set, assume the provider only supports the code flow.
-                                            _ => (IList<string>) new[] { ResponseTypes.Code }
+                                            _ => [ResponseTypes.Code]
                                         },
 
                                         ScopesSupported = configuration.Elements("Scope").ToList() switch
                                         {
                                             { Count: > 0 } types => types.Select(type => (string?) type.Attribute("Value")).ToList(),
 
-                                            _ => (IList<string>) Array.Empty<string>()
+                                            _ => []
                                         },
 
                                         DeviceAuthorizationEndpointAuthMethodsSupported = configuration.Elements("DeviceAuthorizationEndpointAuthMethodsSupported").ToList() switch
@@ -1078,7 +1078,7 @@ public sealed partial class OpenIddictClientWebIntegrationConfiguration
 
                                             // If no explicit client authentication method was set, assume the provider only supports
                                             // flowing the client credentials as part of the device authorization request payload.
-                                            _ => (IList<string>) new[] { ClientAuthenticationMethods.ClientSecretPost }
+                                            _ => [ClientAuthenticationMethods.ClientSecretPost]
                                         },
 
                                         TokenEndpointAuthMethodsSupported = configuration.Elements("TokenEndpointAuthMethod").ToList() switch
@@ -1087,7 +1087,7 @@ public sealed partial class OpenIddictClientWebIntegrationConfiguration
 
                                             // If no explicit client authentication method was set, assume the provider only
                                             // supports flowing the client credentials as part of the token request payload.
-                                            _ => (IList<string>) new[] { ClientAuthenticationMethods.ClientSecretPost }
+                                            _ => [ClientAuthenticationMethods.ClientSecretPost]
                                         }
                                     },
 

shared/OpenIddict.Extensions/OpenIddict.Extensions.csproj

@@ -9,6 +9,11 @@
     <ProjectReference Include="..\..\src\OpenIddict.Abstractions\OpenIddict.Abstractions.csproj" />
   </ItemGroup>
 
+  <ItemGroup Condition=" ('$(TargetFrameworkIdentifier)' == '.NETFramework') Or
+                         ('$(TargetFrameworkIdentifier)' == '.NETStandard') ">
+    <PackageReference Include="System.Collections.Immutable" />
+  </ItemGroup>
+
   <ItemGroup>
     <Using Include="OpenIddict.Abstractions" />
     <Using Include="OpenIddict.Abstractions.OpenIddictConstants" Static="true" />

shared/OpenIddict.Extensions/Helpers/OpenIddictHelpers.cs → shared/OpenIddict.Extensions/OpenIddictHelpers.cs

@@ -3,11 +3,9 @@ using System.Data;
 using System.Diagnostics;
 using System.Diagnostics.CodeAnalysis;
 using System.Runtime.CompilerServices;
-using System.Security.Claims;
 using System.Security.Cryptography;
 using System.Text;
 using Microsoft.Extensions.Primitives;
-using Microsoft.IdentityModel.Tokens;
 
 namespace OpenIddict.Extensions;
 
@@ -527,7 +525,7 @@ internal static class OpenIddictHelpers
     /// </exception>
     public static byte[] ComputeSha256MessageAuthenticationCode(byte[] key, byte[] data)
     {
-        var algorithm = CryptoConfig.CreateFromName("OpenIddict HMAC SHA-256 Cryptographic Provider", new[] { key }) switch
+        var algorithm = CryptoConfig.CreateFromName("OpenIddict HMAC SHA-256 Cryptographic Provider", [key]) switch
         {
             HMACSHA256 result => result,
             null => null,
@@ -894,7 +892,7 @@ internal static class OpenIddictHelpers
         // Warning: the type and order of the arguments specified here MUST exactly match the parameters used with
         // Rfc2898DeriveBytes(string password, byte[] salt, int iterations, HashAlgorithmName hashAlgorithm).
         using var generator = CryptoConfig.CreateFromName("OpenIddict PBKDF2 Cryptographic Provider",
-            args: new object?[] { secret, salt, iterations, algorithm }) switch
+            args: [secret, salt, iterations, algorithm]) switch
         {
             Rfc2898DeriveBytes result => result,
 

shared/OpenIddict.Extensions/OpenIddictPolyfills.cs

@@ -0,0 +1,11 @@
+using System.Collections.Immutable;
+using System.Runtime.CompilerServices;
+
+#if !SUPPORTS_IMMUTABLE_COLLECTIONS_MARSHAL
+namespace System.Runtime.InteropServices;
+
+internal static class ImmutableCollectionsMarshal
+{
+    public static ImmutableArray<T> AsImmutableArray<T>(T[] array) => Unsafe.As<T[], ImmutableArray<T>>(ref array);
+}
+#endif

src/OpenIddict.Abstractions/Descriptors/OpenIddictApplicationDescriptor.cs

@@ -45,7 +45,7 @@ public class OpenIddictApplicationDescriptor
     /// <summary>
     /// Gets the localized display names associated with the application.
     /// </summary>
-    public Dictionary<CultureInfo, string> DisplayNames { get; } = new();
+    public Dictionary<CultureInfo, string> DisplayNames { get; } = [];
 
     /// <summary>
     /// Gets or sets the JSON Web Key Set associated with the application.
@@ -60,7 +60,7 @@ public class OpenIddictApplicationDescriptor
     /// <summary>
     /// Gets the post-logout redirect URIs associated with the application.
     /// </summary>
-    public HashSet<Uri> PostLogoutRedirectUris { get; } = new();
+    public HashSet<Uri> PostLogoutRedirectUris { get; } = [];
 
     /// <summary>
     /// Gets the additional properties associated with the application.
@@ -70,7 +70,7 @@ public class OpenIddictApplicationDescriptor
     /// <summary>
     /// Gets the redirect URIs associated with the application.
     /// </summary>
-    public HashSet<Uri> RedirectUris { get; } = new();
+    public HashSet<Uri> RedirectUris { get; } = [];
 
     /// <summary>
     /// Gets the requirements associated with the application.

src/OpenIddict.Abstractions/Descriptors/OpenIddictScopeDescriptor.cs

@@ -16,7 +16,7 @@ public class OpenIddictScopeDescriptor
     /// <summary>
     /// Gets the localized descriptions associated with the scope.
     /// </summary>
-    public Dictionary<CultureInfo, string> Descriptions { get; } = new();
+    public Dictionary<CultureInfo, string> Descriptions { get; } = [];
 
     /// <summary>
     /// Gets or sets the display name associated with the scope.
@@ -26,7 +26,7 @@ public class OpenIddictScopeDescriptor
     /// <summary>
     /// Gets the localized display names associated with the scope.
     /// </summary>
-    public Dictionary<CultureInfo, string> DisplayNames { get; } = new();
+    public Dictionary<CultureInfo, string> DisplayNames { get; } = [];
 
     /// <summary>
     /// Gets or sets the unique name associated with the scope.

src/OpenIddict.Abstractions/OpenIddictConstants.cs

@@ -477,16 +477,16 @@ public static class OpenIddictConstants
 
     public static class Separators
     {
-        public static readonly char[] Ampersand = { '&' };
-        public static readonly char[] Comma = { ',' };
-        public static readonly char[] Dash = { '-' };
-        public static readonly char[] Dot = { '.' };
-        public static readonly char[] DoubleQuote = { '"' };
-        public static readonly char[] EqualsSign = { '=' };
-        public static readonly char[] Hash = { '#' };
-        public static readonly char[] QuestionMark = { '?' };
-        public static readonly char[] Semicolon = { ';' };
-        public static readonly char[] Space = { ' ' };
+        public static readonly char[] Ampersand = ['&'];
+        public static readonly char[] Comma = [','];
+        public static readonly char[] Dash = ['-'];
+        public static readonly char[] Dot = ['.'];
+        public static readonly char[] DoubleQuote = ['"'];
+        public static readonly char[] EqualsSign = ['='];
+        public static readonly char[] Hash = ['#'];
+        public static readonly char[] QuestionMark = ['?'];
+        public static readonly char[] Semicolon = [';'];
+        public static readonly char[] Space = [' '];
     }
 
     public static class Settings

src/OpenIddict.Abstractions/OpenIddictExceptions.cs

@@ -109,7 +109,7 @@ public static class OpenIddictExceptions
         /// </summary>
         /// <param name="message">The exception message.</param>
         public ValidationException(string? message)
-            : this(message, ImmutableArray.Create<ValidationResult>())
+            : this(message, [])
         {
         }
 

src/OpenIddict.Abstractions/Primitives/OpenIddictConfiguration.cs

@@ -99,7 +99,7 @@ public sealed class OpenIddictConfiguration
     /// <summary>
     /// Gets the signing keys extracted from the JSON Web Key set.
     /// </summary>
-    public List<SecurityKey> SigningKeys { get; } = new();
+    public List<SecurityKey> SigningKeys { get; } = [];
 
     /// <summary>
     /// Gets or sets the URI of the token endpoint.

src/OpenIddict.Abstractions/Primitives/OpenIddictExtensions.cs

@@ -510,7 +510,7 @@ public static class OpenIddictExtensions
 
         if (string.IsNullOrEmpty(destinations))
         {
-            return ImmutableArray.Create<string>();
+            return [];
         }
 
         using var document = JsonDocument.Parse(destinations);
@@ -620,7 +620,7 @@ public static class OpenIddictExtensions
     /// <param name="claim">The <see cref="Claim"/> instance.</param>
     /// <param name="destinations">The destinations.</param>
     public static Claim SetDestinations(this Claim claim, IEnumerable<string>? destinations)
-        => claim.SetDestinations(destinations?.ToImmutableArray() ?? ImmutableArray.Create<string>());
+        => claim.SetDestinations(destinations?.ToImmutableArray() ?? []);
 
     /// <summary>
     /// Adds specific destinations to a claim.
@@ -628,7 +628,7 @@ public static class OpenIddictExtensions
     /// <param name="claim">The <see cref="Claim"/> instance.</param>
     /// <param name="destinations">The destinations.</param>
     public static Claim SetDestinations(this Claim claim, params string[]? destinations)
-        => claim.SetDestinations(destinations?.ToImmutableArray() ?? ImmutableArray.Create<string>());
+        => claim.SetDestinations(destinations?.ToImmutableArray() ?? []);
 
     /// <summary>
     /// Gets the destinations associated with all the claims of the given identity.
@@ -2810,7 +2810,7 @@ public static class OpenIddictExtensions
     /// <param name="audiences">The audiences to store.</param>
     /// <returns>The claims identity.</returns>
     public static ClaimsIdentity SetAudiences(this ClaimsIdentity identity, IEnumerable<string>? audiences)
-        => identity.SetAudiences(audiences?.ToImmutableArray() ?? ImmutableArray.Create<string>());
+        => identity.SetAudiences(audiences?.ToImmutableArray() ?? []);
 
     /// <summary>
     /// Sets the audiences list in the claims principal.
@@ -2820,7 +2820,7 @@ public static class OpenIddictExtensions
     /// <param name="audiences">The audiences to store.</param>
     /// <returns>The claims principal.</returns>
     public static ClaimsPrincipal SetAudiences(this ClaimsPrincipal principal, IEnumerable<string>? audiences)
-        => principal.SetAudiences(audiences?.ToImmutableArray() ?? ImmutableArray.Create<string>());
+        => principal.SetAudiences(audiences?.ToImmutableArray() ?? []);
 
     /// <summary>
     /// Sets the audiences list in the claims identity.
@@ -2830,7 +2830,7 @@ public static class OpenIddictExtensions
     /// <param name="audiences">The audiences to store.</param>
     /// <returns>The claims identity.</returns>
     public static ClaimsIdentity SetAudiences(this ClaimsIdentity identity, params string[]? audiences)
-        => identity.SetAudiences(audiences?.ToImmutableArray() ?? ImmutableArray.Create<string>());
+        => identity.SetAudiences(audiences?.ToImmutableArray() ?? []);
 
     /// <summary>
     /// Sets the audiences list in the claims principal.
@@ -2840,7 +2840,7 @@ public static class OpenIddictExtensions
     /// <param name="audiences">The audiences to store.</param>
     /// <returns>The claims principal.</returns>
     public static ClaimsPrincipal SetAudiences(this ClaimsPrincipal principal, params string[]? audiences)
-        => principal.SetAudiences(audiences?.ToImmutableArray() ?? ImmutableArray.Create<string>());
+        => principal.SetAudiences(audiences?.ToImmutableArray() ?? []);
 
     /// <summary>
     /// Sets the presenters list in the claims identity.
@@ -2870,7 +2870,7 @@ public static class OpenIddictExtensions
     /// <param name="presenters">The presenters to store.</param>
     /// <returns>The claims identity.</returns>
     public static ClaimsIdentity SetPresenters(this ClaimsIdentity identity, IEnumerable<string>? presenters)
-        => identity.SetPresenters(presenters?.ToImmutableArray() ?? ImmutableArray.Create<string>());
+        => identity.SetPresenters(presenters?.ToImmutableArray() ?? []);
 
     /// <summary>
     /// Sets the presenters list in the claims principal.
@@ -2880,7 +2880,7 @@ public static class OpenIddictExtensions
     /// <param name="presenters">The presenters to store.</param>
     /// <returns>The claims principal.</returns>
     public static ClaimsPrincipal SetPresenters(this ClaimsPrincipal principal, IEnumerable<string>? presenters)
-        => principal.SetPresenters(presenters?.ToImmutableArray() ?? ImmutableArray.Create<string>());
+        => principal.SetPresenters(presenters?.ToImmutableArray() ?? []);
 
     /// <summary>
     /// Sets the presenters list in the claims identity.
@@ -2890,7 +2890,7 @@ public static class OpenIddictExtensions
     /// <param name="presenters">The presenters to store.</param>
     /// <returns>The claims identity.</returns>
     public static ClaimsIdentity SetPresenters(this ClaimsIdentity identity, params string[]? presenters)
-        => identity.SetPresenters(presenters?.ToImmutableArray() ?? ImmutableArray.Create<string>());
+        => identity.SetPresenters(presenters?.ToImmutableArray() ?? []);
 
     /// <summary>
     /// Sets the presenters list in the claims principal.
@@ -2900,7 +2900,7 @@ public static class OpenIddictExtensions
     /// <param name="presenters">The presenters to store.</param>
     /// <returns>The claims principal.</returns>
     public static ClaimsPrincipal SetPresenters(this ClaimsPrincipal principal, params string[]? presenters)
-        => principal.SetPresenters(presenters?.ToImmutableArray() ?? ImmutableArray.Create<string>());
+        => principal.SetPresenters(presenters?.ToImmutableArray() ?? []);
 
     /// <summary>
     /// Sets the resources list in the claims identity.
@@ -2930,7 +2930,7 @@ public static class OpenIddictExtensions
     /// <param name="resources">The resources to store.</param>
     /// <returns>The claims identity.</returns>
     public static ClaimsIdentity SetResources(this ClaimsIdentity identity, IEnumerable<string>? resources)
-        => identity.SetResources(resources?.ToImmutableArray() ?? ImmutableArray.Create<string>());
+        => identity.SetResources(resources?.ToImmutableArray() ?? []);
 
     /// <summary>
     /// Sets the resources list in the claims principal.
@@ -2940,7 +2940,7 @@ public static class OpenIddictExtensions
     /// <param name="resources">The resources to store.</param>
     /// <returns>The claims principal.</returns>
     public static ClaimsPrincipal SetResources(this ClaimsPrincipal principal, IEnumerable<string>? resources)
-        => principal.SetResources(resources?.ToImmutableArray() ?? ImmutableArray.Create<string>());
+        => principal.SetResources(resources?.ToImmutableArray() ?? []);
 
     /// <summary>
     /// Sets the resources list in the claims identity.
@@ -2950,7 +2950,7 @@ public static class OpenIddictExtensions
     /// <param name="resources">The resources to store.</param>
     /// <returns>The claims identity.</returns>
     public static ClaimsIdentity SetResources(this ClaimsIdentity identity, params string[]? resources)
-        => identity.SetResources(resources?.ToImmutableArray() ?? ImmutableArray.Create<string>());
+        => identity.SetResources(resources?.ToImmutableArray() ?? []);
 
     /// <summary>
     /// Sets the resources list in the claims principal.
@@ -2960,7 +2960,7 @@ public static class OpenIddictExtensions
     /// <param name="resources">The resources to store.</param>
     /// <returns>The claims principal.</returns>
     public static ClaimsPrincipal SetResources(this ClaimsPrincipal principal, params string[]? resources)
-        => principal.SetResources(resources?.ToImmutableArray() ?? ImmutableArray.Create<string>());
+        => principal.SetResources(resources?.ToImmutableArray() ?? []);
 
     /// <summary>
     /// Sets the scopes list in the claims identity.
@@ -2990,7 +2990,7 @@ public static class OpenIddictExtensions
     /// <param name="scopes">The scopes to store.</param>
     /// <returns>The claims identity.</returns>
     public static ClaimsIdentity SetScopes(this ClaimsIdentity identity, IEnumerable<string>? scopes)
-        => identity.SetScopes(scopes?.ToImmutableArray() ?? ImmutableArray.Create<string>());
+        => identity.SetScopes(scopes?.ToImmutableArray() ?? []);
 
     /// <summary>
     /// Sets the scopes list in the claims principal.
@@ -3000,7 +3000,7 @@ public static class OpenIddictExtensions
     /// <param name="scopes">The scopes to store.</param>
     /// <returns>The claims principal.</returns>
     public static ClaimsPrincipal SetScopes(this ClaimsPrincipal principal, IEnumerable<string>? scopes)
-        => principal.SetScopes(scopes?.ToImmutableArray() ?? ImmutableArray.Create<string>());
+        => principal.SetScopes(scopes?.ToImmutableArray() ?? []);
 
     /// <summary>
     /// Sets the scopes list in the claims identity.
@@ -3010,7 +3010,7 @@ public static class OpenIddictExtensions
     /// <param name="scopes">The scopes to store.</param>
     /// <returns>The claims identity.</returns>
     public static ClaimsIdentity SetScopes(this ClaimsIdentity identity, params string[]? scopes)
-        => identity.SetScopes(scopes?.ToImmutableArray() ?? ImmutableArray.Create<string>());
+        => identity.SetScopes(scopes?.ToImmutableArray() ?? []);
 
     /// <summary>
     /// Sets the scopes list in the claims principal.
@@ -3020,7 +3020,7 @@ public static class OpenIddictExtensions
     /// <param name="scopes">The scopes to store.</param>
     /// <returns>The claims principal.</returns>
     public static ClaimsPrincipal SetScopes(this ClaimsPrincipal principal, params string[]? scopes)
-        => principal.SetScopes(scopes?.ToImmutableArray() ?? ImmutableArray.Create<string>());
+        => principal.SetScopes(scopes?.ToImmutableArray() ?? []);
 
     /// <summary>
     /// Sets the access token lifetime associated with the claims identity.
@@ -3208,7 +3208,7 @@ public static class OpenIddictExtensions
 
         if (string.IsNullOrEmpty(source))
         {
-            return ImmutableArray.Create<string>();
+            return [];
         }
 
         var builder = ImmutableArray.CreateBuilder<string>();

src/OpenIddict.Abstractions/Primitives/OpenIddictParameter.cs

@@ -1119,13 +1119,13 @@ public readonly struct OpenIddictParameter : IEquatable<OpenIddictParameter>
             string?[] value => value,
 
             // When the parameter is a string value, return an array with a single entry.
-            string value => new string?[] { value },
+            string value => [value],
 
             // When the parameter is a boolean value, return an array with its string representation.
-            bool value => new string?[] { value ? bool.TrueString : bool.FalseString },
+            bool value => [value ? bool.TrueString : bool.FalseString],
 
             // When the parameter is an integer, return an array with its string representation.
-            long value => new string?[] { value.ToString(CultureInfo.InvariantCulture) },
+            long value => [value.ToString(CultureInfo.InvariantCulture)],
 
             // When the parameter is a JsonElement, try to convert it if it's of a supported type.
             JsonElement value => ConvertFromJsonElement(value),
@@ -1136,18 +1136,18 @@ public readonly struct OpenIddictParameter : IEquatable<OpenIddictParameter>
             JsonValue value when value.TryGetValue(out JsonElement element) => ConvertFromJsonElement(element),
 
             // When the parameter is a JsonValue wrapping a string, return an array with a single entry.
-            JsonValue value when value.TryGetValue(out string? result) => new string?[] { result },
+            JsonValue value when value.TryGetValue(out string? result) => [result],
 
             // When the parameter is a JsonValue wrapping a boolean, return an array with its string representation.
             JsonValue value when value.TryGetValue(out bool result)
-                => new string?[] { result ? bool.TrueString : bool.FalseString },
+                => [result ? bool.TrueString : bool.FalseString],
 
             // When the parameter is a JsonValue wrapping an integer, return an array with its string representation.
             JsonValue value when value.TryGetValue(out int result)
-                => new string?[] { result.ToString(CultureInfo.InvariantCulture) },
+                => [result.ToString(CultureInfo.InvariantCulture)],
 
             JsonValue value when value.TryGetValue(out long result)
-                => new string?[] { result.ToString(CultureInfo.InvariantCulture) },
+                => [result.ToString(CultureInfo.InvariantCulture)],
 
             // When the parameter is a JsonNode (e.g a JsonValue wrapping a non-primitive type),
             // serialize it to a JsonElement first to determine its actual JSON representation
@@ -1165,7 +1165,7 @@ public readonly struct OpenIddictParameter : IEquatable<OpenIddictParameter>
             // or a boolean, return an 1-item array with its string representation.
             JsonValueKind.String or JsonValueKind.Number or
             JsonValueKind.True   or JsonValueKind.False
-                => new string?[] { element.ToString() },
+                => [element.ToString()],
 
             // When the parameter is a JsonElement representing an array, return the elements as strings.
             JsonValueKind.Array => CreateArrayFromJsonElement(element),

src/OpenIddict.AspNetCore/OpenIddict.AspNetCore.csproj

@@ -4,6 +4,7 @@
     <TargetFrameworks>$(NetFrameworkTargetFrameworks);$(NetCoreTargetFrameworks)</TargetFrameworks>
     <IncludeBuildOutput>false</IncludeBuildOutput>
     <IncludeSymbols>false</IncludeSymbols>
+    <IncludeInternalExtensions>false</IncludeInternalExtensions>
   </PropertyGroup>
 
   <PropertyGroup>

src/OpenIddict.Client.AspNetCore/OpenIddict.Client.AspNetCore.csproj

@@ -27,10 +27,6 @@
     <PackageReference Include="Microsoft.Extensions.Caching.Abstractions" />
   </ItemGroup>
 
-  <ItemGroup>
-    <Compile Include="..\..\shared\OpenIddict.Extensions\*\*.cs" />
-  </ItemGroup>
-
   <ItemGroup>
     <Using Include="Microsoft.AspNetCore.Authentication" />
     <Using Include="Microsoft.AspNetCore.Http" />

src/OpenIddict.Client.AspNetCore/OpenIddictClientAspNetCoreHandlers.Authentication.cs

@@ -14,7 +14,7 @@ public static partial class OpenIddictClientAspNetCoreHandlers
 {
     public static class Authentication
     {
-        public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; } = ImmutableArray.Create(
+        public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; } = [
             /*
              * Authorization request processing:
              */
@@ -37,7 +37,8 @@ public static partial class OpenIddictClientAspNetCoreHandlers
             AttachCacheControlHeader<ApplyRedirectionResponseContext>.Descriptor,
             ProcessPassthroughErrorResponse<ApplyRedirectionResponseContext, RequireRedirectionEndpointPassthroughEnabled>.Descriptor,
             ProcessStatusCodePagesErrorResponse<ApplyRedirectionResponseContext>.Descriptor,
-            ProcessLocalErrorResponse<ApplyRedirectionResponseContext>.Descriptor);
+            ProcessLocalErrorResponse<ApplyRedirectionResponseContext>.Descriptor
+        ];
 
         /// <summary>
         /// Contains the logic responsible for processing authorization requests using 302 redirects.

src/OpenIddict.Client.AspNetCore/OpenIddictClientAspNetCoreHandlers.Session.cs

@@ -14,7 +14,7 @@ public static partial class OpenIddictClientAspNetCoreHandlers
 {
     public static class Session
     {
-        public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; } = ImmutableArray.Create(
+        public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; } = [
             /*
              * Session request processing:
              */
@@ -37,7 +37,8 @@ public static partial class OpenIddictClientAspNetCoreHandlers
             AttachCacheControlHeader<ApplyPostLogoutRedirectionResponseContext>.Descriptor,
             ProcessPassthroughErrorResponse<ApplyPostLogoutRedirectionResponseContext, RequirePostLogoutRedirectionEndpointPassthroughEnabled>.Descriptor,
             ProcessStatusCodePagesErrorResponse<ApplyPostLogoutRedirectionResponseContext>.Descriptor,
-            ProcessLocalErrorResponse<ApplyPostLogoutRedirectionResponseContext>.Descriptor);
+            ProcessLocalErrorResponse<ApplyPostLogoutRedirectionResponseContext>.Descriptor
+        ];
 
         /// <summary>
         /// Contains the logic responsible for processing authorization requests using 302 redirects.

src/OpenIddict.Client.AspNetCore/OpenIddictClientAspNetCoreHandlers.cs

@@ -30,7 +30,7 @@ namespace OpenIddict.Client.AspNetCore;
 [EditorBrowsable(EditorBrowsableState.Never)]
 public static partial class OpenIddictClientAspNetCoreHandlers
 {
-    public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; } = ImmutableArray.Create(
+    public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; } = [
         /*
          * Top-level request processing:
          */
@@ -70,9 +70,11 @@ public static partial class OpenIddictClientAspNetCoreHandlers
         AttachHttpResponseCode<ProcessErrorContext>.Descriptor,
         AttachCacheControlHeader<ProcessErrorContext>.Descriptor,
         ProcessStatusCodePagesErrorResponse<ProcessErrorContext>.Descriptor,
-        ProcessLocalErrorResponse<ProcessErrorContext>.Descriptor)
-        .AddRange(Authentication.DefaultHandlers)
-        .AddRange(Session.DefaultHandlers);
+        ProcessLocalErrorResponse<ProcessErrorContext>.Descriptor,
+
+        ..Authentication.DefaultHandlers,
+        ..Session.DefaultHandlers
+    ];
 
     /// <summary>
     /// Contains the logic responsible for resolving the request URI from the ASP.NET Core environment.

src/OpenIddict.Client.AspNetCore/OpenIddictClientAspNetCoreOptions.cs

@@ -26,7 +26,7 @@ public sealed class OpenIddictClientAspNetCoreOptions : AuthenticationSchemeOpti
     /// <summary>
     /// Gets the forwarded authentication schemes that are managed by the OpenIddict ASP.NET Core client host.
     /// </summary>
-    public List<AuthenticationScheme> ForwardedAuthenticationSchemes { get; } = new();
+    public List<AuthenticationScheme> ForwardedAuthenticationSchemes { get; } = [];
 
     /// <summary>
     /// Gets or sets a boolean indicating whether incoming requests arriving on insecure endpoints should be

src/OpenIddict.Client.DataProtection/OpenIddict.Client.DataProtection.csproj

@@ -29,10 +29,6 @@
     <PackageReference Include="Microsoft.AspNetCore.DataProtection" />
   </ItemGroup>
 
-  <ItemGroup>
-    <Compile Include="..\..\shared\OpenIddict.Extensions\*\*.cs" />
-  </ItemGroup>
-
   <ItemGroup>
     <Using Include="OpenIddict.Abstractions" />
     <Using Include="OpenIddict.Abstractions.OpenIddictConstants" Static="true" />

src/OpenIddict.Client.DataProtection/OpenIddictClientDataProtectionHandlers.Protection.cs

@@ -21,7 +21,7 @@ public static partial class OpenIddictClientDataProtectionHandlers
 {
     public static class Protection
     {
-        public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; } = ImmutableArray.Create(
+        public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; } = [
             /*
              * Token validation:
              */
@@ -31,7 +31,8 @@ public static partial class OpenIddictClientDataProtectionHandlers
              * Token generation:
              */
             OverrideGeneratedTokenFormat.Descriptor,
-            GenerateDataProtectionToken.Descriptor);
+            GenerateDataProtectionToken.Descriptor
+        ];
 
         /// <summary>
         /// Contains the logic responsible for validating tokens generated using Data Protection.
@@ -124,9 +125,9 @@ public static partial class OpenIddictClientDataProtectionHandlers
                         (type, context.IsReferenceToken) switch
                         {
                             (TokenTypeHints.StateToken, true)
-                                => new[] { Handlers.Client, Formats.StateToken, Features.ReferenceTokens, Schemes.Server },
+                                => [Handlers.Client, Formats.StateToken, Features.ReferenceTokens, Schemes.Server],
                             (TokenTypeHints.StateToken, false)
-                                => new[] { Handlers.Client, Formats.StateToken, Schemes.Server },
+                                => [Handlers.Client, Formats.StateToken, Schemes.Server],
 
                             _ => throw new InvalidOperationException(SR.GetResourceString(SR.ID0003))
                         });
@@ -240,9 +241,9 @@ public static partial class OpenIddictClientDataProtectionHandlers
                     (context.TokenType, context.IsReferenceToken) switch
                     {
                         (TokenTypeHints.StateToken, true)
-                            => new[] { Handlers.Client, Formats.StateToken, Features.ReferenceTokens, Schemes.Server },
+                            => [Handlers.Client, Formats.StateToken, Features.ReferenceTokens, Schemes.Server],
                         (TokenTypeHints.StateToken, false)
-                            => new[] { Handlers.Client, Formats.StateToken, Schemes.Server },
+                            => [Handlers.Client, Formats.StateToken, Schemes.Server],
 
                         _ => throw new InvalidOperationException(SR.GetResourceString(SR.ID0003))
                     });

src/OpenIddict.Client.DataProtection/OpenIddictClientDataProtectionHandlers.cs

@@ -13,5 +13,5 @@ namespace OpenIddict.Client.DataProtection;
 public static partial class OpenIddictClientDataProtectionHandlers
 {
     public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; }
-        = ImmutableArray.CreateRange(Protection.DefaultHandlers);
+        = [..Protection.DefaultHandlers];
 }

src/OpenIddict.Client.Owin/OpenIddict.Client.Owin.csproj

@@ -19,10 +19,6 @@
     <PackageReference Include="Microsoft.Owin.Security" />
   </ItemGroup>
 
-  <ItemGroup>
-    <Compile Include="..\..\shared\OpenIddict.Extensions\*\*.cs" />
-  </ItemGroup>
-
   <ItemGroup>
     <Using Include="Microsoft.Owin" />
     <Using Include="Microsoft.Owin.Infrastructure" />

src/OpenIddict.Client.Owin/OpenIddictClientOwinHandler.cs

@@ -399,7 +399,7 @@ public sealed class OpenIddictClientOwinHandler : AuthenticationHandler<OpenIddi
                         }
 
                         return new AuthenticationResponseChallenge(
-                            authenticationTypes: new[] { OpenIddictClientOwinDefaults.AuthenticationType },
+                            authenticationTypes: [OpenIddictClientOwinDefaults.AuthenticationType],
                             properties         : new AuthenticationProperties(dictionary: new Dictionary<string, string>(
                                 Context.Authentication.AuthenticationResponseChallenge.Properties.Dictionary ??
                                 ImmutableDictionary.Create<string, string>())
@@ -437,7 +437,7 @@ public sealed class OpenIddictClientOwinHandler : AuthenticationHandler<OpenIddi
                         }
 
                         return new AuthenticationResponseRevoke(
-                            authenticationTypes: new[] { OpenIddictClientOwinDefaults.AuthenticationType },
+                            authenticationTypes: [OpenIddictClientOwinDefaults.AuthenticationType],
                             properties         : new AuthenticationProperties(dictionary: new Dictionary<string, string>(
                                 Context.Authentication.AuthenticationResponseRevoke.Properties.Dictionary ??
                                 ImmutableDictionary.Create<string, string>())

src/OpenIddict.Client.Owin/OpenIddictClientOwinHandlers.Authentication.cs

@@ -13,7 +13,7 @@ public static partial class OpenIddictClientOwinHandlers
 {
     public static class Authentication
     {
-        public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; } = ImmutableArray.Create(
+        public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; } = [
             /*
              * Authorization request processing:
              */
@@ -37,7 +37,8 @@ public static partial class OpenIddictClientOwinHandlers
             SuppressFormsAuthenticationRedirect<ApplyRedirectionResponseContext>.Descriptor,
             AttachCacheControlHeader<ApplyRedirectionResponseContext>.Descriptor,
             ProcessPassthroughErrorResponse<ApplyRedirectionResponseContext, RequireRedirectionEndpointPassthroughEnabled>.Descriptor,
-            ProcessLocalErrorResponse<ApplyRedirectionResponseContext>.Descriptor);
+            ProcessLocalErrorResponse<ApplyRedirectionResponseContext>.Descriptor
+        ];
 
         /// <summary>
         /// Contains the logic responsible for processing authorization requests using 302 redirects.

src/OpenIddict.Client.Owin/OpenIddictClientOwinHandlers.Session.cs

@@ -13,7 +13,7 @@ public static partial class OpenIddictClientOwinHandlers
 {
     public static class Session
     {
-        public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; } = ImmutableArray.Create(
+        public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; } = [
             /*
              * Session request processing:
              */
@@ -35,7 +35,8 @@ public static partial class OpenIddictClientOwinHandlers
             AttachHttpResponseCode<ApplyPostLogoutRedirectionResponseContext>.Descriptor,
             AttachCacheControlHeader<ApplyPostLogoutRedirectionResponseContext>.Descriptor,
             ProcessPassthroughErrorResponse<ApplyPostLogoutRedirectionResponseContext, RequirePostLogoutRedirectionEndpointPassthroughEnabled>.Descriptor,
-            ProcessLocalErrorResponse<ApplyPostLogoutRedirectionResponseContext>.Descriptor);
+            ProcessLocalErrorResponse<ApplyPostLogoutRedirectionResponseContext>.Descriptor
+        ];
 
         /// <summary>
         /// Contains the logic responsible for processing authorization requests using 302 redirects.

src/OpenIddict.Client.Owin/OpenIddictClientOwinHandlers.cs

@@ -25,7 +25,7 @@ namespace OpenIddict.Client.Owin;
 [EditorBrowsable(EditorBrowsableState.Never)]
 public static partial class OpenIddictClientOwinHandlers
 {
-    public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; } = ImmutableArray.Create(
+    public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; } = [
         /*
          * Top-level request processing:
          */
@@ -64,9 +64,11 @@ public static partial class OpenIddictClientOwinHandlers
         // Errors returned by an OpenIddict endpoint are handled via the Apply*Response events.
         AttachHttpResponseCode<ProcessErrorContext>.Descriptor,
         AttachCacheControlHeader<ProcessErrorContext>.Descriptor,
-        ProcessLocalErrorResponse<ProcessErrorContext>.Descriptor)
-        .AddRange(Authentication.DefaultHandlers)
-        .AddRange(Session.DefaultHandlers);
+        ProcessLocalErrorResponse<ProcessErrorContext>.Descriptor,
+
+        ..Authentication.DefaultHandlers,
+        ..Session.DefaultHandlers
+    ];
 
     /// <summary>
     /// Contains the logic responsible for resolving the request URI from the OWIN environment.
@@ -1197,7 +1199,7 @@ public static partial class OpenIddictClientOwinHandlers
                 response.Context.Authentication.AuthenticationResponseChallenge is null)
             {
                 response.Context.Authentication.AuthenticationResponseChallenge =
-                    new AuthenticationResponseChallenge(new[] { Guid.NewGuid().ToString() }, null);
+                    new AuthenticationResponseChallenge([Guid.NewGuid().ToString()], null);
             }
 
             return default;

src/OpenIddict.Client.Owin/OpenIddictClientOwinOptions.cs

@@ -33,7 +33,7 @@ public sealed class OpenIddictClientOwinOptions : AuthenticationOptions
     /// <summary>
     /// Gets the forwarded authentication types that are managed by the OpenIddict OWIN client host.
     /// </summary>
-    public List<AuthenticationDescription> ForwardedAuthenticationTypes { get; } = new();
+    public List<AuthenticationDescription> ForwardedAuthenticationTypes { get; } = [];
 
     /// <summary>
     /// Gets or sets a boolean indicating whether incoming requests arriving on insecure endpoints should be

src/OpenIddict.Client.SystemIntegration/OpenIddict.Client.SystemIntegration.csproj

@@ -37,10 +37,6 @@
     <PackageReference Include="Microsoft.Windows.SDK.Contracts" />
   </ItemGroup>
 
-  <ItemGroup>
-    <Compile Include="..\..\shared\OpenIddict.Extensions\*\*.cs" />
-  </ItemGroup>
-
   <ItemGroup>
     <Using Include="OpenIddict.Abstractions" />
     <Using Include="OpenIddict.Abstractions.OpenIddictConstants" Static="true" />

src/OpenIddict.Client.SystemIntegration/OpenIddictClientSystemIntegrationHandlers.Authentication.cs

@@ -23,7 +23,7 @@ public static partial class OpenIddictClientSystemIntegrationHandlers
 {
     public static class Authentication
     {
-        public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; } = ImmutableArray.Create(
+        public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; } = [
             /*
              * Authorization request processing:
              */
@@ -44,7 +44,8 @@ public static partial class OpenIddictClientSystemIntegrationHandlers
             AttachCacheControlHeader<ApplyRedirectionResponseContext>.Descriptor,
             ProcessEmptyHttpResponse.Descriptor,
             ProcessProtocolActivationResponse<ApplyRedirectionResponseContext>.Descriptor,
-            ProcessWebAuthenticationResultResponse<ApplyRedirectionResponseContext>.Descriptor);
+            ProcessWebAuthenticationResultResponse<ApplyRedirectionResponseContext>.Descriptor
+        ];
 
         /// <summary>
         /// Contains the logic responsible for initiating authorization requests using the web authentication broker.

src/OpenIddict.Client.SystemIntegration/OpenIddictClientSystemIntegrationHandlers.cs

@@ -31,7 +31,7 @@ namespace OpenIddict.Client.SystemIntegration;
 [EditorBrowsable(EditorBrowsableState.Never)]
 public static partial class OpenIddictClientSystemIntegrationHandlers
 {
-    public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; } = ImmutableArray.Create(
+    public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; } = [
         /*
          * Top-level request processing:
          */
@@ -79,8 +79,10 @@ public static partial class OpenIddictClientSystemIntegrationHandlers
         /*
          * Error processing:
          */
-        AbortAuthenticationDemand.Descriptor)
-        .AddRange(Authentication.DefaultHandlers);
+        AbortAuthenticationDemand.Descriptor,
+
+        ..Authentication.DefaultHandlers
+    ];
 
     /// <summary>
     /// Contains the logic responsible for resolving the request URI from the HTTP listener request.

src/OpenIddict.Client.SystemIntegration/OpenIddictClientSystemIntegrationOptions.cs

@@ -37,7 +37,7 @@ public sealed class OpenIddictClientSystemIntegrationOptions
     /// If this property is not explicitly set, a port in the 49152-65535
     /// dynamic ports range is automatically chosen by OpenIddict at runtime.
     /// </remarks>
-    public List<int> AllowedEmbeddedWebServerPorts { get; } = new();
+    public List<int> AllowedEmbeddedWebServerPorts { get; } = [];
 
     /// <summary>
     /// Gets or sets a boolean indicating whether protocol activation processing should be enabled.

src/OpenIddict.Client.SystemNetHttp/OpenIddict.Client.SystemNetHttp.csproj

@@ -42,10 +42,6 @@
     <PackageReference Include="System.Net.Http.Json" />
   </ItemGroup>
 
-  <ItemGroup>
-    <Compile Include="..\..\shared\OpenIddict.Extensions\*\*.cs" />
-  </ItemGroup>
-
   <ItemGroup>
     <Using Include="System.Net.Http.Json" />
     <Using Include="OpenIddict.Abstractions" />

src/OpenIddict.Client.SystemNetHttp/OpenIddictClientSystemNetHttpHandlers.Device.cs

@@ -16,7 +16,7 @@ public static partial class OpenIddictClientSystemNetHttpHandlers
 {
     public static class Device
     {
-        public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; } = ImmutableArray.Create(
+        public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; } = [
             /*
              * DeviceAuthorization request processing:
              */
@@ -38,7 +38,8 @@ public static partial class OpenIddictClientSystemNetHttpHandlers
             ExtractJsonHttpResponse<ExtractDeviceAuthorizationResponseContext>.Descriptor,
             ExtractWwwAuthenticateHeader<ExtractDeviceAuthorizationResponseContext>.Descriptor,
             ValidateHttpResponse<ExtractDeviceAuthorizationResponseContext>.Descriptor,
-            DisposeHttpResponse<ExtractDeviceAuthorizationResponseContext>.Descriptor);
+            DisposeHttpResponse<ExtractDeviceAuthorizationResponseContext>.Descriptor
+        ];
 
         /// <summary>
         /// Contains the logic responsible for attaching the client credentials to the HTTP Authorization header.

src/OpenIddict.Client.SystemNetHttp/OpenIddictClientSystemNetHttpHandlers.Discovery.cs

@@ -12,7 +12,7 @@ public static partial class OpenIddictClientSystemNetHttpHandlers
 {
     public static class Discovery
     {
-        public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; } = ImmutableArray.Create(
+        public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; } = [
             /*
              * Configuration request processing:
              */
@@ -55,6 +55,7 @@ public static partial class OpenIddictClientSystemNetHttpHandlers
             ExtractJsonHttpResponse<ExtractCryptographyResponseContext>.Descriptor,
             ExtractWwwAuthenticateHeader<ExtractCryptographyResponseContext>.Descriptor,
             ValidateHttpResponse<ExtractCryptographyResponseContext>.Descriptor,
-            DisposeHttpResponse<ExtractCryptographyResponseContext>.Descriptor);
+            DisposeHttpResponse<ExtractCryptographyResponseContext>.Descriptor
+        ];
     }
 }

src/OpenIddict.Client.SystemNetHttp/OpenIddictClientSystemNetHttpHandlers.Exchange.cs

@@ -16,7 +16,7 @@ public static partial class OpenIddictClientSystemNetHttpHandlers
 {
     public static class Exchange
     {
-        public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; } = ImmutableArray.Create(
+        public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; } = [
             /*
              * Token request processing:
              */
@@ -38,7 +38,8 @@ public static partial class OpenIddictClientSystemNetHttpHandlers
             ExtractJsonHttpResponse<ExtractTokenResponseContext>.Descriptor,
             ExtractWwwAuthenticateHeader<ExtractTokenResponseContext>.Descriptor,
             ValidateHttpResponse<ExtractTokenResponseContext>.Descriptor,
-            DisposeHttpResponse<ExtractTokenResponseContext>.Descriptor);
+            DisposeHttpResponse<ExtractTokenResponseContext>.Descriptor
+        ];
 
         /// <summary>
         /// Contains the logic responsible for attaching the client credentials to the HTTP Authorization header.

src/OpenIddict.Client.SystemNetHttp/OpenIddictClientSystemNetHttpHandlers.Userinfo.cs

@@ -16,7 +16,7 @@ public static partial class OpenIddictClientSystemNetHttpHandlers
 {
     public static class Userinfo
     {
-        public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; } = ImmutableArray.Create(
+        public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; } = [
             /*
              * Userinfo request processing:
              */
@@ -39,7 +39,8 @@ public static partial class OpenIddictClientSystemNetHttpHandlers
             ExtractJsonHttpResponse<ExtractUserinfoResponseContext>.Descriptor,
             ExtractWwwAuthenticateHeader<ExtractUserinfoResponseContext>.Descriptor,
             ValidateHttpResponse<ExtractUserinfoResponseContext>.Descriptor,
-            DisposeHttpResponse<ExtractUserinfoResponseContext>.Descriptor);
+            DisposeHttpResponse<ExtractUserinfoResponseContext>.Descriptor
+        ];
 
         /// <summary>
         /// Contains the logic responsible for attaching the access token to the HTTP Authorization header.

src/OpenIddict.Client.SystemNetHttp/OpenIddictClientSystemNetHttpHandlers.cs

@@ -21,12 +21,12 @@ namespace OpenIddict.Client.SystemNetHttp;
 [EditorBrowsable(EditorBrowsableState.Never)]
 public static partial class OpenIddictClientSystemNetHttpHandlers
 {
-    public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; }
-        = ImmutableArray.Create<OpenIddictClientHandlerDescriptor>()
-            .AddRange(Device.DefaultHandlers)
-            .AddRange(Discovery.DefaultHandlers)
-            .AddRange(Exchange.DefaultHandlers)
-            .AddRange(Userinfo.DefaultHandlers);
+    public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; } = [
+        ..Device.DefaultHandlers,
+        ..Discovery.DefaultHandlers,
+        ..Exchange.DefaultHandlers,
+        ..Userinfo.DefaultHandlers
+    ];
 
     /// <summary>
     /// Contains the logic responsible for creating and attaching a <see cref="HttpClient"/>.

src/OpenIddict.Client.SystemNetHttp/OpenIddictClientSystemNetHttpOptions.cs

@@ -42,11 +42,11 @@ public sealed class OpenIddictClientSystemNetHttpOptions
     /// Gets the user-defined actions used to amend the <see cref="HttpClient"/>
     /// instances created by the OpenIddict client/System.Net.Http integration.
     /// </summary>
-    public List<Action<OpenIddictClientRegistration, HttpClient>> HttpClientActions { get; } = new();
+    public List<Action<OpenIddictClientRegistration, HttpClient>> HttpClientActions { get; } = [];
 
     /// <summary>
     /// Gets the user-defined actions used to amend the <see cref="HttpClientHandler"/>
     /// instances created by the OpenIddict client/System.Net.Http integration.
     /// </summary>
-    public List<Action<OpenIddictClientRegistration, HttpClientHandler>> HttpClientHandlerActions { get; } = new();
+    public List<Action<OpenIddictClientRegistration, HttpClientHandler>> HttpClientHandlerActions { get; } = [];
 }

src/OpenIddict.Client.WebIntegration/OpenIddict.Client.WebIntegration.csproj

@@ -27,10 +27,6 @@
     <AdditionalFiles Include="**\*.xml" />
   </ItemGroup>
 
-  <ItemGroup>
-    <Compile Include="..\..\shared\OpenIddict.Extensions\*\*.cs" />
-  </ItemGroup>
-
   <ItemGroup>
     <Using Include="OpenIddict.Abstractions" />
     <Using Include="OpenIddict.Abstractions.OpenIddictConstants" Static="true" />

src/OpenIddict.Client.WebIntegration/OpenIddictClientWebIntegrationHandlers.Authentication.cs

@@ -13,11 +13,12 @@ public static partial class OpenIddictClientWebIntegrationHandlers
 {
     public static class Authentication
     {
-        public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; } = ImmutableArray.Create(
+        public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; } = [
             /*
              * Authorization request preparation:
              */
-            MapNonStandardRequestParameters.Descriptor);
+            MapNonStandardRequestParameters.Descriptor
+        ];
 
         /// <summary>
         /// Contains the logic responsible for mapping non-standard request parameters

src/OpenIddict.Client.WebIntegration/OpenIddictClientWebIntegrationHandlers.Device.cs

@@ -13,11 +13,12 @@ public static partial class OpenIddictClientWebIntegrationHandlers
 {
     public static class Device
     {
-        public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; } = ImmutableArray.Create(
+        public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; } = [
             /*
              * Token response extraction:
              */
-            MapNonStandardResponseParameters.Descriptor);
+            MapNonStandardResponseParameters.Descriptor
+        ];
 
         /// <summary>
         /// Contains the logic responsible for mapping non-standard response parameters

src/OpenIddict.Client.WebIntegration/OpenIddictClientWebIntegrationHandlers.Discovery.cs

@@ -15,7 +15,7 @@ public static partial class OpenIddictClientWebIntegrationHandlers
 {
     public static class Discovery
     {
-        public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; } = ImmutableArray.Create(
+        public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; } = [
             /*
              * Configuration response handling:
              */
@@ -25,7 +25,8 @@ public static partial class OpenIddictClientWebIntegrationHandlers
             AmendScopes.Descriptor,
             AmendDeviceAuthorizationEndpointClientAuthenticationMethods.Descriptor,
             AmendTokenEndpointClientAuthenticationMethods.Descriptor,
-            AmendEndpoints.Descriptor);
+            AmendEndpoints.Descriptor
+        ];
 
         /// <summary>
         /// Contains the logic responsible for amending the issuer for the providers that require it.

src/OpenIddict.Client.WebIntegration/OpenIddictClientWebIntegrationHandlers.Exchange.cs

@@ -23,7 +23,7 @@ public static partial class OpenIddictClientWebIntegrationHandlers
 {
     public static class Exchange
     {
-        public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; } = ImmutableArray.Create(
+        public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; } = [
             /*
              * Token request preparation:
              */
@@ -36,7 +36,8 @@ public static partial class OpenIddictClientWebIntegrationHandlers
             /*
              * Token response extraction:
              */
-            MapNonStandardResponseParameters.Descriptor);
+            MapNonStandardResponseParameters.Descriptor
+        ];
 
         /// <summary>
         /// Contains the logic responsible for mapping non-standard request parameters

src/OpenIddict.Client.WebIntegration/OpenIddictClientWebIntegrationHandlers.Protection.cs

@@ -14,11 +14,12 @@ public static partial class OpenIddictClientWebIntegrationHandlers
 {
     public static class Protection
     {
-        public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; } = ImmutableArray.Create(
+        public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; } = [
             /*
              * Token validation:
              */
-            AmendTokenValidationParameters.Descriptor);
+            AmendTokenValidationParameters.Descriptor
+        ];
 
         /// <summary>
         /// Contains the logic responsible for amending the token validation parameters for the providers that require it.

src/OpenIddict.Client.WebIntegration/OpenIddictClientWebIntegrationHandlers.Userinfo.cs

@@ -21,7 +21,7 @@ public static partial class OpenIddictClientWebIntegrationHandlers
 {
     public static class Userinfo
     {
-        public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; } = ImmutableArray.Create(
+        public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; } = [
             /*
              * Userinfo request preparation:
              */
@@ -35,7 +35,8 @@ public static partial class OpenIddictClientWebIntegrationHandlers
              * Userinfo response extraction:
              */
             NormalizeContentType.Descriptor,
-            UnwrapUserinfoResponse.Descriptor);
+            UnwrapUserinfoResponse.Descriptor
+        ];
 
         /// <summary>
         /// Contains the logic responsible for overriding the HTTP method for the providers that require it.

src/OpenIddict.Client.WebIntegration/OpenIddictClientWebIntegrationHandlers.cs

@@ -18,7 +18,7 @@ namespace OpenIddict.Client.WebIntegration;
 [EditorBrowsable(EditorBrowsableState.Never)]
 public static partial class OpenIddictClientWebIntegrationHandlers
 {
-    public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; } = ImmutableArray.Create(
+    public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; } = [
         /*
          * Authentication processing:
          */
@@ -46,13 +46,15 @@ public static partial class OpenIddictClientWebIntegrationHandlers
         OverrideResponseMode.Descriptor,
         FormatNonStandardScopeParameter.Descriptor,
         IncludeStateParameterInRedirectUri.Descriptor,
-        AttachAdditionalChallengeParameters.Descriptor)
-        .AddRange(Authentication.DefaultHandlers)
-        .AddRange(Device.DefaultHandlers)
-        .AddRange(Discovery.DefaultHandlers)
-        .AddRange(Exchange.DefaultHandlers)
-        .AddRange(Protection.DefaultHandlers)
-        .AddRange(Userinfo.DefaultHandlers);
+        AttachAdditionalChallengeParameters.Descriptor,
+
+        ..Authentication.DefaultHandlers,
+        ..Device.DefaultHandlers,
+        ..Discovery.DefaultHandlers,
+        ..Exchange.DefaultHandlers,
+        ..Protection.DefaultHandlers,
+        ..Userinfo.DefaultHandlers
+    ];
 
     /// <summary>
     /// Contains the logic responsible for validating the signature or message authentication

src/OpenIddict.Client/OpenIddict.Client.csproj

@@ -27,10 +27,6 @@ To use the client feature on ASP.NET Core or OWIN/Katana, reference the OpenIddi
     <PackageReference Include="Microsoft.IdentityModel.Protocols" />
   </ItemGroup>
 
-  <ItemGroup>
-    <Compile Include="..\..\shared\OpenIddict.Extensions\*\*.cs" />
-  </ItemGroup>
-
   <ItemGroup>
     <Using Include="OpenIddict.Abstractions" />
     <Using Include="OpenIddict.Abstractions.OpenIddictConstants" Static="true" />

src/OpenIddict.Client/OpenIddictClientConfiguration.cs

@@ -81,7 +81,7 @@ public sealed class OpenIddictClientConfiguration : IPostConfigureOptions<OpenId
                     TransformBlock(algorithm, registration.ProviderName);
                 }
 
-                algorithm.TransformFinalBlock(Array.Empty<byte>(), 0, 0);
+                algorithm.TransformFinalBlock([], 0, 0);
 
                 registration.RegistrationId = Base64UrlEncoder.Encode(algorithm.Hash);
             }

src/OpenIddict.Client/OpenIddictClientHandlerDescriptor.cs

@@ -31,7 +31,7 @@ public sealed class OpenIddictClientHandlerDescriptor
     /// Gets the list of filters responsible for excluding the handler
     /// from the activated handlers if it doesn't meet the criteria.
     /// </summary>
-    public ImmutableArray<Type> FilterTypes { get; private set; } = ImmutableArray.Create<Type>();
+    public ImmutableArray<Type> FilterTypes { get; private set; } = [];
 
     /// <summary>
     /// Gets the order assigned to the handler.
@@ -63,7 +63,7 @@ public sealed class OpenIddictClientHandlerDescriptor
     public sealed class Builder<TContext> where TContext : BaseContext
     {
         private ServiceDescriptor? _descriptor;
-        private readonly List<Type> _filters = new();
+        private readonly List<Type> _filters = [];
         private int _order;
         private OpenIddictClientHandlerType _type;
 

src/OpenIddict.Client/OpenIddictClientHandlers.Authentication.cs

@@ -13,7 +13,7 @@ public static partial class OpenIddictClientHandlers
 {
     public static class Authentication
     {
-        public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; } = ImmutableArray.Create(
+        public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; } = [
             /*
              * Authorization request top-level processing:
              */
@@ -42,7 +42,8 @@ public static partial class OpenIddictClientHandlers
             /*
              * Redirection request validation:
              */
-            ValidateTokens.Descriptor);
+            ValidateTokens.Descriptor
+        ];
 
         /// <summary>
         /// Contains the logic responsible for preparing authorization requests and invoking the corresponding event handlers.

src/OpenIddict.Client/OpenIddictClientHandlers.Device.cs

@@ -14,13 +14,14 @@ public static partial class OpenIddictClientHandlers
 {
     public static class Device
     {
-        public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; } = ImmutableArray.Create(
+        public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; } = [
             /*
              * Device authorization response handling:
              */
             ValidateWellKnownParameters.Descriptor,
             HandleErrorResponse.Descriptor,
-            ValidateVerificationEndpointUri.Descriptor);
+            ValidateVerificationEndpointUri.Descriptor
+        ];
 
         /// <summary>
         /// Contains the logic responsible for validating the well-known parameters contained in the device authorization response.

src/OpenIddict.Client/OpenIddictClientHandlers.Discovery.cs

@@ -15,7 +15,7 @@ public static partial class OpenIddictClientHandlers
 {
     public static class Discovery
     {
-        public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; } = ImmutableArray.Create(
+        public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; } = [
             /*
              * Configuration response handling:
              */
@@ -42,7 +42,8 @@ public static partial class OpenIddictClientHandlers
              */
             ValidateWellKnownCryptographyParameters.Descriptor,
             HandleCryptographyErrorResponse.Descriptor,
-            ExtractSigningKeys.Descriptor);
+            ExtractSigningKeys.Descriptor
+        ];
 
         /// <summary>
         /// Contains the logic responsible for validating the well-known parameters contained in the configuration response.

src/OpenIddict.Client/OpenIddictClientHandlers.Exchange.cs

@@ -14,12 +14,13 @@ public static partial class OpenIddictClientHandlers
 {
     public static class Exchange
     {
-        public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; } = ImmutableArray.Create(
+        public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; } = [
             /*
              * Token response handling:
              */
             ValidateWellKnownParameters.Descriptor,
-            HandleErrorResponse.Descriptor);
+            HandleErrorResponse.Descriptor
+        ];
 
         /// <summary>
         /// Contains the logic responsible for validating the well-known parameters contained in the token response.

src/OpenIddict.Client/OpenIddictClientHandlers.Protection.cs

@@ -19,7 +19,7 @@ public static partial class OpenIddictClientHandlers
 {
     public static class Protection
     {
-        public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; } = ImmutableArray.Create(
+        public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; } = [
             /*
              * Token validation:
              */
@@ -38,7 +38,8 @@ public static partial class OpenIddictClientHandlers
             AttachSecurityCredentials.Descriptor,
             CreateTokenEntry.Descriptor,
             GenerateIdentityModelToken.Descriptor,
-            AttachTokenPayload.Descriptor);
+            AttachTokenPayload.Descriptor
+        ];
 
         /// <summary>
         /// Contains the logic responsible for resolving the validation parameters used to validate tokens.
@@ -104,29 +105,29 @@ public static partial class OpenIddictClientHandlers
                         // If the client URI doesn't contain any query/fragment, allow both http://www.fabrikam.com
                         // and http://www.fabrikam.com/ (the recommended URI representation) to be considered valid.
                         // See https://datatracker.ietf.org/doc/html/rfc3986#section-6.2.3 for more information.
-                        { AbsolutePath: "/", Query.Length: 0, Fragment.Length: 0 } uri => new[]
-                        {
+                        { AbsolutePath: "/", Query.Length: 0, Fragment.Length: 0 } uri =>
+                        [
                             uri.AbsoluteUri, // Uri.AbsoluteUri is normalized and always contains a trailing slash.
                             uri.AbsoluteUri[..^1]
-                        },
+                        ],
 
                         // When properly normalized, Uri.AbsolutePath should never be empty and should at least
                         // contain a leading slash. While dangerous, System.Uri now offers a way to create a URI
                         // instance without applying the default canonicalization logic. To support such URIs,
                         // a special case is added here to add back the missing trailing slash when necessary.
-                        { AbsolutePath.Length: 0, Query.Length: 0, Fragment.Length: 0 } uri => new[]
-                        {
+                        { AbsolutePath.Length: 0, Query.Length: 0, Fragment.Length: 0 } uri =>
+                        [
                             uri.AbsoluteUri,
                             uri.AbsoluteUri + "/"
-                        },
+                        ],
 
-                        Uri uri => new[] { uri.AbsoluteUri }
+                        Uri uri => [uri.AbsoluteUri]
                     };
 
                     parameters.ValidateIssuer = parameters.ValidIssuers is not null;
 
                     // For state tokens, only the short "oi_stet+jwt" form is valid.
-                    parameters.ValidTypes = new[] { JsonWebTokenTypes.Private.StateToken };
+                    parameters.ValidTypes = [JsonWebTokenTypes.Private.StateToken];
 
                     return parameters;
                 }
@@ -142,23 +143,23 @@ public static partial class OpenIddictClientHandlers
                         // If the issuer URI doesn't contain any query/fragment, allow both http://www.fabrikam.com
                         // and http://www.fabrikam.com/ (the recommended URI representation) to be considered valid.
                         // See https://datatracker.ietf.org/doc/html/rfc3986#section-6.2.3 for more information.
-                        { AbsolutePath: "/", Query.Length: 0, Fragment.Length: 0 } uri => new[]
-                        {
+                        { AbsolutePath: "/", Query.Length: 0, Fragment.Length: 0 } uri =>
+                        [
                             uri.AbsoluteUri, // Uri.AbsoluteUri is normalized and always contains a trailing slash.
                             uri.AbsoluteUri[..^1]
-                        },
+                        ],
 
                         // When properly normalized, Uri.AbsolutePath should never be empty and should at least
                         // contain a leading slash. While dangerous, System.Uri now offers a way to create a URI
                         // instance without applying the default canonicalization logic. To support such URIs,
                         // a special case is added here to add back the missing trailing slash when necessary.
-                        { AbsolutePath.Length: 0, Query.Length: 0, Fragment.Length: 0 } uri => new[]
-                        {
+                        { AbsolutePath.Length: 0, Query.Length: 0, Fragment.Length: 0 } uri =>
+                        [
                             uri.AbsoluteUri,
                             uri.AbsoluteUri + "/"
-                        },
+                        ],
 
-                        Uri uri => new[] { uri.AbsoluteUri }
+                        Uri uri => [uri.AbsoluteUri]
                     };
 
                     parameters.ValidateIssuer = parameters.ValidIssuers is not null;

src/OpenIddict.Client/OpenIddictClientHandlers.Session.cs

@@ -13,7 +13,7 @@ public static partial class OpenIddictClientHandlers
 {
     public static class Session
     {
-        public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; } = ImmutableArray.Create(
+        public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; } = [
             /*
              * Logout request top-level processing:
              */
@@ -37,7 +37,8 @@ public static partial class OpenIddictClientHandlers
             /*
              * Post-logout redirection request validation:
              */
-            ValidateTokens.Descriptor);
+            ValidateTokens.Descriptor
+        ];
 
         /// <summary>
         /// Contains the logic responsible for preparing authorization requests and invoking the corresponding event handlers.

src/OpenIddict.Client/OpenIddictClientHandlers.Userinfo.cs

@@ -16,13 +16,14 @@ public static partial class OpenIddictClientHandlers
 {
     public static class Userinfo
     {
-        public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; } = ImmutableArray.Create(
+        public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; } = [
             /*
              * Userinfo response handling:
              */
             ValidateWellKnownParameters.Descriptor,
             HandleErrorResponse.Descriptor,
-            PopulateClaims.Descriptor);
+            PopulateClaims.Descriptor
+        ];
 
         /// <summary>
         /// Contains the logic responsible for validating the well-known parameters contained in the userinfo response.

src/OpenIddict.Client/OpenIddictClientHandlers.cs

@@ -21,7 +21,7 @@ namespace OpenIddict.Client;
 [EditorBrowsable(EditorBrowsableState.Never)]
 public static partial class OpenIddictClientHandlers
 {
-    public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; } = ImmutableArray.Create(
+    public static ImmutableArray<OpenIddictClientHandlerDescriptor> DefaultHandlers { get; } = [
         /*
          * Top-level request processing:
          */
@@ -148,15 +148,16 @@ public static partial class OpenIddictClientHandlers
          * Error processing:
          */
         AttachErrorParameters.Descriptor,
-        AttachCustomErrorParameters.Descriptor)
-
-        .AddRange(Authentication.DefaultHandlers)
-        .AddRange(Device.DefaultHandlers)
-        .AddRange(Discovery.DefaultHandlers)
-        .AddRange(Exchange.DefaultHandlers)
-        .AddRange(Protection.DefaultHandlers)
-        .AddRange(Session.DefaultHandlers)
-        .AddRange(Userinfo.DefaultHandlers);
+        AttachCustomErrorParameters.Descriptor,
+
+        ..Authentication.DefaultHandlers,
+        ..Device.DefaultHandlers,
+        ..Discovery.DefaultHandlers,
+        ..Exchange.DefaultHandlers,
+        ..Protection.DefaultHandlers,
+        ..Session.DefaultHandlers,
+        ..Userinfo.DefaultHandlers
+    ];
 
     /// <summary>
     /// Contains the logic responsible for inferring the endpoint type from the request URI.

src/OpenIddict.Client/OpenIddictClientOptions.cs

@@ -45,7 +45,7 @@ public sealed class OpenIddictClientOptions
     ///   <item><description>X.509 keys whose backing certificate is not yet valid are never preferred.</description></item>
     /// </list>
     /// </remarks>
-    public List<EncryptingCredentials> EncryptionCredentials { get; } = new();
+    public List<EncryptingCredentials> EncryptionCredentials { get; } = [];
 
     /// <summary>
     /// Gets the list of signing credentials used by the OpenIddict client services.
@@ -63,7 +63,7 @@ public sealed class OpenIddictClientOptions
     ///   <item><description>X.509 keys whose backing certificate is not yet valid are never preferred.</description></item>
     /// </list>
     /// </remarks>
-    public List<SigningCredentials> SigningCredentials { get; } = new();
+    public List<SigningCredentials> SigningCredentials { get; } = [];
 
     /// <summary>
     /// Gets or sets the period of time client assertions remain valid after being issued. The default value is 5 minutes.
@@ -88,17 +88,17 @@ public sealed class OpenIddictClientOptions
     /// <summary>
     /// Gets the absolute and relative URIs associated to the redirection endpoint.
     /// </summary>
-    public List<Uri> RedirectionEndpointUris { get; } = new();
+    public List<Uri> RedirectionEndpointUris { get; } = [];
 
     /// <summary>
     /// Gets the absolute and relative URIs associated to the post-logout redirection endpoint.
     /// </summary>
-    public List<Uri> PostLogoutRedirectionEndpointUris { get; } = new();
+    public List<Uri> PostLogoutRedirectionEndpointUris { get; } = [];
 
     /// <summary>
     /// Gets the static client registrations used by the OpenIddict client services.
     /// </summary>
-    public List<OpenIddictClientRegistration> Registrations { get; } = new();
+    public List<OpenIddictClientRegistration> Registrations { get; } = [];
 
     /// <summary>
     /// Gets the token validation parameters used by the OpenIddict client services.

src/OpenIddict.Client/OpenIddictClientRegistration.cs

@@ -54,14 +54,14 @@ public sealed class OpenIddictClientRegistration
     /// Multiple credentials can be added to support key rollover, but if X.509 keys
     /// are used, at least one of them must have a valid creation/expiration date.
     /// </summary>
-    public List<EncryptingCredentials> EncryptionCredentials { get; } = new();
+    public List<EncryptingCredentials> EncryptionCredentials { get; } = [];
 
     /// <summary>
     /// Gets the list of signing credentials used to create tokens for this client.
     /// Multiple credentials can be added to support key rollover, but if X.509 keys
     /// are used, at least one of them must have a valid creation/expiration date.
     /// </summary>
-    public List<SigningCredentials> SigningCredentials { get; } = new();
+    public List<SigningCredentials> SigningCredentials { get; } = [];
 
     /// <summary>
     /// Gets the code challenge methods allowed by the client instance.

src/OpenIddict.Core/Managers/OpenIddictApplicationManager.cs

@@ -1025,11 +1025,9 @@ public class OpenIddictApplicationManager<TApplication> : IOpenIddictApplication
         await Store.SetDisplayNamesAsync(application, descriptor.DisplayNames.ToImmutableDictionary(), cancellationToken);
         await Store.SetJsonWebKeySetAsync(application, descriptor.JsonWebKeySet, cancellationToken);
         await Store.SetPermissionsAsync(application, descriptor.Permissions.ToImmutableArray(), cancellationToken);
-        await Store.SetPostLogoutRedirectUrisAsync(application, ImmutableArray.CreateRange(
-            descriptor.PostLogoutRedirectUris.Select(uri => uri.OriginalString)), cancellationToken);
+        await Store.SetPostLogoutRedirectUrisAsync(application, [..descriptor.PostLogoutRedirectUris.Select(uri => uri.OriginalString)], cancellationToken);
         await Store.SetPropertiesAsync(application, descriptor.Properties.ToImmutableDictionary(), cancellationToken);
-        await Store.SetRedirectUrisAsync(application, ImmutableArray.CreateRange(
-            descriptor.RedirectUris.Select(uri => uri.OriginalString)), cancellationToken);
+        await Store.SetRedirectUrisAsync(application, [..descriptor.RedirectUris.Select(uri => uri.OriginalString)], cancellationToken);
         await Store.SetRequirementsAsync(application, descriptor.Requirements.ToImmutableArray(), cancellationToken);
         await Store.SetSettingsAsync(application, descriptor.Settings.ToImmutableDictionary(), cancellationToken);
     }

src/OpenIddict.Core/OpenIddict.Core.csproj

@@ -33,10 +33,6 @@
     <PackageReference Include="BouncyCastle.Cryptography" />
   </ItemGroup>
 
-  <ItemGroup>
-    <Compile Include="..\..\shared\OpenIddict.Extensions\*\*.cs" />
-  </ItemGroup>
-
   <ItemGroup>
     <Using Include="OpenIddict.Abstractions" />
     <Using Include="OpenIddict.Abstractions.OpenIddictConstants" Static="true" />

src/OpenIddict.EntityFramework.Models/OpenIddict.EntityFramework.Models.csproj

@@ -9,6 +9,7 @@
   </PropertyGroup>
 
   <PropertyGroup>
+    <IncludeInternalExtensions>false</IncludeInternalExtensions>
     <PolySharpIncludeGeneratedTypes>System.Diagnostics.CodeAnalysis.StringSyntaxAttribute</PolySharpIncludeGeneratedTypes>
   </PropertyGroup>
 

src/OpenIddict.EntityFramework/OpenIddict.EntityFramework.csproj

@@ -22,10 +22,6 @@
     <PackageReference Include="EntityFramework" />
   </ItemGroup>
 
-  <ItemGroup>
-    <Compile Include="..\..\shared\OpenIddict.Extensions\*\*.cs" />
-  </ItemGroup>
-
   <ItemGroup>
     <Using Include="OpenIddict.Abstractions" />
     <Using Include="OpenIddict.Abstractions.OpenIddictConstants" Static="true" />

src/OpenIddict.EntityFramework/Stores/OpenIddictEntityFrameworkApplicationStore.cs

@@ -473,7 +473,7 @@ public class OpenIddictEntityFrameworkApplicationStore<TApplication, TAuthorizat
 
         if (string.IsNullOrEmpty(application.Permissions))
         {
-            return new(ImmutableArray.Create<string>());
+            return new([]);
         }
 
         // Note: parsing the stringified permissions is an expensive operation.
@@ -514,7 +514,7 @@ public class OpenIddictEntityFrameworkApplicationStore<TApplication, TAuthorizat
 
         if (string.IsNullOrEmpty(application.PostLogoutRedirectUris))
         {
-            return new(ImmutableArray.Create<string>());
+            return new([]);
         }
 
         // Note: parsing the stringified URIs is an expensive operation.
@@ -590,7 +590,7 @@ public class OpenIddictEntityFrameworkApplicationStore<TApplication, TAuthorizat
 
         if (string.IsNullOrEmpty(application.RedirectUris))
         {
-            return new(ImmutableArray.Create<string>());
+            return new([]);
         }
 
         // Note: parsing the stringified URIs is an expensive operation.
@@ -631,7 +631,7 @@ public class OpenIddictEntityFrameworkApplicationStore<TApplication, TAuthorizat
 
         if (string.IsNullOrEmpty(application.Requirements))
         {
-            return new(ImmutableArray.Create<string>());
+            return new([]);
         }
 
         // Note: parsing the stringified requirements is an expensive operation.

src/OpenIddict.EntityFramework/Stores/OpenIddictEntityFrameworkAuthorizationStore.cs

@@ -478,7 +478,7 @@ public class OpenIddictEntityFrameworkAuthorizationStore<TAuthorization, TApplic
 
         if (string.IsNullOrEmpty(authorization.Scopes))
         {
-            return new(ImmutableArray.Create<string>());
+            return new([]);
         }
 
         // Note: parsing the stringified scopes is an expensive operation.
@@ -660,7 +660,7 @@ public class OpenIddictEntityFrameworkAuthorizationStore<TAuthorization, TApplic
 
             catch (Exception exception) when (!OpenIddictHelpers.IsFatal(exception))
             {
-                exceptions ??= new List<Exception>(capacity: 1);
+                exceptions ??= [];
                 exceptions.Add(exception);
             }
         }

src/OpenIddict.EntityFramework/Stores/OpenIddictEntityFrameworkScopeStore.cs

@@ -391,7 +391,7 @@ public class OpenIddictEntityFrameworkScopeStore<TScope, TContext, TKey> : IOpen
 
         if (string.IsNullOrEmpty(scope.Resources))
         {
-            return new(ImmutableArray.Create<string>());
+            return new([]);
         }
 
         // Note: parsing the stringified resources is an expensive operation.

src/OpenIddict.EntityFramework/Stores/OpenIddictEntityFrameworkTokenStore.cs

@@ -640,7 +640,7 @@ public class OpenIddictEntityFrameworkTokenStore<TToken, TApplication, TAuthoriz
 
             catch (Exception exception) when (!OpenIddictHelpers.IsFatal(exception))
             {
-                exceptions ??= new List<Exception>(capacity: 1);
+                exceptions ??= [];
                 exceptions.Add(exception);
             }
         }

src/OpenIddict.EntityFrameworkCore.Models/OpenIddict.EntityFrameworkCore.Models.csproj

@@ -9,6 +9,7 @@
   </PropertyGroup>
 
   <PropertyGroup>
+    <IncludeInternalExtensions>false</IncludeInternalExtensions>
     <PolySharpIncludeGeneratedTypes>System.Diagnostics.CodeAnalysis.StringSyntaxAttribute</PolySharpIncludeGeneratedTypes>
   </PropertyGroup>
 

src/OpenIddict.EntityFrameworkCore/OpenIddict.EntityFrameworkCore.csproj

@@ -22,10 +22,6 @@
     <PackageReference Include="Microsoft.EntityFrameworkCore.Relational" />
   </ItemGroup>
 
-  <ItemGroup>
-    <Compile Include="..\..\shared\OpenIddict.Extensions\*\*.cs" />
-  </ItemGroup>
-
   <ItemGroup>
     <Using Include="OpenIddict.Abstractions" />
     <Using Include="OpenIddict.Abstractions.OpenIddictConstants" Static="true" />

src/OpenIddict.EntityFrameworkCore/Stores/OpenIddictEntityFrameworkCoreApplicationStore.cs

@@ -515,7 +515,7 @@ public class OpenIddictEntityFrameworkCoreApplicationStore<TApplication, TAuthor
 
         if (string.IsNullOrEmpty(application.Permissions))
         {
-            return new(ImmutableArray.Create<string>());
+            return new([]);
         }
 
         // Note: parsing the stringified permissions is an expensive operation.
@@ -556,7 +556,7 @@ public class OpenIddictEntityFrameworkCoreApplicationStore<TApplication, TAuthor
 
         if (string.IsNullOrEmpty(application.PostLogoutRedirectUris))
         {
-            return new(ImmutableArray.Create<string>());
+            return new([]);
         }
 
         // Note: parsing the stringified URIs is an expensive operation.
@@ -632,7 +632,7 @@ public class OpenIddictEntityFrameworkCoreApplicationStore<TApplication, TAuthor
 
         if (string.IsNullOrEmpty(application.RedirectUris))
         {
-            return new(ImmutableArray.Create<string>());
+            return new([]);
         }
 
         // Note: parsing the stringified URIs is an expensive operation.
@@ -673,7 +673,7 @@ public class OpenIddictEntityFrameworkCoreApplicationStore<TApplication, TAuthor
 
         if (string.IsNullOrEmpty(application.Requirements))
         {
-            return new(ImmutableArray.Create<string>());
+            return new([]);
         }
 
         // Note: parsing the stringified requirements is an expensive operation.

src/OpenIddict.EntityFrameworkCore/Stores/OpenIddictEntityFrameworkCoreAuthorizationStore.cs

@@ -544,7 +544,7 @@ public class OpenIddictEntityFrameworkCoreAuthorizationStore<TAuthorization, TAp
 
         if (string.IsNullOrEmpty(authorization.Scopes))
         {
-            return new(ImmutableArray.Create<string>());
+            return new([]);
         }
 
         // Note: parsing the stringified scopes is an expensive operation.
@@ -738,7 +738,7 @@ public class OpenIddictEntityFrameworkCoreAuthorizationStore<TAuthorization, TAp
 
             catch (Exception exception) when (!OpenIddictHelpers.IsFatal(exception))
             {
-                exceptions ??= new List<Exception>(capacity: 1);
+                exceptions ??= [];
                 exceptions.Add(exception);
             }
         }

src/OpenIddict.EntityFrameworkCore/Stores/OpenIddictEntityFrameworkCoreScopeStore.cs

@@ -407,7 +407,7 @@ public class OpenIddictEntityFrameworkCoreScopeStore<TScope, TContext, TKey> : I
 
         if (string.IsNullOrEmpty(scope.Resources))
         {
-            return new(ImmutableArray.Create<string>());
+            return new([]);
         }
 
         // Note: parsing the stringified resources is an expensive operation.

src/OpenIddict.EntityFrameworkCore/Stores/OpenIddictEntityFrameworkCoreTokenStore.cs

@@ -700,7 +700,7 @@ public class OpenIddictEntityFrameworkCoreTokenStore<TToken, TApplication, TAuth
 
             catch (Exception exception) when (!OpenIddictHelpers.IsFatal(exception))
             {
-                exceptions ??= new List<Exception>(capacity: 1);
+                exceptions ??= [];
                 exceptions.Add(exception);
             }
         }

src/OpenIddict.MongoDb.Models/OpenIddict.MongoDb.Models.csproj

@@ -9,6 +9,7 @@
     <DisablePolySharp>true</DisablePolySharp>
     <SignAssembly>false</SignAssembly>
     <PublicSign>false</PublicSign>
+    <IncludeInternalExtensions>false</IncludeInternalExtensions>
   </PropertyGroup>
 
   <PropertyGroup>

src/OpenIddict.MongoDb/Stores/OpenIddictMongoDbApplicationStore.cs

@@ -323,7 +323,7 @@ public class OpenIddictMongoDbApplicationStore<TApplication> : IOpenIddictApplic
 
         if (application.Permissions is not { Count: > 0 })
         {
-            return new(ImmutableArray.Create<string>());
+            return new([]);
         }
 
         return new(application.Permissions.ToImmutableArray());
@@ -340,7 +340,7 @@ public class OpenIddictMongoDbApplicationStore<TApplication> : IOpenIddictApplic
 
         if (application.PostLogoutRedirectUris is not { Count: > 0 })
         {
-            return new(ImmutableArray.Create<string>());
+            return new([]);
         }
 
         return new(application.PostLogoutRedirectUris.ToImmutableArray());
@@ -381,7 +381,7 @@ public class OpenIddictMongoDbApplicationStore<TApplication> : IOpenIddictApplic
 
         if (application.RedirectUris is not { Count: > 0 })
         {
-            return new(ImmutableArray.Create<string>());
+            return new([]);
         }
 
         return new(application.RedirectUris.ToImmutableArray());
@@ -397,7 +397,7 @@ public class OpenIddictMongoDbApplicationStore<TApplication> : IOpenIddictApplic
 
         if (application.Requirements is not { Count: > 0 })
         {
-            return new(ImmutableArray.Create<string>());
+            return new([]);
         }
 
         return new(application.Requirements.ToImmutableArray());

src/OpenIddict.MongoDb/Stores/OpenIddictMongoDbAuthorizationStore.cs

@@ -414,7 +414,7 @@ public class OpenIddictMongoDbAuthorizationStore<TAuthorization> : IOpenIddictAu
 
         if (authorization.Scopes is not { Count: > 0 })
         {
-            return new(ImmutableArray.Create<string>());
+            return new([]);
         }
 
         return new(authorization.Scopes.ToImmutableArray());
@@ -549,7 +549,7 @@ public class OpenIddictMongoDbAuthorizationStore<TAuthorization> : IOpenIddictAu
 
             foreach (var element in source)
             {
-                buffer ??= new List<TSource>(capacity: 1);
+                buffer ??= [];
                 buffer.Add(element);
 
                 if (buffer.Count == count)

src/OpenIddict.MongoDb/Stores/OpenIddictMongoDbScopeStore.cs

@@ -302,7 +302,7 @@ public class OpenIddictMongoDbScopeStore<TScope> : IOpenIddictScopeStore<TScope>
 
         if (scope.Resources is not { Count: > 0 })
         {
-            return new(ImmutableArray.Create<string>());
+            return new([]);
         }
 
         return new(scope.Resources.ToImmutableArray());

src/OpenIddict.MongoDb/Stores/OpenIddictMongoDbTokenStore.cs

@@ -586,7 +586,7 @@ public class OpenIddictMongoDbTokenStore<TToken> : IOpenIddictTokenStore<TToken>
 
             foreach (var element in source)
             {
-                buffer ??= new List<TSource>(capacity: 1);
+                buffer ??= [];
                 buffer.Add(element);
 
                 if (buffer.Count == count)

src/OpenIddict.Owin/OpenIddict.Owin.csproj

@@ -4,6 +4,7 @@
     <TargetFrameworks>$(NetFrameworkTargetFrameworks)</TargetFrameworks>
     <IncludeBuildOutput>false</IncludeBuildOutput>
     <IncludeSymbols>false</IncludeSymbols>
+    <IncludeInternalExtensions>false</IncludeInternalExtensions>
   </PropertyGroup>
 
   <PropertyGroup>

src/OpenIddict.Quartz/OpenIddict.Quartz.csproj

@@ -21,10 +21,6 @@
     <PackageReference Include="Quartz.Extensions.DependencyInjection" />
   </ItemGroup>
 
-  <ItemGroup>
-    <Compile Include="..\..\shared\OpenIddict.Extensions\*\*.cs" />
-  </ItemGroup>
-
   <ItemGroup>
     <Using Include="OpenIddict.Abstractions" />
     <Using Include="OpenIddict.Abstractions.OpenIddictConstants" Static="true" />

src/OpenIddict.Quartz/OpenIddictQuartzJob.cs

@@ -66,19 +66,13 @@ public sealed class OpenIddictQuartzJob : IJob
 
             if (!_options.CurrentValue.DisableTokenPruning)
             {
-                var manager = scope.ServiceProvider.GetService<IOpenIddictTokenManager>();
-                if (manager is null)
-                {
-                    // Inform Quartz.NET that the triggers associated with this job should be removed,
-                    // as the future invocations will always fail until the application is correctly
-                    // re-configured to register the OpenIddict core services in the DI container.
+                var manager = scope.ServiceProvider.GetService<IOpenIddictTokenManager>() ??
                     throw new JobExecutionException(new InvalidOperationException(SR.GetResourceString(SR.ID0278)))
                     {
                         RefireImmediately = false,
                         UnscheduleAllTriggers = true,
                         UnscheduleFiringTrigger = true
                     };
-                }
 
                 var threshold = DateTimeOffset.UtcNow - _options.CurrentValue.MinimumTokenLifespan;
 
@@ -102,7 +96,7 @@ public sealed class OpenIddictQuartzJob : IJob
                 // occurred while trying to prune the entities. In this case, add the inner exceptions to the collection.
                 catch (AggregateException exception) when (!OpenIddictHelpers.IsFatal(exception))
                 {
-                    exceptions ??= new List<Exception>(capacity: exception.InnerExceptions.Count);
+                    exceptions ??= [];
                     exceptions.AddRange(exception.InnerExceptions);
                 }
 
@@ -110,26 +104,20 @@ public sealed class OpenIddictQuartzJob : IJob
                 // to be re-thrown later (typically, at the very end of this job, as an AggregateException).
                 catch (Exception exception) when (!OpenIddictHelpers.IsFatal(exception))
                 {
-                    exceptions ??= new List<Exception>(capacity: 1);
+                    exceptions ??= [];
                     exceptions.Add(exception);
                 }
             }
 
             if (!_options.CurrentValue.DisableAuthorizationPruning)
             {
-                var manager = scope.ServiceProvider.GetService<IOpenIddictAuthorizationManager>();
-                if (manager is null)
-                {
-                    // Inform Quartz.NET that the triggers associated with this job should be removed,
-                    // as the future invocations will always fail until the application is correctly
-                    // re-configured to register the OpenIddict core services in the DI container.
+                var manager = scope.ServiceProvider.GetService<IOpenIddictAuthorizationManager>() ??
                     throw new JobExecutionException(new InvalidOperationException(SR.GetResourceString(SR.ID0278)))
                     {
                         RefireImmediately = false,
                         UnscheduleAllTriggers = true,
                         UnscheduleFiringTrigger = true
                     };
-                }
 
                 var threshold = DateTimeOffset.UtcNow - _options.CurrentValue.MinimumAuthorizationLifespan;
 
@@ -153,7 +141,7 @@ public sealed class OpenIddictQuartzJob : IJob
                 // occurred while trying to prune the entities. In this case, add the inner exceptions to the collection.
                 catch (AggregateException exception) when (!OpenIddictHelpers.IsFatal(exception))
                 {
-                    exceptions ??= new List<Exception>(capacity: exception.InnerExceptions.Count);
+                    exceptions ??= [];
                     exceptions.AddRange(exception.InnerExceptions);
                 }
 
@@ -161,7 +149,7 @@ public sealed class OpenIddictQuartzJob : IJob
                 // to be re-thrown later (typically, at the very end of this job, as an AggregateException).
                 catch (Exception exception) when (!OpenIddictHelpers.IsFatal(exception))
                 {
-                    exceptions ??= new List<Exception>(capacity: 1);
+                    exceptions ??= [];
                     exceptions.Add(exception);
                 }
             }

src/OpenIddict.Server.AspNetCore/OpenIddict.Server.AspNetCore.csproj

@@ -27,10 +27,6 @@
     <PackageReference Include="Microsoft.Extensions.Caching.Abstractions" />
   </ItemGroup>
 
-  <ItemGroup>
-    <Compile Include="..\..\shared\OpenIddict.Extensions\*\*.cs" />
-  </ItemGroup>
-
   <ItemGroup>
     <Using Include="Microsoft.AspNetCore.Authentication" />
     <Using Include="Microsoft.AspNetCore.Http" />

src/OpenIddict.Server.AspNetCore/OpenIddictServerAspNetCoreHandlers.Authentication.cs

@@ -28,7 +28,7 @@ public static partial class OpenIddictServerAspNetCoreHandlers
 {
     public static class Authentication
     {
-        public static ImmutableArray<OpenIddictServerHandlerDescriptor> DefaultHandlers { get; } = ImmutableArray.Create(
+        public static ImmutableArray<OpenIddictServerHandlerDescriptor> DefaultHandlers { get; } = [
             /*
              * Authorization request extraction:
              */
@@ -52,7 +52,8 @@ public static partial class OpenIddictServerAspNetCoreHandlers
             ProcessFragmentResponse.Descriptor,
             ProcessPassthroughErrorResponse<ApplyAuthorizationResponseContext, RequireAuthorizationEndpointPassthroughEnabled>.Descriptor,
             ProcessStatusCodePagesErrorResponse<ApplyAuthorizationResponseContext>.Descriptor,
-            ProcessLocalErrorResponse<ApplyAuthorizationResponseContext>.Descriptor);
+            ProcessLocalErrorResponse<ApplyAuthorizationResponseContext>.Descriptor
+        ];
 
         /// <summary>
         /// Contains the logic responsible for restoring cached requests from the request_id, if specified.
@@ -115,7 +116,7 @@ public static partial class OpenIddictServerAspNetCoreHandlers
                 var parameters = context.Options.TokenValidationParameters.Clone();
                 parameters.ValidIssuer ??= (context.Options.Issuer ?? context.BaseUri)?.AbsoluteUri;
                 parameters.ValidAudience ??= parameters.ValidIssuer;
-                parameters.ValidTypes = new[] { JsonWebTokenTypes.Private.AuthorizationRequest };
+                parameters.ValidTypes = [JsonWebTokenTypes.Private.AuthorizationRequest];
 
                 var result = await context.Options.JsonWebTokenHandler.ValidateTokenAsync(token, parameters);
                 if (!result.IsValid)
@@ -196,11 +197,8 @@ public static partial class OpenIddictServerAspNetCoreHandlers
 
                 // This handler only applies to ASP.NET Core requests. If the HTTP context cannot be resolved,
                 // this may indicate that the request was incorrectly processed by another server stack.
-                var request = context.Transaction.GetHttpRequest();
-                if (request is null)
-                {
+                var request = context.Transaction.GetHttpRequest() ??
                     throw new InvalidOperationException(SR.GetResourceString(SR.ID0114));
-                }
 
                 // Don't cache the request if the request doesn't include any parameter.
                 // If a request_id parameter can be found in the authorization request,

src/OpenIddict.Server.AspNetCore/OpenIddictServerAspNetCoreHandlers.Device.cs

@@ -14,7 +14,7 @@ public static partial class OpenIddictServerAspNetCoreHandlers
 {
     public static class Device
     {
-        public static ImmutableArray<OpenIddictServerHandlerDescriptor> DefaultHandlers { get; } = ImmutableArray.Create(
+        public static ImmutableArray<OpenIddictServerHandlerDescriptor> DefaultHandlers { get; } = [
             /*
              * Device request extraction:
              */
@@ -49,7 +49,8 @@ public static partial class OpenIddictServerAspNetCoreHandlers
             ProcessPassthroughErrorResponse<ApplyVerificationResponseContext, RequireVerificationEndpointPassthroughEnabled>.Descriptor,
             ProcessStatusCodePagesErrorResponse<ApplyVerificationResponseContext>.Descriptor,
             ProcessLocalErrorResponse<ApplyVerificationResponseContext>.Descriptor,
-            ProcessEmptyResponse<ApplyVerificationResponseContext>.Descriptor);
+            ProcessEmptyResponse<ApplyVerificationResponseContext>.Descriptor
+        ];
     }
 
     /// <summary>

src/OpenIddict.Server.AspNetCore/OpenIddictServerAspNetCoreHandlers.Discovery.cs

@@ -12,7 +12,7 @@ public static partial class OpenIddictServerAspNetCoreHandlers
 {
     public static class Discovery
     {
-        public static ImmutableArray<OpenIddictServerHandlerDescriptor> DefaultHandlers { get; } = ImmutableArray.Create(
+        public static ImmutableArray<OpenIddictServerHandlerDescriptor> DefaultHandlers { get; } = [
             /*
              * Configuration request extraction:
              */
@@ -35,6 +35,7 @@ public static partial class OpenIddictServerAspNetCoreHandlers
              */
             AttachHttpResponseCode<ApplyCryptographyResponseContext>.Descriptor,
             AttachWwwAuthenticateHeader<ApplyCryptographyResponseContext>.Descriptor,
-            ProcessJsonResponse<ApplyCryptographyResponseContext>.Descriptor);
+            ProcessJsonResponse<ApplyCryptographyResponseContext>.Descriptor
+        ];
     }
 }

src/OpenIddict.Server.AspNetCore/OpenIddictServerAspNetCoreHandlers.Exchange.cs

@@ -12,7 +12,7 @@ public static partial class OpenIddictServerAspNetCoreHandlers
 {
     public static class Exchange
     {
-        public static ImmutableArray<OpenIddictServerHandlerDescriptor> DefaultHandlers { get; } = ImmutableArray.Create(
+        public static ImmutableArray<OpenIddictServerHandlerDescriptor> DefaultHandlers { get; } = [
             /*
              * Token request extraction:
              */
@@ -31,6 +31,7 @@ public static partial class OpenIddictServerAspNetCoreHandlers
             AttachHttpResponseCode<ApplyTokenResponseContext>.Descriptor,
             AttachCacheControlHeader<ApplyTokenResponseContext>.Descriptor,
             AttachWwwAuthenticateHeader<ApplyTokenResponseContext>.Descriptor,
-            ProcessJsonResponse<ApplyTokenResponseContext>.Descriptor);
+            ProcessJsonResponse<ApplyTokenResponseContext>.Descriptor
+        ];
     }
 }

src/OpenIddict.Server.AspNetCore/OpenIddictServerAspNetCoreHandlers.Introspection.cs

@@ -12,7 +12,7 @@ public static partial class OpenIddictServerAspNetCoreHandlers
 {
     public static class Introspection
     {
-        public static ImmutableArray<OpenIddictServerHandlerDescriptor> DefaultHandlers { get; } = ImmutableArray.Create(
+        public static ImmutableArray<OpenIddictServerHandlerDescriptor> DefaultHandlers { get; } = [
             /*
              * Introspection request extraction:
              */
@@ -25,6 +25,7 @@ public static partial class OpenIddictServerAspNetCoreHandlers
              */
             AttachHttpResponseCode<ApplyIntrospectionResponseContext>.Descriptor,
             AttachWwwAuthenticateHeader<ApplyIntrospectionResponseContext>.Descriptor,
-            ProcessJsonResponse<ApplyIntrospectionResponseContext>.Descriptor);
+            ProcessJsonResponse<ApplyIntrospectionResponseContext>.Descriptor
+        ];
     }
 }

src/OpenIddict.Server.AspNetCore/OpenIddictServerAspNetCoreHandlers.Revocation.cs

@@ -12,7 +12,7 @@ public static partial class OpenIddictServerAspNetCoreHandlers
 {
     public static class Revocation
     {
-        public static ImmutableArray<OpenIddictServerHandlerDescriptor> DefaultHandlers { get; } = ImmutableArray.Create(
+        public static ImmutableArray<OpenIddictServerHandlerDescriptor> DefaultHandlers { get; } = [
             /*
              * Revocation request extraction:
              */
@@ -26,6 +26,7 @@ public static partial class OpenIddictServerAspNetCoreHandlers
             AttachHttpResponseCode<ApplyRevocationResponseContext>.Descriptor,
             AttachCacheControlHeader<ApplyRevocationResponseContext>.Descriptor,
             AttachWwwAuthenticateHeader<ApplyRevocationResponseContext>.Descriptor,
-            ProcessJsonResponse<ApplyRevocationResponseContext>.Descriptor);
+            ProcessJsonResponse<ApplyRevocationResponseContext>.Descriptor
+        ];
     }
 }

src/OpenIddict.Server.AspNetCore/OpenIddictServerAspNetCoreHandlers.Session.cs

@@ -25,7 +25,7 @@ public static partial class OpenIddictServerAspNetCoreHandlers
 {
     public static class Session
     {
-        public static ImmutableArray<OpenIddictServerHandlerDescriptor> DefaultHandlers { get; } = ImmutableArray.Create(
+        public static ImmutableArray<OpenIddictServerHandlerDescriptor> DefaultHandlers { get; } = [
             /*
              * Logout request extraction:
              */
@@ -49,7 +49,8 @@ public static partial class OpenIddictServerAspNetCoreHandlers
             ProcessStatusCodePagesErrorResponse<ApplyLogoutResponseContext>.Descriptor,
             ProcessLocalErrorResponse<ApplyLogoutResponseContext>.Descriptor,
             ProcessQueryResponse.Descriptor,
-            ProcessEmptyResponse<ApplyLogoutResponseContext>.Descriptor);
+            ProcessEmptyResponse<ApplyLogoutResponseContext>.Descriptor
+        ];
 
         /// <summary>
         /// Contains the logic responsible for restoring cached requests from the request_id, if specified.
@@ -112,7 +113,7 @@ public static partial class OpenIddictServerAspNetCoreHandlers
                 var parameters = context.Options.TokenValidationParameters.Clone();
                 parameters.ValidIssuer ??= (context.Options.Issuer ?? context.BaseUri)?.AbsoluteUri;
                 parameters.ValidAudience ??= parameters.ValidIssuer;
-                parameters.ValidTypes = new[] { JsonWebTokenTypes.Private.LogoutRequest };
+                parameters.ValidTypes = [JsonWebTokenTypes.Private.LogoutRequest];
 
                 var result = await context.Options.JsonWebTokenHandler.ValidateTokenAsync(token, parameters);
                 if (!result.IsValid)
@@ -193,11 +194,8 @@ public static partial class OpenIddictServerAspNetCoreHandlers
 
                 // This handler only applies to ASP.NET Core requests. If the HTTP context cannot be resolved,
                 // this may indicate that the request was incorrectly processed by another server stack.
-                var request = context.Transaction.GetHttpRequest();
-                if (request is null)
-                {
+                var request = context.Transaction.GetHttpRequest() ??
                     throw new InvalidOperationException(SR.GetResourceString(SR.ID0114));
-                }
 
                 // Don't cache the request if the request doesn't include any parameter.
                 // If a request_id parameter can be found in the logout request,

src/OpenIddict.Server.AspNetCore/OpenIddictServerAspNetCoreHandlers.Userinfo.cs

@@ -12,7 +12,7 @@ public static partial class OpenIddictServerAspNetCoreHandlers
 {
     public static class Userinfo
     {
-        public static ImmutableArray<OpenIddictServerHandlerDescriptor> DefaultHandlers { get; } = ImmutableArray.Create(
+        public static ImmutableArray<OpenIddictServerHandlerDescriptor> DefaultHandlers { get; } = [
             /*
              * Userinfo request extraction:
              */
@@ -30,6 +30,7 @@ public static partial class OpenIddictServerAspNetCoreHandlers
             AttachHttpResponseCode<ApplyUserinfoResponseContext>.Descriptor,
             AttachWwwAuthenticateHeader<ApplyUserinfoResponseContext>.Descriptor,
             ProcessChallengeErrorResponse<ApplyUserinfoResponseContext>.Descriptor,
-            ProcessJsonResponse<ApplyUserinfoResponseContext>.Descriptor);
+            ProcessJsonResponse<ApplyUserinfoResponseContext>.Descriptor
+        ];
     }
 }

src/OpenIddict.Server.AspNetCore/OpenIddictServerAspNetCoreHandlers.cs

@@ -28,7 +28,7 @@ namespace OpenIddict.Server.AspNetCore;
 [EditorBrowsable(EditorBrowsableState.Never)]
 public static partial class OpenIddictServerAspNetCoreHandlers
 {
-    public static ImmutableArray<OpenIddictServerHandlerDescriptor> DefaultHandlers { get; } = ImmutableArray.Create(
+    public static ImmutableArray<OpenIddictServerHandlerDescriptor> DefaultHandlers { get; } = [
         /*
          * Top-level request processing:
          */
@@ -50,15 +50,17 @@ public static partial class OpenIddictServerAspNetCoreHandlers
         /*
          * Sign-out processing:
          */
-        ResolveHostSignOutProperties.Descriptor)
-        .AddRange(Authentication.DefaultHandlers)
-        .AddRange(Device.DefaultHandlers)
-        .AddRange(Discovery.DefaultHandlers)
-        .AddRange(Exchange.DefaultHandlers)
-        .AddRange(Introspection.DefaultHandlers)
-        .AddRange(Revocation.DefaultHandlers)
-        .AddRange(Session.DefaultHandlers)
-        .AddRange(Userinfo.DefaultHandlers);
+        ResolveHostSignOutProperties.Descriptor,
+
+        ..Authentication.DefaultHandlers,
+        ..Device.DefaultHandlers,
+        ..Discovery.DefaultHandlers,
+        ..Exchange.DefaultHandlers,
+        ..Introspection.DefaultHandlers,
+        ..Revocation.DefaultHandlers,
+        ..Session.DefaultHandlers,
+        ..Userinfo.DefaultHandlers
+    ];
 
     /// <summary>
     /// Contains the logic responsible for resolving the request URI from the ASP.NET Core environment.

src/OpenIddict.Server.DataProtection/OpenIddict.Server.DataProtection.csproj

@@ -29,10 +29,6 @@
     <PackageReference Include="Microsoft.AspNetCore.DataProtection" />
   </ItemGroup>
 
-  <ItemGroup>
-    <Compile Include="..\..\shared\OpenIddict.Extensions\*\*.cs" />
-  </ItemGroup>
-
   <ItemGroup>
     <Using Include="OpenIddict.Abstractions" />
     <Using Include="OpenIddict.Abstractions.OpenIddictConstants" Static="true" />

src/OpenIddict.Server.DataProtection/OpenIddictServerDataProtectionHandlers.Protection.cs

@@ -21,7 +21,7 @@ public static partial class OpenIddictServerDataProtectionHandlers
 {
     public static class Protection
     {
-        public static ImmutableArray<OpenIddictServerHandlerDescriptor> DefaultHandlers { get; } = ImmutableArray.Create(
+        public static ImmutableArray<OpenIddictServerHandlerDescriptor> DefaultHandlers { get; } = [
             /*
              * Token validation:
              */
@@ -31,7 +31,8 @@ public static partial class OpenIddictServerDataProtectionHandlers
              * Token generation:
              */
             OverrideGeneratedTokenFormat.Descriptor,
-            GenerateDataProtectionToken.Descriptor);
+            GenerateDataProtectionToken.Descriptor
+        ];
 
         /// <summary>
         /// Contains the logic responsible for validating tokens generated using Data Protection.
@@ -209,29 +210,29 @@ public static partial class OpenIddictServerDataProtectionHandlers
                         (type, context.IsReferenceToken) switch
                         {
                             (TokenTypeHints.AccessToken, true)
-                                => new[] { Handlers.Server, Formats.AccessToken, Features.ReferenceTokens, Schemes.Server },
+                                => [Handlers.Server, Formats.AccessToken, Features.ReferenceTokens, Schemes.Server],
                             (TokenTypeHints.AccessToken, false)
-                                => new[] { Handlers.Server, Formats.AccessToken, Schemes.Server },
+                                => [Handlers.Server, Formats.AccessToken, Schemes.Server],
 
                             (TokenTypeHints.AuthorizationCode, true)
-                                => new[] { Handlers.Server, Formats.AuthorizationCode, Features.ReferenceTokens, Schemes.Server },
+                                => [Handlers.Server, Formats.AuthorizationCode, Features.ReferenceTokens, Schemes.Server],
                             (TokenTypeHints.AuthorizationCode, false)
-                                => new[] { Handlers.Server, Formats.AuthorizationCode, Schemes.Server },
+                                => [Handlers.Server, Formats.AuthorizationCode, Schemes.Server],
 
                             (TokenTypeHints.DeviceCode, true)
-                                => new[] { Handlers.Server, Formats.DeviceCode, Features.ReferenceTokens, Schemes.Server },
+                                => [Handlers.Server, Formats.DeviceCode, Features.ReferenceTokens, Schemes.Server],
                             (TokenTypeHints.DeviceCode, false)
-                                => new[] { Handlers.Server, Formats.DeviceCode, Schemes.Server },
+                                => [Handlers.Server, Formats.DeviceCode, Schemes.Server],
 
                             (TokenTypeHints.RefreshToken, true)
-                                => new[] { Handlers.Server, Formats.RefreshToken, Features.ReferenceTokens, Schemes.Server },
+                                => [Handlers.Server, Formats.RefreshToken, Features.ReferenceTokens, Schemes.Server],
                             (TokenTypeHints.RefreshToken, false)
-                                => new[] { Handlers.Server, Formats.RefreshToken, Schemes.Server },
+                                => [Handlers.Server, Formats.RefreshToken, Schemes.Server],
 
                             (TokenTypeHints.UserCode, true)
-                                => new[] { Handlers.Server, Formats.UserCode, Features.ReferenceTokens, Schemes.Server },
+                                => [Handlers.Server, Formats.UserCode, Features.ReferenceTokens, Schemes.Server],
                             (TokenTypeHints.UserCode, false)
-                                => new[] { Handlers.Server, Formats.UserCode, Schemes.Server },
+                                => [Handlers.Server, Formats.UserCode, Schemes.Server],
 
                             _ => throw new InvalidOperationException(SR.GetResourceString(SR.ID0003))
                         });
@@ -357,29 +358,29 @@ public static partial class OpenIddictServerDataProtectionHandlers
                     (context.TokenType, context.IsReferenceToken) switch
                     {
                         (TokenTypeHints.AccessToken, true)
-                            => new[] { Handlers.Server, Formats.AccessToken, Features.ReferenceTokens, Schemes.Server },
+                            => [Handlers.Server, Formats.AccessToken, Features.ReferenceTokens, Schemes.Server],
                         (TokenTypeHints.AccessToken, false)
-                            => new[] { Handlers.Server, Formats.AccessToken, Schemes.Server },
+                            => [Handlers.Server, Formats.AccessToken, Schemes.Server],
 
                         (TokenTypeHints.AuthorizationCode, true)
-                            => new[] { Handlers.Server, Formats.AuthorizationCode, Features.ReferenceTokens, Schemes.Server },
+                            => [Handlers.Server, Formats.AuthorizationCode, Features.ReferenceTokens, Schemes.Server],
                         (TokenTypeHints.AuthorizationCode, false)
-                            => new[] { Handlers.Server, Formats.AuthorizationCode, Schemes.Server },
+                            => [Handlers.Server, Formats.AuthorizationCode, Schemes.Server],
 
                         (TokenTypeHints.DeviceCode, true)
-                            => new[] { Handlers.Server, Formats.DeviceCode, Features.ReferenceTokens, Schemes.Server },
+                            => [Handlers.Server, Formats.DeviceCode, Features.ReferenceTokens, Schemes.Server],
                         (TokenTypeHints.DeviceCode, false)
-                            => new[] { Handlers.Server, Formats.DeviceCode, Schemes.Server },
+                            => [Handlers.Server, Formats.DeviceCode, Schemes.Server],
 
                         (TokenTypeHints.RefreshToken, true)
-                            => new[] { Handlers.Server, Formats.RefreshToken, Features.ReferenceTokens, Schemes.Server },
+                            => [Handlers.Server, Formats.RefreshToken, Features.ReferenceTokens, Schemes.Server],
                         (TokenTypeHints.RefreshToken, false)
-                            => new[] { Handlers.Server, Formats.RefreshToken, Schemes.Server },
+                            => [Handlers.Server, Formats.RefreshToken, Schemes.Server],
 
                         (TokenTypeHints.UserCode, true)
-                            => new[] { Handlers.Server, Formats.UserCode, Features.ReferenceTokens, Schemes.Server },
+                            => [Handlers.Server, Formats.UserCode, Features.ReferenceTokens, Schemes.Server],
                         (TokenTypeHints.UserCode, false)
-                            => new[] { Handlers.Server, Formats.UserCode, Schemes.Server },
+                            => [Handlers.Server, Formats.UserCode, Schemes.Server],
 
                         _ => throw new InvalidOperationException(SR.GetResourceString(SR.ID0003))
                     });

src/OpenIddict.Server.DataProtection/OpenIddictServerDataProtectionHandlers.cs

@@ -13,5 +13,5 @@ namespace OpenIddict.Server.DataProtection;
 public static partial class OpenIddictServerDataProtectionHandlers
 {
     public static ImmutableArray<OpenIddictServerHandlerDescriptor> DefaultHandlers { get; }
-        = ImmutableArray.CreateRange(Protection.DefaultHandlers);
+        = [..Protection.DefaultHandlers];
 }

src/OpenIddict.Server.Owin/OpenIddict.Server.Owin.csproj

@@ -19,10 +19,6 @@
     <PackageReference Include="Microsoft.Owin.Security" />
   </ItemGroup>
 
-  <ItemGroup>
-    <Compile Include="..\..\shared\OpenIddict.Extensions\*\*.cs" />
-  </ItemGroup>
-
   <ItemGroup>
     <Using Include="Microsoft.Owin" />
     <Using Include="Microsoft.Owin.Infrastructure" />

src/OpenIddict.Server.Owin/OpenIddictServerOwinHandlers.Authentication.cs

@@ -26,7 +26,7 @@ public static partial class OpenIddictServerOwinHandlers
 {
     public static class Authentication
     {
-        public static ImmutableArray<OpenIddictServerHandlerDescriptor> DefaultHandlers { get; } = ImmutableArray.Create(
+        public static ImmutableArray<OpenIddictServerHandlerDescriptor> DefaultHandlers { get; } = [
             /*
              * Authorization request extraction:
              */
@@ -51,7 +51,8 @@ public static partial class OpenIddictServerOwinHandlers
             ProcessQueryResponse.Descriptor,
             ProcessFragmentResponse.Descriptor,
             ProcessPassthroughErrorResponse<ApplyAuthorizationResponseContext, RequireAuthorizationEndpointPassthroughEnabled>.Descriptor,
-            ProcessLocalErrorResponse<ApplyAuthorizationResponseContext>.Descriptor);
+            ProcessLocalErrorResponse<ApplyAuthorizationResponseContext>.Descriptor
+        ];
 
         /// <summary>
         /// Contains the logic responsible for restoring cached requests from the request_id, if specified.
@@ -114,7 +115,7 @@ public static partial class OpenIddictServerOwinHandlers
                 var parameters = context.Options.TokenValidationParameters.Clone();
                 parameters.ValidIssuer ??= (context.Options.Issuer ?? context.BaseUri)?.AbsoluteUri;
                 parameters.ValidAudience ??= parameters.ValidIssuer;
-                parameters.ValidTypes = new[] { JsonWebTokenTypes.Private.AuthorizationRequest };
+                parameters.ValidTypes = [JsonWebTokenTypes.Private.AuthorizationRequest];
 
                 var result = await context.Options.JsonWebTokenHandler.ValidateTokenAsync(token, parameters);
                 if (!result.IsValid)
@@ -338,11 +339,8 @@ public static partial class OpenIddictServerOwinHandlers
 
                 // This handler only applies to OWIN requests. If The OWIN request cannot be resolved,
                 // this may indicate that the request was incorrectly processed by another server stack.
-                var response = context.Transaction.GetOwinRequest()?.Context.Response;
-                if (response is null)
-                {
+                var response = context.Transaction.GetOwinRequest()?.Context.Response ??
                     throw new InvalidOperationException(SR.GetResourceString(SR.ID0120));
-                }
 
                 if (string.IsNullOrEmpty(context.RedirectUri) ||
                    !string.Equals(context.ResponseMode, ResponseModes.FormPost, StringComparison.Ordinal))
@@ -427,11 +425,8 @@ public static partial class OpenIddictServerOwinHandlers
 
                 // This handler only applies to OWIN requests. If The OWIN request cannot be resolved,
                 // this may indicate that the request was incorrectly processed by another server stack.
-                var response = context.Transaction.GetOwinRequest()?.Context.Response;
-                if (response is null)
-                {
+                var response = context.Transaction.GetOwinRequest()?.Context.Response ??
                     throw new InvalidOperationException(SR.GetResourceString(SR.ID0120));
-                }
 
                 if (string.IsNullOrEmpty(context.RedirectUri) ||
                    !string.Equals(context.ResponseMode, ResponseModes.Query, StringComparison.Ordinal))
@@ -491,11 +486,8 @@ public static partial class OpenIddictServerOwinHandlers
 
                 // This handler only applies to OWIN requests. If The OWIN request cannot be resolved,
                 // this may indicate that the request was incorrectly processed by another server stack.
-                var response = context.Transaction.GetOwinRequest()?.Context.Response;
-                if (response is null)
-                {
+                var response = context.Transaction.GetOwinRequest()?.Context.Response ??
                     throw new InvalidOperationException(SR.GetResourceString(SR.ID0120));
-                }
 
                 if (string.IsNullOrEmpty(context.RedirectUri) ||
                    !string.Equals(context.ResponseMode, ResponseModes.Fragment, StringComparison.Ordinal))

src/OpenIddict.Server.Owin/OpenIddictServerOwinHandlers.Device.cs

@@ -14,7 +14,7 @@ public static partial class OpenIddictServerOwinHandlers
 {
     public static class Device
     {
-        public static ImmutableArray<OpenIddictServerHandlerDescriptor> DefaultHandlers { get; } = ImmutableArray.Create(
+        public static ImmutableArray<OpenIddictServerHandlerDescriptor> DefaultHandlers { get; } = [
             /*
              * Device request extraction:
              */
@@ -52,7 +52,8 @@ public static partial class OpenIddictServerOwinHandlers
             ProcessHostRedirectionResponse.Descriptor,
             ProcessPassthroughErrorResponse<ApplyVerificationResponseContext, RequireVerificationEndpointPassthroughEnabled>.Descriptor,
             ProcessLocalErrorResponse<ApplyVerificationResponseContext>.Descriptor,
-            ProcessEmptyResponse<ApplyVerificationResponseContext>.Descriptor);
+            ProcessEmptyResponse<ApplyVerificationResponseContext>.Descriptor
+        ];
     }
 
     /// <summary>

src/OpenIddict.Server.Owin/OpenIddictServerOwinHandlers.Discovery.cs

@@ -12,7 +12,7 @@ public static partial class OpenIddictServerOwinHandlers
 {
     public static class Discovery
     {
-        public static ImmutableArray<OpenIddictServerHandlerDescriptor> DefaultHandlers { get; } = ImmutableArray.Create(
+        public static ImmutableArray<OpenIddictServerHandlerDescriptor> DefaultHandlers { get; } = [
             /*
              * Configuration request extraction:
              */
@@ -39,6 +39,7 @@ public static partial class OpenIddictServerOwinHandlers
             AttachOwinResponseChallenge<ApplyCryptographyResponseContext>.Descriptor,
             SuppressFormsAuthenticationRedirect<ApplyCryptographyResponseContext>.Descriptor,
             AttachWwwAuthenticateHeader<ApplyCryptographyResponseContext>.Descriptor,
-            ProcessJsonResponse<ApplyCryptographyResponseContext>.Descriptor);
+            ProcessJsonResponse<ApplyCryptographyResponseContext>.Descriptor
+        ];
     }
 }

src/OpenIddict.Server.Owin/OpenIddictServerOwinHandlers.Exchange.cs

@@ -12,7 +12,7 @@ public static partial class OpenIddictServerOwinHandlers
 {
     public static class Exchange
     {
-        public static ImmutableArray<OpenIddictServerHandlerDescriptor> DefaultHandlers { get; } = ImmutableArray.Create(
+        public static ImmutableArray<OpenIddictServerHandlerDescriptor> DefaultHandlers { get; } = [
             /*
              * Token request extraction:
              */
@@ -33,6 +33,7 @@ public static partial class OpenIddictServerOwinHandlers
             SuppressFormsAuthenticationRedirect<ApplyTokenResponseContext>.Descriptor,
             AttachCacheControlHeader<ApplyTokenResponseContext>.Descriptor,
             AttachWwwAuthenticateHeader<ApplyTokenResponseContext>.Descriptor,
-            ProcessJsonResponse<ApplyTokenResponseContext>.Descriptor);
+            ProcessJsonResponse<ApplyTokenResponseContext>.Descriptor
+        ];
     }
 }

src/OpenIddict.Server.Owin/OpenIddictServerOwinHandlers.Introspection.cs

@@ -12,7 +12,7 @@ public static partial class OpenIddictServerOwinHandlers
 {
     public static class Introspection
     {
-        public static ImmutableArray<OpenIddictServerHandlerDescriptor> DefaultHandlers { get; } = ImmutableArray.Create(
+        public static ImmutableArray<OpenIddictServerHandlerDescriptor> DefaultHandlers { get; } = [
             /*
              * Introspection request extraction:
              */
@@ -27,6 +27,7 @@ public static partial class OpenIddictServerOwinHandlers
             AttachOwinResponseChallenge<ApplyIntrospectionResponseContext>.Descriptor,
             SuppressFormsAuthenticationRedirect<ApplyIntrospectionResponseContext>.Descriptor,
             AttachWwwAuthenticateHeader<ApplyIntrospectionResponseContext>.Descriptor,
-            ProcessJsonResponse<ApplyIntrospectionResponseContext>.Descriptor);
+            ProcessJsonResponse<ApplyIntrospectionResponseContext>.Descriptor
+        ];
     }
 }