Fix the ASP.NET Core/OWIN InferEndpointType handler to correctly compare absolute URLs

src/OpenIddict.Server.AspNetCore/OpenIddictServerAspNetCoreHandlers.Authentication.cs

@@ -249,7 +249,7 @@ namespace OpenIddict.Server.AspNetCore
 
                     // Create a new GET authorization request containing only the request_id parameter.
                     var address = QueryHelpers.AddQueryString(
-                        uri: request.Scheme + "://" + request.Host + request.PathBase + request.Path,
+                        uri: request.Scheme + Uri.SchemeDelimiter + request.Host + request.PathBase + request.Path,
                         name: Parameters.RequestId,
                         value: context.Request.RequestId);
 

src/OpenIddict.Server.AspNetCore/OpenIddictServerAspNetCoreHandlers.Session.cs

@@ -247,7 +247,7 @@ namespace OpenIddict.Server.AspNetCore
 
                     // Create a new GET logout request containing only the request_id parameter.
                     var address = QueryHelpers.AddQueryString(
-                        uri: request.Scheme + "://" + request.Host + request.PathBase + request.Path,
+                        uri: request.Scheme + Uri.SchemeDelimiter + request.Host + request.PathBase + request.Path,
                         name: Parameters.RequestId,
                         value: context.Request.RequestId);
 

src/OpenIddict.Server.AspNetCore/OpenIddictServerAspNetCoreHandlers.cs

@@ -127,13 +127,17 @@ namespace OpenIddict.Server.AspNetCore
                         var address = addresses[index];
                         if (address.IsAbsoluteUri)
                         {
-                            if (!string.Equals(address.Scheme, request.Scheme, StringComparison.OrdinalIgnoreCase))
+                            // If the request host is not available (e.g because HTTP/1.0 was used), ignore absolute URLs.
+                            if (!request.Host.HasValue)
                             {
                                 continue;
                             }
 
-                            var host = HostString.FromUriComponent(address);
+                            // Create a Uri instance using the request scheme and raw host and compare the two base addresses.
-                            if (host != request.Host)
+                            if (!Uri.TryCreate(request.Scheme + Uri.SchemeDelimiter + request.Host, UriKind.Absolute, out Uri? uri) ||
+                                !uri.IsWellFormedOriginalString() || uri.Port != address.Port ||
+                                !string.Equals(uri.Scheme, address.Scheme, StringComparison.OrdinalIgnoreCase) ||
+                                !string.Equals(uri.Host, address.Host, StringComparison.OrdinalIgnoreCase))
                             {
                                 continue;
                             }
@@ -219,7 +223,7 @@ namespace OpenIddict.Server.AspNetCore
                     return default;
                 }
 
-                if (!Uri.TryCreate(request.Scheme + "://" + request.Host + request.PathBase, UriKind.Absolute, out Uri? issuer) ||
+                if (!Uri.TryCreate(request.Scheme + Uri.SchemeDelimiter + request.Host + request.PathBase, UriKind.Absolute, out Uri? issuer) ||
                     !issuer.IsWellFormedOriginalString())
                 {
                     context.Reject(

src/OpenIddict.Server.Owin/OpenIddictServerOwinHandlers.Authentication.cs

@@ -243,7 +243,7 @@ namespace OpenIddict.Server.Owin
 
                     // Create a new GET authorization request containing only the request_id parameter.
                     var address = WebUtilities.AddQueryString(
-                        uri: request.Scheme + "://" + request.Host + request.PathBase + request.Path,
+                        uri: request.Scheme + Uri.SchemeDelimiter + request.Host + request.PathBase + request.Path,
                         name: Parameters.RequestId,
                         value: context.Request.RequestId);
 

src/OpenIddict.Server.Owin/OpenIddictServerOwinHandlers.Session.cs

@@ -241,7 +241,7 @@ namespace OpenIddict.Server.Owin
 
                     // Create a new GET logout request containing only the request_id parameter.
                     var address = WebUtilities.AddQueryString(
-                        uri: request.Scheme + "://" + request.Host + request.PathBase + request.Path,
+                        uri: request.Scheme + Uri.SchemeDelimiter + request.Host + request.PathBase + request.Path,
                         name: Parameters.RequestId,
                         value: context.Request.RequestId);
 

src/OpenIddict.Server.Owin/OpenIddictServerOwinHandlers.cs

@@ -116,13 +116,17 @@ namespace OpenIddict.Server.Owin
                         var address = addresses[index];
                         if (address.IsAbsoluteUri)
                         {
-                            if (!string.Equals(address.Scheme, request.Scheme, StringComparison.OrdinalIgnoreCase))
+                            // If the request host is not available (e.g because HTTP/1.0 was used), ignore absolute URLs.
+                            if (string.IsNullOrEmpty(request.Host.Value))
                             {
                                 continue;
                             }
 
-                            var host = HostString.FromUriComponent(address);
+                            // Create a Uri instance using the request scheme and raw host and compare the two base addresses.
-                            if (host != request.Host)
+                            if (!Uri.TryCreate(request.Scheme + Uri.SchemeDelimiter + request.Host, UriKind.Absolute, out Uri? uri) ||
+                                !uri.IsWellFormedOriginalString() || uri.Port != address.Port ||
+                                !string.Equals(uri.Scheme, address.Scheme, StringComparison.OrdinalIgnoreCase) ||
+                                !string.Equals(uri.Host, address.Host, StringComparison.OrdinalIgnoreCase))
                             {
                                 continue;
                             }
@@ -208,7 +212,7 @@ namespace OpenIddict.Server.Owin
                     return default;
                 }
 
-                if (!Uri.TryCreate(request.Scheme + "://" + request.Host + request.PathBase, UriKind.Absolute, out Uri? issuer) ||
+                if (!Uri.TryCreate(request.Scheme + Uri.SchemeDelimiter + request.Host + request.PathBase, UriKind.Absolute, out Uri? issuer) ||
                     !issuer.IsWellFormedOriginalString())
                 {
                     context.Reject(

src/OpenIddict.Validation.AspNetCore/OpenIddictValidationAspNetCoreHandlers.cs

@@ -115,7 +115,7 @@ namespace OpenIddict.Validation.AspNetCore
                     return default;
                 }
 
-                if (!Uri.TryCreate(request.Scheme + "://" + request.Host + request.PathBase, UriKind.Absolute, out Uri? issuer) ||
+                if (!Uri.TryCreate(request.Scheme + Uri.SchemeDelimiter + request.Host + request.PathBase, UriKind.Absolute, out Uri? issuer) ||
                     !issuer.IsWellFormedOriginalString())
                 {
                     context.Reject(

src/OpenIddict.Validation.Owin/OpenIddictValidationOwinHandlers.cs

@@ -113,7 +113,7 @@ namespace OpenIddict.Validation.Owin
                     return default;
                 }
 
-                if (!Uri.TryCreate(request.Scheme + "://" + request.Host + request.PathBase, UriKind.Absolute, out Uri? issuer) ||
+                if (!Uri.TryCreate(request.Scheme + Uri.SchemeDelimiter + request.Host + request.PathBase, UriKind.Absolute, out Uri? issuer) ||
                     !issuer.IsWellFormedOriginalString())
                 {
                     context.Reject(

test/OpenIddict.Server.AspNetCore.IntegrationTests/OpenIddictServerAspNetCoreIntegrationTests.cs

@@ -228,6 +228,30 @@ namespace OpenIddict.Server.AspNetCore.IntegrationTests
         [InlineData("/CONNECT/AUTHORIZE/SUBPATH", OpenIddictServerEndpointType.Unknown)]
         [InlineData("/connect/authorize/subpath/", OpenIddictServerEndpointType.Unknown)]
         [InlineData("/CONNECT/AUTHORIZE/SUBPATH/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("/.well-known/openid-configuration", OpenIddictServerEndpointType.Configuration)]
+        [InlineData("/.WELL-KNOWN/OPENID-CONFIGURATION", OpenIddictServerEndpointType.Configuration)]
+        [InlineData("/.well-known/openid-configuration/", OpenIddictServerEndpointType.Configuration)]
+        [InlineData("/.WELL-KNOWN/OPENID-CONFIGURATION/", OpenIddictServerEndpointType.Configuration)]
+        [InlineData("/.well-known/openid-configuration/subpath", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("/.WELL-KNOWN/OPENID-CONFIGURATION/SUBPATH", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("/.well-known/openid-configuration/subpath/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("/.WELL-KNOWN/OPENID-CONFIGURATION/SUBPATH/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("/.well-known/jwks", OpenIddictServerEndpointType.Cryptography)]
+        [InlineData("/.WELL-KNOWN/JWKS", OpenIddictServerEndpointType.Cryptography)]
+        [InlineData("/.well-known/jwks/", OpenIddictServerEndpointType.Cryptography)]
+        [InlineData("/.WELL-KNOWN/JWKS/", OpenIddictServerEndpointType.Cryptography)]
+        [InlineData("/.well-known/jwks/subpath", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("/.WELL-KNOWN/JWKS/SUBPATH", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("/.well-known/jwks/subpath/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("/.WELL-KNOWN/JWKS/SUBPATH/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("/connect/device", OpenIddictServerEndpointType.Device)]
+        [InlineData("/CONNECT/DEVICE", OpenIddictServerEndpointType.Device)]
+        [InlineData("/connect/device/", OpenIddictServerEndpointType.Device)]
+        [InlineData("/CONNECT/DEVICE/", OpenIddictServerEndpointType.Device)]
+        [InlineData("/connect/device/subpath", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("/CONNECT/DEVICE/SUBPATH", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("/connect/device/subpath/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("/CONNECT/DEVICE/SUBPATH/", OpenIddictServerEndpointType.Unknown)]
         [InlineData("/connect/introspect", OpenIddictServerEndpointType.Introspection)]
         [InlineData("/CONNECT/INTROSPECT", OpenIddictServerEndpointType.Introspection)]
         [InlineData("/connect/introspect/", OpenIddictServerEndpointType.Introspection)]
@@ -268,23 +292,15 @@ namespace OpenIddict.Server.AspNetCore.IntegrationTests
         [InlineData("/CONNECT/USERINFO/SUBPATH", OpenIddictServerEndpointType.Unknown)]
         [InlineData("/connect/userinfo/subpath/", OpenIddictServerEndpointType.Unknown)]
         [InlineData("/CONNECT/USERINFO/SUBPATH/", OpenIddictServerEndpointType.Unknown)]
-        [InlineData("/.well-known/openid-configuration", OpenIddictServerEndpointType.Configuration)]
+        [InlineData("/connect/verification", OpenIddictServerEndpointType.Verification)]
-        [InlineData("/.WELL-KNOWN/OPENID-CONFIGURATION", OpenIddictServerEndpointType.Configuration)]
+        [InlineData("/CONNECT/VERIFICATION", OpenIddictServerEndpointType.Verification)]
-        [InlineData("/.well-known/openid-configuration/", OpenIddictServerEndpointType.Configuration)]
+        [InlineData("/connect/verification/", OpenIddictServerEndpointType.Verification)]
-        [InlineData("/.WELL-KNOWN/OPENID-CONFIGURATION/", OpenIddictServerEndpointType.Configuration)]
+        [InlineData("/CONNECT/VERIFICATION/", OpenIddictServerEndpointType.Verification)]
-        [InlineData("/.well-known/openid-configuration/subpath", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("/connect/verification/subpath", OpenIddictServerEndpointType.Unknown)]
-        [InlineData("/.WELL-KNOWN/OPENID-CONFIGURATION/SUBPATH", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("/CONNECT/VERIFICATION/SUBPATH", OpenIddictServerEndpointType.Unknown)]
-        [InlineData("/.well-known/openid-configuration/subpath/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("/connect/verification/subpath/", OpenIddictServerEndpointType.Unknown)]
-        [InlineData("/.WELL-KNOWN/OPENID-CONFIGURATION/SUBPATH/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("/CONNECT/VERIFICATION/SUBPATH/", OpenIddictServerEndpointType.Unknown)]
-        [InlineData("/.well-known/jwks", OpenIddictServerEndpointType.Cryptography)]
+        public async Task ProcessRequest_MatchesCorrespondingRelativeEndpoint(string path, OpenIddictServerEndpointType type)
-        [InlineData("/.WELL-KNOWN/JWKS", OpenIddictServerEndpointType.Cryptography)]
-        [InlineData("/.well-known/jwks/", OpenIddictServerEndpointType.Cryptography)]
-        [InlineData("/.WELL-KNOWN/JWKS/", OpenIddictServerEndpointType.Cryptography)]
-        [InlineData("/.well-known/jwks/subpath", OpenIddictServerEndpointType.Unknown)]
-        [InlineData("/.WELL-KNOWN/JWKS/SUBPATH", OpenIddictServerEndpointType.Unknown)]
-        [InlineData("/.well-known/jwks/subpath/", OpenIddictServerEndpointType.Unknown)]
-        [InlineData("/.WELL-KNOWN/JWKS/SUBPATH/", OpenIddictServerEndpointType.Unknown)]
-        public async Task ProcessRequest_MatchesCorrespondingEndpoint(string path, OpenIddictServerEndpointType type)
         {
             // Arrange
             await using var server = await CreateServerAsync(options =>
@@ -294,7 +310,236 @@ namespace OpenIddict.Server.AspNetCore.IntegrationTests
                 options.AddEventHandler<HandleLogoutRequestContext>(builder =>
                     builder.UseInlineHandler(context =>
                     {
-                        context.SignOut();
+                        context.SkipRequest();
+
+                        return default;
+                    }));
+
+                options.AddEventHandler<HandleVerificationRequestContext>(builder =>
+                    builder.UseInlineHandler(context =>
+                    {
+                        context.SkipRequest();
+
+                        return default;
+                    }));
+
+                options.AddEventHandler<ProcessRequestContext>(builder =>
+                    builder.UseInlineHandler(context =>
+                    {
+                        // Assert
+                        Assert.Equal(type, context.EndpointType);
+
+                        return default;
+                    }));
+            });
+
+            await using var client = await server.CreateClientAsync();
+
+            // Act
+            await client.PostAsync(path, new OpenIddictRequest());
+        }
+
+        [Theory]
+        [InlineData("https://localhost/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost:443/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost/connect", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://LOCALHOST/CONNECT", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost/connect/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://LOCALHOST/CONNECT/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost:443/connect", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://LOCALHOST:443/CONNECT", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost:443/connect/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://LOCALHOST:443/CONNECT/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost/connect/authorize", OpenIddictServerEndpointType.Authorization)]
+        [InlineData("HTTPS://LOCALHOST/CONNECT/AUTHORIZE", OpenIddictServerEndpointType.Authorization)]
+        [InlineData("https://localhost/connect/authorize/", OpenIddictServerEndpointType.Authorization)]
+        [InlineData("HTTPS://LOCALHOST/CONNECT/AUTHORIZE/", OpenIddictServerEndpointType.Authorization)]
+        [InlineData("https://localhost:443/connect/authorize", OpenIddictServerEndpointType.Authorization)]
+        [InlineData("HTTPS://LOCALHOST:443/CONNECT/AUTHORIZE", OpenIddictServerEndpointType.Authorization)]
+        [InlineData("https://localhost:443/connect/authorize/", OpenIddictServerEndpointType.Authorization)]
+        [InlineData("HTTPS://LOCALHOST:443/CONNECT/AUTHORIZE/", OpenIddictServerEndpointType.Authorization)]
+        [InlineData("https://fabrikam.com/connect/authorize", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://FABRIKAM.COM/CONNECT/AUTHORIZE", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://fabrikam.com/connect/authorize/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://FABRIKAM.COM/CONNECT/AUTHORIZE/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost:8888/connect/authorize", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://LOCALHOST:8888/CONNECT/AUTHORIZE", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost:8888/connect/authorize/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://LOCALHOST:8888/CONNECT/AUTHORIZE/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost/.well-known/openid-configuration", OpenIddictServerEndpointType.Configuration)]
+        [InlineData("HTTPS://LOCALHOST/.WELL-KNOWN/OPENID-CONFIGURATION", OpenIddictServerEndpointType.Configuration)]
+        [InlineData("https://localhost/.well-known/openid-configuration/", OpenIddictServerEndpointType.Configuration)]
+        [InlineData("HTTPS://LOCALHOST/.WELL-KNOWN/OPENID-CONFIGURATION/", OpenIddictServerEndpointType.Configuration)]
+        [InlineData("https://localhost:443/.well-known/openid-configuration", OpenIddictServerEndpointType.Configuration)]
+        [InlineData("HTTPS://LOCALHOST:443/.WELL-KNOWN/OPENID-CONFIGURATION", OpenIddictServerEndpointType.Configuration)]
+        [InlineData("https://localhost:443/.well-known/openid-configuration/", OpenIddictServerEndpointType.Configuration)]
+        [InlineData("HTTPS://LOCALHOST:443/.WELL-KNOWN/OPENID-CONFIGURATION/", OpenIddictServerEndpointType.Configuration)]
+        [InlineData("https://fabrikam.com/.well-known/openid-configuration", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://FABRIKAM.COM/.WELL-KNOWN/OPENID-CONFIGURATION", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://fabrikam.com/.well-known/openid-configuration/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://FABRIKAM.COM/.WELL-KNOWN/OPENID-CONFIGURATION/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost:8888/.well-known/openid-configuration", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://LOCALHOST:8888/.WELL-KNOWN/OPENID-CONFIGURATION", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost:8888/.well-known/openid-configuration/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://LOCALHOST:8888/.WELL-KNOWN/OPENID-CONFIGURATION/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost/.well-known/jwks", OpenIddictServerEndpointType.Cryptography)]
+        [InlineData("HTTPS://LOCALHOST/.WELL-KNOWN/JWKS", OpenIddictServerEndpointType.Cryptography)]
+        [InlineData("https://localhost/.well-known/jwks/", OpenIddictServerEndpointType.Cryptography)]
+        [InlineData("HTTPS://LOCALHOST/.WELL-KNOWN/JWKS/", OpenIddictServerEndpointType.Cryptography)]
+        [InlineData("https://localhost:443/.well-known/jwks", OpenIddictServerEndpointType.Cryptography)]
+        [InlineData("HTTPS://LOCALHOST:443/.WELL-KNOWN/JWKS", OpenIddictServerEndpointType.Cryptography)]
+        [InlineData("https://localhost:443/.well-known/jwks/", OpenIddictServerEndpointType.Cryptography)]
+        [InlineData("HTTPS://LOCALHOST:443/.WELL-KNOWN/JWKS/", OpenIddictServerEndpointType.Cryptography)]
+        [InlineData("https://fabrikam.com/.well-known/jwks", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://FABRIKAM.COM/.WELL-KNOWN/JWKS", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://fabrikam.com/.well-known/jwks/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://FABRIKAM.COM/.WELL-KNOWN/JWKS/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost:8888/.well-known/jwks", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://LOCALHOST:8888/.WELL-KNOWN/JWKS", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost:8888/.well-known/jwks/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://LOCALHOST:8888/.WELL-KNOWN/JWKS/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost/connect/device", OpenIddictServerEndpointType.Device)]
+        [InlineData("HTTPS://LOCALHOST/CONNECT/DEVICE", OpenIddictServerEndpointType.Device)]
+        [InlineData("https://localhost/connect/device/", OpenIddictServerEndpointType.Device)]
+        [InlineData("HTTPS://LOCALHOST/CONNECT/DEVICE/", OpenIddictServerEndpointType.Device)]
+        [InlineData("https://localhost:443/connect/device", OpenIddictServerEndpointType.Device)]
+        [InlineData("HTTPS://LOCALHOST:443/CONNECT/DEVICE", OpenIddictServerEndpointType.Device)]
+        [InlineData("https://localhost:443/connect/device/", OpenIddictServerEndpointType.Device)]
+        [InlineData("HTTPS://LOCALHOST:443/CONNECT/DEVICE/", OpenIddictServerEndpointType.Device)]
+        [InlineData("https://fabrikam.com/connect/device", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://FABRIKAM.COM/CONNECT/DEVICE", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://fabrikam.com/connect/device/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://FABRIKAM.COM/CONNECT/DEVICE/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost:8888/connect/device", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://LOCALHOST:8888/CONNECT/DEVICE", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost:8888/connect/device/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://LOCALHOST:8888/CONNECT/DEVICE/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost/connect/introspect", OpenIddictServerEndpointType.Introspection)]
+        [InlineData("HTTPS://LOCALHOST/CONNECT/INTROSPECT", OpenIddictServerEndpointType.Introspection)]
+        [InlineData("https://localhost/connect/introspect/", OpenIddictServerEndpointType.Introspection)]
+        [InlineData("HTTPS://LOCALHOST/CONNECT/INTROSPECT/", OpenIddictServerEndpointType.Introspection)]
+        [InlineData("https://localhost:443/connect/introspect", OpenIddictServerEndpointType.Introspection)]
+        [InlineData("HTTPS://LOCALHOST:443/CONNECT/INTROSPECT", OpenIddictServerEndpointType.Introspection)]
+        [InlineData("https://localhost:443/connect/introspect/", OpenIddictServerEndpointType.Introspection)]
+        [InlineData("HTTPS://LOCALHOST:443/CONNECT/INTROSPECT/", OpenIddictServerEndpointType.Introspection)]
+        [InlineData("https://fabrikam.com/connect/introspect", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://FABRIKAM.COM/CONNECT/INTROSPECT", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://fabrikam.com/connect/introspect/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://FABRIKAM.COM/CONNECT/INTROSPECT/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost:8888/connect/introspect", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://LOCALHOST:8888/CONNECT/INTROSPECT", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost:8888/connect/introspect/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://LOCALHOST:8888/CONNECT/INTROSPECT/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost/connect/logout", OpenIddictServerEndpointType.Logout)]
+        [InlineData("HTTPS://LOCALHOST/CONNECT/LOGOUT", OpenIddictServerEndpointType.Logout)]
+        [InlineData("https://localhost/connect/logout/", OpenIddictServerEndpointType.Logout)]
+        [InlineData("HTTPS://LOCALHOST/CONNECT/LOGOUT/", OpenIddictServerEndpointType.Logout)]
+        [InlineData("https://localhost:443/connect/logout", OpenIddictServerEndpointType.Logout)]
+        [InlineData("HTTPS://LOCALHOST:443/CONNECT/LOGOUT", OpenIddictServerEndpointType.Logout)]
+        [InlineData("https://localhost:443/connect/logout/", OpenIddictServerEndpointType.Logout)]
+        [InlineData("HTTPS://LOCALHOST:443/CONNECT/LOGOUT/", OpenIddictServerEndpointType.Logout)]
+        [InlineData("https://fabrikam.com/connect/logout", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://FABRIKAM.COM/CONNECT/LOGOUT", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://fabrikam.com/connect/logout/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://FABRIKAM.COM/CONNECT/LOGOUT/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost:8888/connect/logout", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://LOCALHOST:8888/CONNECT/LOGOUT", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost:8888/connect/logout/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://LOCALHOST:8888/CONNECT/LOGOUT/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost/connect/revoke", OpenIddictServerEndpointType.Revocation)]
+        [InlineData("HTTPS://LOCALHOST/CONNECT/REVOKE", OpenIddictServerEndpointType.Revocation)]
+        [InlineData("https://localhost/connect/revoke/", OpenIddictServerEndpointType.Revocation)]
+        [InlineData("HTTPS://LOCALHOST/CONNECT/REVOKE/", OpenIddictServerEndpointType.Revocation)]
+        [InlineData("https://localhost:443/connect/revoke", OpenIddictServerEndpointType.Revocation)]
+        [InlineData("HTTPS://LOCALHOST:443/CONNECT/REVOKE", OpenIddictServerEndpointType.Revocation)]
+        [InlineData("https://localhost:443/connect/revoke/", OpenIddictServerEndpointType.Revocation)]
+        [InlineData("HTTPS://LOCALHOST:443/CONNECT/REVOKE/", OpenIddictServerEndpointType.Revocation)]
+        [InlineData("https://fabrikam.com/connect/revoke", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://FABRIKAM.COM/CONNECT/REVOKE", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://fabrikam.com/connect/revoke/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://FABRIKAM.COM/CONNECT/REVOKE/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost:8888/connect/revoke", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://LOCALHOST:8888/CONNECT/REVOKE", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost:8888/connect/revoke/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://LOCALHOST:8888/CONNECT/REVOKE/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost/connect/token", OpenIddictServerEndpointType.Token)]
+        [InlineData("HTTPS://LOCALHOST/CONNECT/TOKEN", OpenIddictServerEndpointType.Token)]
+        [InlineData("https://localhost/connect/token/", OpenIddictServerEndpointType.Token)]
+        [InlineData("HTTPS://LOCALHOST/CONNECT/TOKEN/", OpenIddictServerEndpointType.Token)]
+        [InlineData("https://localhost:443/connect/token", OpenIddictServerEndpointType.Token)]
+        [InlineData("HTTPS://LOCALHOST:443/CONNECT/TOKEN", OpenIddictServerEndpointType.Token)]
+        [InlineData("https://localhost:443/connect/token/", OpenIddictServerEndpointType.Token)]
+        [InlineData("HTTPS://LOCALHOST:443/CONNECT/TOKEN/", OpenIddictServerEndpointType.Token)]
+        [InlineData("https://fabrikam.com/connect/token", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://FABRIKAM.COM/CONNECT/TOKEN", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://fabrikam.com/connect/token/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://FABRIKAM.COM/CONNECT/TOKEN/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost:8888/connect/token", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://LOCALHOST:8888/CONNECT/TOKEN", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost:8888/connect/token/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://LOCALHOST:8888/CONNECT/TOKEN/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost/connect/userinfo", OpenIddictServerEndpointType.Userinfo)]
+        [InlineData("HTTPS://LOCALHOST/CONNECT/USERINFO", OpenIddictServerEndpointType.Userinfo)]
+        [InlineData("https://localhost/connect/userinfo/", OpenIddictServerEndpointType.Userinfo)]
+        [InlineData("HTTPS://LOCALHOST/CONNECT/USERINFO/", OpenIddictServerEndpointType.Userinfo)]
+        [InlineData("https://localhost:443/connect/userinfo", OpenIddictServerEndpointType.Userinfo)]
+        [InlineData("HTTPS://LOCALHOST:443/CONNECT/USERINFO", OpenIddictServerEndpointType.Userinfo)]
+        [InlineData("https://localhost:443/connect/userinfo/", OpenIddictServerEndpointType.Userinfo)]
+        [InlineData("HTTPS://LOCALHOST:443/CONNECT/USERINFO/", OpenIddictServerEndpointType.Userinfo)]
+        [InlineData("https://fabrikam.com/connect/userinfo", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://FABRIKAM.COM/CONNECT/USERINFO", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://fabrikam.com/connect/userinfo/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://FABRIKAM.COM/CONNECT/USERINFO/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost:8888/connect/userinfo", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://LOCALHOST:8888/CONNECT/USERINFO", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost:8888/connect/userinfo/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://LOCALHOST:8888/CONNECT/USERINFO/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost/connect/verification", OpenIddictServerEndpointType.Verification)]
+        [InlineData("HTTPS://LOCALHOST/CONNECT/VERIFICATION", OpenIddictServerEndpointType.Verification)]
+        [InlineData("https://localhost/connect/verification/", OpenIddictServerEndpointType.Verification)]
+        [InlineData("HTTPS://LOCALHOST/CONNECT/VERIFICATION/", OpenIddictServerEndpointType.Verification)]
+        [InlineData("https://localhost:443/connect/verification", OpenIddictServerEndpointType.Verification)]
+        [InlineData("HTTPS://LOCALHOST:443/CONNECT/VERIFICATION", OpenIddictServerEndpointType.Verification)]
+        [InlineData("https://localhost:443/connect/verification/", OpenIddictServerEndpointType.Verification)]
+        [InlineData("HTTPS://LOCALHOST:443/CONNECT/VERIFICATION/", OpenIddictServerEndpointType.Verification)]
+        [InlineData("https://fabrikam.com/connect/verification", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://FABRIKAM.COM/CONNECT/VERIFICATION", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://fabrikam.com/connect/verification/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://FABRIKAM.COM/CONNECT/VERIFICATION/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost:8888/connect/verification", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://LOCALHOST:8888/CONNECT/VERIFICATION", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost:8888/connect/verification/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://LOCALHOST:8888/CONNECT/VERIFICATION/", OpenIddictServerEndpointType.Unknown)]
+        public async Task ProcessRequest_MatchesCorrespondingAbsoluteEndpoint(string path, OpenIddictServerEndpointType type)
+        {
+            // Arrange
+            await using var server = await CreateServerAsync(options =>
+            {
+                options.EnableDegradedMode();
+
+                options.SetAuthorizationEndpointUris("https://localhost/connect/authorize")
+                       .SetConfigurationEndpointUris("https://localhost/.well-known/openid-configuration")
+                       .SetCryptographyEndpointUris("https://localhost/.well-known/jwks")
+                       .SetDeviceEndpointUris("https://localhost/connect/device")
+                       .SetIntrospectionEndpointUris("https://localhost/connect/introspect")
+                       .SetLogoutEndpointUris("https://localhost/connect/logout")
+                       .SetRevocationEndpointUris("https://localhost/connect/revoke")
+                       .SetTokenEndpointUris("https://localhost/connect/token")
+                       .SetUserinfoEndpointUris("https://localhost/connect/userinfo")
+                       .SetVerificationEndpointUris("https://localhost/connect/verification");
+
+                options.AddEventHandler<HandleLogoutRequestContext>(builder =>
+                    builder.UseInlineHandler(context =>
+                    {
+                        context.SkipRequest();
+
+                        return default;
+                    }));
+
+                options.AddEventHandler<HandleVerificationRequestContext>(builder =>
+                    builder.UseInlineHandler(context =>
+                    {
+                        context.SkipRequest();
 
                         return default;
                     }));
@@ -317,14 +562,16 @@ namespace OpenIddict.Server.AspNetCore.IntegrationTests
 
         [Theory]
         [InlineData("/custom/connect/authorize", OpenIddictServerEndpointType.Authorization)]
+        [InlineData("/custom/.well-known/openid-configuration", OpenIddictServerEndpointType.Configuration)]
+        [InlineData("/custom/.well-known/jwks", OpenIddictServerEndpointType.Cryptography)]
+        [InlineData("/custom/connect/device", OpenIddictServerEndpointType.Device)]
         [InlineData("/custom/connect/custom", OpenIddictServerEndpointType.Unknown)]
         [InlineData("/custom/connect/introspect", OpenIddictServerEndpointType.Introspection)]
         [InlineData("/custom/connect/logout", OpenIddictServerEndpointType.Logout)]
         [InlineData("/custom/connect/revoke", OpenIddictServerEndpointType.Revocation)]
         [InlineData("/custom/connect/token", OpenIddictServerEndpointType.Token)]
         [InlineData("/custom/connect/userinfo", OpenIddictServerEndpointType.Userinfo)]
-        [InlineData("/custom/.well-known/openid-configuration", OpenIddictServerEndpointType.Configuration)]
+        [InlineData("/custom/connect/verification", OpenIddictServerEndpointType.Verification)]
-        [InlineData("/custom/.well-known/jwks", OpenIddictServerEndpointType.Cryptography)]
         public async Task ProcessRequest_AllowsOverridingEndpoint(string address, OpenIddictServerEndpointType type)
         {
             // Arrange
@@ -335,7 +582,15 @@ namespace OpenIddict.Server.AspNetCore.IntegrationTests
                 options.AddEventHandler<HandleLogoutRequestContext>(builder =>
                     builder.UseInlineHandler(context =>
                     {
-                        context.SignOut();
+                        context.SkipRequest();
+
+                        return default;
+                    }));
+
+                options.AddEventHandler<HandleVerificationRequestContext>(builder =>
+                    builder.UseInlineHandler(context =>
+                    {
+                        context.SkipRequest();
 
                         return default;
                     }));
@@ -367,11 +622,13 @@ namespace OpenIddict.Server.AspNetCore.IntegrationTests
         [InlineData("/.well-known/openid-configuration")]
         [InlineData("/.well-known/jwks")]
         [InlineData("/connect/authorize")]
+        [InlineData("/connect/device")]
         [InlineData("/connect/introspect")]
         [InlineData("/connect/logout")]
         [InlineData("/connect/revoke")]
         [InlineData("/connect/token")]
         [InlineData("/connect/userinfo")]
+        [InlineData("/connect/verification")]
         public async Task ProcessRequest_RejectsInsecureHttpRequests(string address)
         {
             // Arrange
@@ -399,11 +656,13 @@ namespace OpenIddict.Server.AspNetCore.IntegrationTests
         [InlineData("/.well-known/jwks")]
         [InlineData("/custom")]
         [InlineData("/connect/authorize")]
+        [InlineData("/connect/device")]
         [InlineData("/connect/introspect")]
         [InlineData("/connect/logout")]
         [InlineData("/connect/revoke")]
         [InlineData("/connect/token")]
         [InlineData("/connect/userinfo")]
+        [InlineData("/connect/verification")]
         public async Task ProcessRequest_AllowsHandlingResponse(string address)
         {
             // Arrange
@@ -439,11 +698,13 @@ namespace OpenIddict.Server.AspNetCore.IntegrationTests
         [InlineData("/.well-known/jwks")]
         [InlineData("/custom")]
         [InlineData("/connect/authorize")]
+        [InlineData("/connect/device")]
         [InlineData("/connect/introspect")]
         [InlineData("/connect/logout")]
         [InlineData("/connect/revoke")]
         [InlineData("/connect/token")]
         [InlineData("/connect/userinfo")]
+        [InlineData("/connect/verification")]
         public async Task ProcessRequest_AllowsSkippingHandler(string address)
         {
             // Arrange

test/OpenIddict.Server.Owin.IntegrationTests/OpenIddictServerOwinIntegrationTests.cs

@@ -185,6 +185,30 @@ namespace OpenIddict.Server.Owin.IntegrationTests
         [InlineData("/CONNECT/AUTHORIZE/SUBPATH", OpenIddictServerEndpointType.Unknown)]
         [InlineData("/connect/authorize/subpath/", OpenIddictServerEndpointType.Unknown)]
         [InlineData("/CONNECT/AUTHORIZE/SUBPATH/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("/.well-known/openid-configuration", OpenIddictServerEndpointType.Configuration)]
+        [InlineData("/.WELL-KNOWN/OPENID-CONFIGURATION", OpenIddictServerEndpointType.Configuration)]
+        [InlineData("/.well-known/openid-configuration/", OpenIddictServerEndpointType.Configuration)]
+        [InlineData("/.WELL-KNOWN/OPENID-CONFIGURATION/", OpenIddictServerEndpointType.Configuration)]
+        [InlineData("/.well-known/openid-configuration/subpath", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("/.WELL-KNOWN/OPENID-CONFIGURATION/SUBPATH", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("/.well-known/openid-configuration/subpath/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("/.WELL-KNOWN/OPENID-CONFIGURATION/SUBPATH/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("/.well-known/jwks", OpenIddictServerEndpointType.Cryptography)]
+        [InlineData("/.WELL-KNOWN/JWKS", OpenIddictServerEndpointType.Cryptography)]
+        [InlineData("/.well-known/jwks/", OpenIddictServerEndpointType.Cryptography)]
+        [InlineData("/.WELL-KNOWN/JWKS/", OpenIddictServerEndpointType.Cryptography)]
+        [InlineData("/.well-known/jwks/subpath", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("/.WELL-KNOWN/JWKS/SUBPATH", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("/.well-known/jwks/subpath/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("/.WELL-KNOWN/JWKS/SUBPATH/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("/connect/device", OpenIddictServerEndpointType.Device)]
+        [InlineData("/CONNECT/DEVICE", OpenIddictServerEndpointType.Device)]
+        [InlineData("/connect/device/", OpenIddictServerEndpointType.Device)]
+        [InlineData("/CONNECT/DEVICE/", OpenIddictServerEndpointType.Device)]
+        [InlineData("/connect/device/subpath", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("/CONNECT/DEVICE/SUBPATH", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("/connect/device/subpath/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("/CONNECT/DEVICE/SUBPATH/", OpenIddictServerEndpointType.Unknown)]
         [InlineData("/connect/introspect", OpenIddictServerEndpointType.Introspection)]
         [InlineData("/CONNECT/INTROSPECT", OpenIddictServerEndpointType.Introspection)]
         [InlineData("/connect/introspect/", OpenIddictServerEndpointType.Introspection)]
@@ -225,23 +249,15 @@ namespace OpenIddict.Server.Owin.IntegrationTests
         [InlineData("/CONNECT/USERINFO/SUBPATH", OpenIddictServerEndpointType.Unknown)]
         [InlineData("/connect/userinfo/subpath/", OpenIddictServerEndpointType.Unknown)]
         [InlineData("/CONNECT/USERINFO/SUBPATH/", OpenIddictServerEndpointType.Unknown)]
-        [InlineData("/.well-known/openid-configuration", OpenIddictServerEndpointType.Configuration)]
+        [InlineData("/connect/verification", OpenIddictServerEndpointType.Verification)]
-        [InlineData("/.WELL-KNOWN/OPENID-CONFIGURATION", OpenIddictServerEndpointType.Configuration)]
+        [InlineData("/CONNECT/VERIFICATION", OpenIddictServerEndpointType.Verification)]
-        [InlineData("/.well-known/openid-configuration/", OpenIddictServerEndpointType.Configuration)]
+        [InlineData("/connect/verification/", OpenIddictServerEndpointType.Verification)]
-        [InlineData("/.WELL-KNOWN/OPENID-CONFIGURATION/", OpenIddictServerEndpointType.Configuration)]
+        [InlineData("/CONNECT/VERIFICATION/", OpenIddictServerEndpointType.Verification)]
-        [InlineData("/.well-known/openid-configuration/subpath", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("/connect/verification/subpath", OpenIddictServerEndpointType.Unknown)]
-        [InlineData("/.WELL-KNOWN/OPENID-CONFIGURATION/SUBPATH", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("/CONNECT/VERIFICATION/SUBPATH", OpenIddictServerEndpointType.Unknown)]
-        [InlineData("/.well-known/openid-configuration/subpath/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("/connect/verification/subpath/", OpenIddictServerEndpointType.Unknown)]
-        [InlineData("/.WELL-KNOWN/OPENID-CONFIGURATION/SUBPATH/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("/CONNECT/VERIFICATION/SUBPATH/", OpenIddictServerEndpointType.Unknown)]
-        [InlineData("/.well-known/jwks", OpenIddictServerEndpointType.Cryptography)]
+        public async Task ProcessRequest_MatchesCorrespondingRelativeEndpoint(string path, OpenIddictServerEndpointType type)
-        [InlineData("/.WELL-KNOWN/JWKS", OpenIddictServerEndpointType.Cryptography)]
-        [InlineData("/.well-known/jwks/", OpenIddictServerEndpointType.Cryptography)]
-        [InlineData("/.WELL-KNOWN/JWKS/", OpenIddictServerEndpointType.Cryptography)]
-        [InlineData("/.well-known/jwks/subpath", OpenIddictServerEndpointType.Unknown)]
-        [InlineData("/.WELL-KNOWN/JWKS/SUBPATH", OpenIddictServerEndpointType.Unknown)]
-        [InlineData("/.well-known/jwks/subpath/", OpenIddictServerEndpointType.Unknown)]
-        [InlineData("/.WELL-KNOWN/JWKS/SUBPATH/", OpenIddictServerEndpointType.Unknown)]
-        public async Task ProcessRequest_MatchesCorrespondingEndpoint(string path, OpenIddictServerEndpointType type)
         {
             // Arrange
             await using var server = await CreateServerAsync(options =>
@@ -251,7 +267,236 @@ namespace OpenIddict.Server.Owin.IntegrationTests
                 options.AddEventHandler<HandleLogoutRequestContext>(builder =>
                     builder.UseInlineHandler(context =>
                     {
-                        context.SignOut();
+                        context.SkipRequest();
+
+                        return default;
+                    }));
+
+                options.AddEventHandler<HandleVerificationRequestContext>(builder =>
+                    builder.UseInlineHandler(context =>
+                    {
+                        context.SkipRequest();
+
+                        return default;
+                    }));
+
+                options.AddEventHandler<ProcessRequestContext>(builder =>
+                    builder.UseInlineHandler(context =>
+                    {
+                        // Assert
+                        Assert.Equal(type, context.EndpointType);
+
+                        return default;
+                    }));
+            });
+
+            await using var client = await server.CreateClientAsync();
+
+            // Act
+            await client.PostAsync(path, new OpenIddictRequest());
+        }
+
+        [Theory]
+        [InlineData("https://localhost/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost:443/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost/connect", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://LOCALHOST/CONNECT", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost/connect/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://LOCALHOST/CONNECT/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost:443/connect", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://LOCALHOST:443/CONNECT", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost:443/connect/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://LOCALHOST:443/CONNECT/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost/connect/authorize", OpenIddictServerEndpointType.Authorization)]
+        [InlineData("HTTPS://LOCALHOST/CONNECT/AUTHORIZE", OpenIddictServerEndpointType.Authorization)]
+        [InlineData("https://localhost/connect/authorize/", OpenIddictServerEndpointType.Authorization)]
+        [InlineData("HTTPS://LOCALHOST/CONNECT/AUTHORIZE/", OpenIddictServerEndpointType.Authorization)]
+        [InlineData("https://localhost:443/connect/authorize", OpenIddictServerEndpointType.Authorization)]
+        [InlineData("HTTPS://LOCALHOST:443/CONNECT/AUTHORIZE", OpenIddictServerEndpointType.Authorization)]
+        [InlineData("https://localhost:443/connect/authorize/", OpenIddictServerEndpointType.Authorization)]
+        [InlineData("HTTPS://LOCALHOST:443/CONNECT/AUTHORIZE/", OpenIddictServerEndpointType.Authorization)]
+        [InlineData("https://fabrikam.com/connect/authorize", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://FABRIKAM.COM/CONNECT/AUTHORIZE", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://fabrikam.com/connect/authorize/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://FABRIKAM.COM/CONNECT/AUTHORIZE/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost:8888/connect/authorize", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://LOCALHOST:8888/CONNECT/AUTHORIZE", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost:8888/connect/authorize/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://LOCALHOST:8888/CONNECT/AUTHORIZE/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost/.well-known/openid-configuration", OpenIddictServerEndpointType.Configuration)]
+        [InlineData("HTTPS://LOCALHOST/.WELL-KNOWN/OPENID-CONFIGURATION", OpenIddictServerEndpointType.Configuration)]
+        [InlineData("https://localhost/.well-known/openid-configuration/", OpenIddictServerEndpointType.Configuration)]
+        [InlineData("HTTPS://LOCALHOST/.WELL-KNOWN/OPENID-CONFIGURATION/", OpenIddictServerEndpointType.Configuration)]
+        [InlineData("https://localhost:443/.well-known/openid-configuration", OpenIddictServerEndpointType.Configuration)]
+        [InlineData("HTTPS://LOCALHOST:443/.WELL-KNOWN/OPENID-CONFIGURATION", OpenIddictServerEndpointType.Configuration)]
+        [InlineData("https://localhost:443/.well-known/openid-configuration/", OpenIddictServerEndpointType.Configuration)]
+        [InlineData("HTTPS://LOCALHOST:443/.WELL-KNOWN/OPENID-CONFIGURATION/", OpenIddictServerEndpointType.Configuration)]
+        [InlineData("https://fabrikam.com/.well-known/openid-configuration", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://FABRIKAM.COM/.WELL-KNOWN/OPENID-CONFIGURATION", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://fabrikam.com/.well-known/openid-configuration/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://FABRIKAM.COM/.WELL-KNOWN/OPENID-CONFIGURATION/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost:8888/.well-known/openid-configuration", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://LOCALHOST:8888/.WELL-KNOWN/OPENID-CONFIGURATION", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost:8888/.well-known/openid-configuration/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://LOCALHOST:8888/.WELL-KNOWN/OPENID-CONFIGURATION/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost/.well-known/jwks", OpenIddictServerEndpointType.Cryptography)]
+        [InlineData("HTTPS://LOCALHOST/.WELL-KNOWN/JWKS", OpenIddictServerEndpointType.Cryptography)]
+        [InlineData("https://localhost/.well-known/jwks/", OpenIddictServerEndpointType.Cryptography)]
+        [InlineData("HTTPS://LOCALHOST/.WELL-KNOWN/JWKS/", OpenIddictServerEndpointType.Cryptography)]
+        [InlineData("https://localhost:443/.well-known/jwks", OpenIddictServerEndpointType.Cryptography)]
+        [InlineData("HTTPS://LOCALHOST:443/.WELL-KNOWN/JWKS", OpenIddictServerEndpointType.Cryptography)]
+        [InlineData("https://localhost:443/.well-known/jwks/", OpenIddictServerEndpointType.Cryptography)]
+        [InlineData("HTTPS://LOCALHOST:443/.WELL-KNOWN/JWKS/", OpenIddictServerEndpointType.Cryptography)]
+        [InlineData("https://fabrikam.com/.well-known/jwks", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://FABRIKAM.COM/.WELL-KNOWN/JWKS", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://fabrikam.com/.well-known/jwks/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://FABRIKAM.COM/.WELL-KNOWN/JWKS/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost:8888/.well-known/jwks", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://LOCALHOST:8888/.WELL-KNOWN/JWKS", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost:8888/.well-known/jwks/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://LOCALHOST:8888/.WELL-KNOWN/JWKS/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost/connect/device", OpenIddictServerEndpointType.Device)]
+        [InlineData("HTTPS://LOCALHOST/CONNECT/DEVICE", OpenIddictServerEndpointType.Device)]
+        [InlineData("https://localhost/connect/device/", OpenIddictServerEndpointType.Device)]
+        [InlineData("HTTPS://LOCALHOST/CONNECT/DEVICE/", OpenIddictServerEndpointType.Device)]
+        [InlineData("https://localhost:443/connect/device", OpenIddictServerEndpointType.Device)]
+        [InlineData("HTTPS://LOCALHOST:443/CONNECT/DEVICE", OpenIddictServerEndpointType.Device)]
+        [InlineData("https://localhost:443/connect/device/", OpenIddictServerEndpointType.Device)]
+        [InlineData("HTTPS://LOCALHOST:443/CONNECT/DEVICE/", OpenIddictServerEndpointType.Device)]
+        [InlineData("https://fabrikam.com/connect/device", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://FABRIKAM.COM/CONNECT/DEVICE", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://fabrikam.com/connect/device/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://FABRIKAM.COM/CONNECT/DEVICE/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost:8888/connect/device", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://LOCALHOST:8888/CONNECT/DEVICE", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost:8888/connect/device/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://LOCALHOST:8888/CONNECT/DEVICE/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost/connect/introspect", OpenIddictServerEndpointType.Introspection)]
+        [InlineData("HTTPS://LOCALHOST/CONNECT/INTROSPECT", OpenIddictServerEndpointType.Introspection)]
+        [InlineData("https://localhost/connect/introspect/", OpenIddictServerEndpointType.Introspection)]
+        [InlineData("HTTPS://LOCALHOST/CONNECT/INTROSPECT/", OpenIddictServerEndpointType.Introspection)]
+        [InlineData("https://localhost:443/connect/introspect", OpenIddictServerEndpointType.Introspection)]
+        [InlineData("HTTPS://LOCALHOST:443/CONNECT/INTROSPECT", OpenIddictServerEndpointType.Introspection)]
+        [InlineData("https://localhost:443/connect/introspect/", OpenIddictServerEndpointType.Introspection)]
+        [InlineData("HTTPS://LOCALHOST:443/CONNECT/INTROSPECT/", OpenIddictServerEndpointType.Introspection)]
+        [InlineData("https://fabrikam.com/connect/introspect", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://FABRIKAM.COM/CONNECT/INTROSPECT", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://fabrikam.com/connect/introspect/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://FABRIKAM.COM/CONNECT/INTROSPECT/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost:8888/connect/introspect", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://LOCALHOST:8888/CONNECT/INTROSPECT", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost:8888/connect/introspect/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://LOCALHOST:8888/CONNECT/INTROSPECT/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost/connect/logout", OpenIddictServerEndpointType.Logout)]
+        [InlineData("HTTPS://LOCALHOST/CONNECT/LOGOUT", OpenIddictServerEndpointType.Logout)]
+        [InlineData("https://localhost/connect/logout/", OpenIddictServerEndpointType.Logout)]
+        [InlineData("HTTPS://LOCALHOST/CONNECT/LOGOUT/", OpenIddictServerEndpointType.Logout)]
+        [InlineData("https://localhost:443/connect/logout", OpenIddictServerEndpointType.Logout)]
+        [InlineData("HTTPS://LOCALHOST:443/CONNECT/LOGOUT", OpenIddictServerEndpointType.Logout)]
+        [InlineData("https://localhost:443/connect/logout/", OpenIddictServerEndpointType.Logout)]
+        [InlineData("HTTPS://LOCALHOST:443/CONNECT/LOGOUT/", OpenIddictServerEndpointType.Logout)]
+        [InlineData("https://fabrikam.com/connect/logout", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://FABRIKAM.COM/CONNECT/LOGOUT", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://fabrikam.com/connect/logout/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://FABRIKAM.COM/CONNECT/LOGOUT/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost:8888/connect/logout", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://LOCALHOST:8888/CONNECT/LOGOUT", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost:8888/connect/logout/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://LOCALHOST:8888/CONNECT/LOGOUT/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost/connect/revoke", OpenIddictServerEndpointType.Revocation)]
+        [InlineData("HTTPS://LOCALHOST/CONNECT/REVOKE", OpenIddictServerEndpointType.Revocation)]
+        [InlineData("https://localhost/connect/revoke/", OpenIddictServerEndpointType.Revocation)]
+        [InlineData("HTTPS://LOCALHOST/CONNECT/REVOKE/", OpenIddictServerEndpointType.Revocation)]
+        [InlineData("https://localhost:443/connect/revoke", OpenIddictServerEndpointType.Revocation)]
+        [InlineData("HTTPS://LOCALHOST:443/CONNECT/REVOKE", OpenIddictServerEndpointType.Revocation)]
+        [InlineData("https://localhost:443/connect/revoke/", OpenIddictServerEndpointType.Revocation)]
+        [InlineData("HTTPS://LOCALHOST:443/CONNECT/REVOKE/", OpenIddictServerEndpointType.Revocation)]
+        [InlineData("https://fabrikam.com/connect/revoke", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://FABRIKAM.COM/CONNECT/REVOKE", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://fabrikam.com/connect/revoke/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://FABRIKAM.COM/CONNECT/REVOKE/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost:8888/connect/revoke", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://LOCALHOST:8888/CONNECT/REVOKE", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost:8888/connect/revoke/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://LOCALHOST:8888/CONNECT/REVOKE/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost/connect/token", OpenIddictServerEndpointType.Token)]
+        [InlineData("HTTPS://LOCALHOST/CONNECT/TOKEN", OpenIddictServerEndpointType.Token)]
+        [InlineData("https://localhost/connect/token/", OpenIddictServerEndpointType.Token)]
+        [InlineData("HTTPS://LOCALHOST/CONNECT/TOKEN/", OpenIddictServerEndpointType.Token)]
+        [InlineData("https://localhost:443/connect/token", OpenIddictServerEndpointType.Token)]
+        [InlineData("HTTPS://LOCALHOST:443/CONNECT/TOKEN", OpenIddictServerEndpointType.Token)]
+        [InlineData("https://localhost:443/connect/token/", OpenIddictServerEndpointType.Token)]
+        [InlineData("HTTPS://LOCALHOST:443/CONNECT/TOKEN/", OpenIddictServerEndpointType.Token)]
+        [InlineData("https://fabrikam.com/connect/token", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://FABRIKAM.COM/CONNECT/TOKEN", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://fabrikam.com/connect/token/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://FABRIKAM.COM/CONNECT/TOKEN/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost:8888/connect/token", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://LOCALHOST:8888/CONNECT/TOKEN", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost:8888/connect/token/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://LOCALHOST:8888/CONNECT/TOKEN/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost/connect/userinfo", OpenIddictServerEndpointType.Userinfo)]
+        [InlineData("HTTPS://LOCALHOST/CONNECT/USERINFO", OpenIddictServerEndpointType.Userinfo)]
+        [InlineData("https://localhost/connect/userinfo/", OpenIddictServerEndpointType.Userinfo)]
+        [InlineData("HTTPS://LOCALHOST/CONNECT/USERINFO/", OpenIddictServerEndpointType.Userinfo)]
+        [InlineData("https://localhost:443/connect/userinfo", OpenIddictServerEndpointType.Userinfo)]
+        [InlineData("HTTPS://LOCALHOST:443/CONNECT/USERINFO", OpenIddictServerEndpointType.Userinfo)]
+        [InlineData("https://localhost:443/connect/userinfo/", OpenIddictServerEndpointType.Userinfo)]
+        [InlineData("HTTPS://LOCALHOST:443/CONNECT/USERINFO/", OpenIddictServerEndpointType.Userinfo)]
+        [InlineData("https://fabrikam.com/connect/userinfo", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://FABRIKAM.COM/CONNECT/USERINFO", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://fabrikam.com/connect/userinfo/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://FABRIKAM.COM/CONNECT/USERINFO/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost:8888/connect/userinfo", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://LOCALHOST:8888/CONNECT/USERINFO", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost:8888/connect/userinfo/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://LOCALHOST:8888/CONNECT/USERINFO/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost/connect/verification", OpenIddictServerEndpointType.Verification)]
+        [InlineData("HTTPS://LOCALHOST/CONNECT/VERIFICATION", OpenIddictServerEndpointType.Verification)]
+        [InlineData("https://localhost/connect/verification/", OpenIddictServerEndpointType.Verification)]
+        [InlineData("HTTPS://LOCALHOST/CONNECT/VERIFICATION/", OpenIddictServerEndpointType.Verification)]
+        [InlineData("https://localhost:443/connect/verification", OpenIddictServerEndpointType.Verification)]
+        [InlineData("HTTPS://LOCALHOST:443/CONNECT/VERIFICATION", OpenIddictServerEndpointType.Verification)]
+        [InlineData("https://localhost:443/connect/verification/", OpenIddictServerEndpointType.Verification)]
+        [InlineData("HTTPS://LOCALHOST:443/CONNECT/VERIFICATION/", OpenIddictServerEndpointType.Verification)]
+        [InlineData("https://fabrikam.com/connect/verification", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://FABRIKAM.COM/CONNECT/VERIFICATION", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://fabrikam.com/connect/verification/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://FABRIKAM.COM/CONNECT/VERIFICATION/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost:8888/connect/verification", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://LOCALHOST:8888/CONNECT/VERIFICATION", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("https://localhost:8888/connect/verification/", OpenIddictServerEndpointType.Unknown)]
+        [InlineData("HTTPS://LOCALHOST:8888/CONNECT/VERIFICATION/", OpenIddictServerEndpointType.Unknown)]
+        public async Task ProcessRequest_MatchesCorrespondingAbsoluteEndpoint(string path, OpenIddictServerEndpointType type)
+        {
+            // Arrange
+            await using var server = await CreateServerAsync(options =>
+            {
+                options.EnableDegradedMode();
+
+                options.SetAuthorizationEndpointUris("https://localhost/connect/authorize")
+                       .SetConfigurationEndpointUris("https://localhost/.well-known/openid-configuration")
+                       .SetCryptographyEndpointUris("https://localhost/.well-known/jwks")
+                       .SetDeviceEndpointUris("https://localhost/connect/device")
+                       .SetIntrospectionEndpointUris("https://localhost/connect/introspect")
+                       .SetLogoutEndpointUris("https://localhost/connect/logout")
+                       .SetRevocationEndpointUris("https://localhost/connect/revoke")
+                       .SetTokenEndpointUris("https://localhost/connect/token")
+                       .SetUserinfoEndpointUris("https://localhost/connect/userinfo")
+                       .SetVerificationEndpointUris("https://localhost/connect/verification");
+
+                options.AddEventHandler<HandleLogoutRequestContext>(builder =>
+                    builder.UseInlineHandler(context =>
+                    {
+                        context.SkipRequest();
+
+                        return default;
+                    }));
+
+                options.AddEventHandler<HandleVerificationRequestContext>(builder =>
+                    builder.UseInlineHandler(context =>
+                    {
+                        context.SkipRequest();
 
                         return default;
                     }));
@@ -274,14 +519,16 @@ namespace OpenIddict.Server.Owin.IntegrationTests
 
         [Theory]
         [InlineData("/custom/connect/authorize", OpenIddictServerEndpointType.Authorization)]
+        [InlineData("/custom/.well-known/openid-configuration", OpenIddictServerEndpointType.Configuration)]
+        [InlineData("/custom/.well-known/jwks", OpenIddictServerEndpointType.Cryptography)]
+        [InlineData("/custom/connect/device", OpenIddictServerEndpointType.Device)]
         [InlineData("/custom/connect/custom", OpenIddictServerEndpointType.Unknown)]
         [InlineData("/custom/connect/introspect", OpenIddictServerEndpointType.Introspection)]
         [InlineData("/custom/connect/logout", OpenIddictServerEndpointType.Logout)]
         [InlineData("/custom/connect/revoke", OpenIddictServerEndpointType.Revocation)]
         [InlineData("/custom/connect/token", OpenIddictServerEndpointType.Token)]
         [InlineData("/custom/connect/userinfo", OpenIddictServerEndpointType.Userinfo)]
-        [InlineData("/custom/.well-known/openid-configuration", OpenIddictServerEndpointType.Configuration)]
+        [InlineData("/custom/connect/verification", OpenIddictServerEndpointType.Verification)]
-        [InlineData("/custom/.well-known/jwks", OpenIddictServerEndpointType.Cryptography)]
         public async Task ProcessRequest_AllowsOverridingEndpoint(string address, OpenIddictServerEndpointType type)
         {
             // Arrange
@@ -292,7 +539,15 @@ namespace OpenIddict.Server.Owin.IntegrationTests
                 options.AddEventHandler<HandleLogoutRequestContext>(builder =>
                     builder.UseInlineHandler(context =>
                     {
-                        context.SignOut();
+                        context.SkipRequest();
+
+                        return default;
+                    }));
+
+                options.AddEventHandler<HandleVerificationRequestContext>(builder =>
+                    builder.UseInlineHandler(context =>
+                    {
+                        context.SkipRequest();
 
                         return default;
                     }));
@@ -324,11 +579,13 @@ namespace OpenIddict.Server.Owin.IntegrationTests
         [InlineData("/.well-known/openid-configuration")]
         [InlineData("/.well-known/jwks")]
         [InlineData("/connect/authorize")]
+        [InlineData("/connect/device")]
         [InlineData("/connect/introspect")]
         [InlineData("/connect/logout")]
         [InlineData("/connect/revoke")]
         [InlineData("/connect/token")]
         [InlineData("/connect/userinfo")]
+        [InlineData("/connect/verification")]
         public async Task ProcessRequest_RejectsInsecureHttpRequests(string address)
         {
             // Arrange
@@ -356,11 +613,13 @@ namespace OpenIddict.Server.Owin.IntegrationTests
         [InlineData("/.well-known/jwks")]
         [InlineData("/custom")]
         [InlineData("/connect/authorize")]
+        [InlineData("/connect/device")]
         [InlineData("/connect/introspect")]
         [InlineData("/connect/logout")]
         [InlineData("/connect/revoke")]
         [InlineData("/connect/token")]
         [InlineData("/connect/userinfo")]
+        [InlineData("/connect/verification")]
         public async Task ProcessRequest_AllowsHandlingResponse(string address)
         {
             // Arrange
@@ -388,7 +647,7 @@ namespace OpenIddict.Server.Owin.IntegrationTests
             var response = await client.PostAsync(address, new OpenIddictRequest());
 
             // Assert
-            Assert.Equal("Bob le Bricoleur", (string) response["name"]!);
+            Assert.Equal("Bob le Bricoleur", (string?) response["name"]);
         }
 
         [Theory]
@@ -396,11 +655,13 @@ namespace OpenIddict.Server.Owin.IntegrationTests
         [InlineData("/.well-known/jwks")]
         [InlineData("/custom")]
         [InlineData("/connect/authorize")]
+        [InlineData("/connect/device")]
         [InlineData("/connect/introspect")]
         [InlineData("/connect/logout")]
         [InlineData("/connect/revoke")]
         [InlineData("/connect/token")]
         [InlineData("/connect/userinfo")]
+        [InlineData("/connect/verification")]
         public async Task ProcessRequest_AllowsSkippingHandler(string address)
         {
             // Arrange
@@ -423,7 +684,7 @@ namespace OpenIddict.Server.Owin.IntegrationTests
             var response = await client.PostAsync(address, new OpenIddictRequest());
 
             // Assert
-            Assert.Equal("Bob le Magnifique", (string) response["name"]!);
+            Assert.Equal("Bob le Magnifique", (string?) response["name"]);
         }
 
         [SuppressMessage("Reliability", "CA2000:Dispose objects before losing scope",