From 4b16fe5e5f2982832b54ba4523a6f0117571197c Mon Sep 17 00:00:00 2001
From: martincostello <martin@martincostello.com>
Date: Sun, 19 May 2019 15:24:47 +0100
Subject: [PATCH] Use using dispose keyword

Use the new C# 8.0 "using var ..." syntax to dipose of relevant resources without needing to use using blocks in the handlers to reduce the diff with the 2.x versions.
---
 .../AmazonAuthenticationHandler.cs            | 19 ++++---
 .../ArcGISAuthenticationHandler.cs            | 37 +++++++------
 .../AsanaAuthenticationHandler.cs             | 19 ++++---
 .../AutodeskAuthenticationHandler.cs          | 19 ++++---
 .../AutomaticAuthenticationHandler.cs         | 19 ++++---
 .../BattleNetAuthenticationHandler.cs         | 19 ++++---
 .../BeamAuthenticationHandler.cs              | 19 ++++---
 .../BitbucketAuthenticationHandler.cs         | 52 +++++++++----------
 .../BufferAuthenticationHandler.cs            | 19 ++++---
 .../CiscoSparkAuthenticationHandler.cs        | 19 ++++---
 .../DeviantArtAuthenticationHandler.cs        | 19 ++++---
 .../DiscordAuthenticationHandler.cs           | 19 ++++---
 .../DropboxAuthenticationHandler.cs           | 19 ++++---
 .../EVEOnlineAuthenticationHandler.cs         | 19 ++++---
 .../FitbitAuthenticationHandler.cs            | 23 ++++----
 .../FoursquareAuthenticationHandler.cs        | 31 ++++++-----
 .../GitHubAuthenticationHandler.cs            | 52 +++++++++----------
 .../GitterAuthenticationHandler.cs            | 19 ++++---
 .../HealthGraphAuthenticationHandler.cs       | 19 ++++---
 .../ImgurAuthenticationHandler.cs             | 19 ++++---
 .../InstagramAuthenticationHandler.cs         | 19 ++++---
 .../LinkedInAuthenticationHandler.cs          | 19 ++++---
 .../MailChimpAuthenticationHandler.cs         | 19 ++++---
 .../OnshapeAuthenticationHandler.cs           | 19 ++++---
 .../PatreonAuthenticationHandler.cs           | 19 ++++---
 .../PaypalAuthenticationHandler.cs            | 19 ++++---
 .../QQAuthenticationHandler.cs                | 47 ++++++++---------
 .../RedditAuthenticationHandler.cs            | 23 ++++----
 .../SalesforceAuthenticationHandler.cs        | 19 ++++---
 .../SlackAuthenticationHandler.cs             | 19 ++++---
 .../SoundCloudAuthenticationHandler.cs        | 19 ++++---
 .../SpotifyAuthenticationHandler.cs           | 19 ++++---
 .../StackExchangeAuthenticationHandler.cs     | 23 ++++----
 .../StravaAuthenticationHandler.cs            | 19 ++++---
 .../TwitchAuthenticationHandler.cs            | 19 ++++---
 .../UntappdAuthenticationHandler.cs           | 19 ++++---
 .../VimeoAuthenticationHandler.cs             | 19 ++++---
 .../VisualStudioAuthenticationHandler.cs      | 23 ++++----
 .../VkontakteAuthenticationHandler.cs         | 27 ++++------
 .../WeiboAuthenticationHandler.cs             | 48 ++++++++---------
 .../WeixinAuthenticationHandler.cs            | 40 +++++++-------
 .../WordPressAuthenticationHandler.cs         | 19 ++++---
 .../YahooAuthenticationHandler.cs             | 23 ++++----
 .../YammerAuthenticationHandler.cs            | 31 +++++------
 .../YandexAuthenticationHandler.cs            | 23 ++++----
 45 files changed, 508 insertions(+), 565 deletions(-)

diff --git a/src/AspNet.Security.OAuth.Amazon/AmazonAuthenticationHandler.cs b/src/AspNet.Security.OAuth.Amazon/AmazonAuthenticationHandler.cs
index 26b65d104..1b853e0cc 100644
--- a/src/AspNet.Security.OAuth.Amazon/AmazonAuthenticationHandler.cs
+++ b/src/AspNet.Security.OAuth.Amazon/AmazonAuthenticationHandler.cs
@@ -51,22 +51,21 @@ public class AmazonAuthenticationHandler : OAuthHandler<AmazonAuthenticationOpti
                 endpoint = QueryHelpers.AddQueryString(endpoint, "fields", string.Join(",", Options.Fields));
             }
 
-            var request = new HttpRequestMessage(HttpMethod.Get, endpoint);
+            using var request = new HttpRequestMessage(HttpMethod.Get, endpoint);
             request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
             request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken);
 
-            var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
+            using var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
             response.EnsureSuccessStatusCode();
 
-            using (var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync()))
-            {
-                var principal = new ClaimsPrincipal(identity);
-                var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
-                context.RunClaimActions();
+            using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync());
 
-                await Options.Events.CreatingTicket(context);
-                return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
-            }
+            var principal = new ClaimsPrincipal(identity);
+            var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
+            context.RunClaimActions();
+
+            await Options.Events.CreatingTicket(context);
+            return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
         }
     }
 }
diff --git a/src/AspNet.Security.OAuth.ArcGIS/ArcGISAuthenticationHandler.cs b/src/AspNet.Security.OAuth.ArcGIS/ArcGISAuthenticationHandler.cs
index 00d0c6ab3..7c073cde6 100644
--- a/src/AspNet.Security.OAuth.ArcGIS/ArcGISAuthenticationHandler.cs
+++ b/src/AspNet.Security.OAuth.ArcGIS/ArcGISAuthenticationHandler.cs
@@ -42,33 +42,32 @@ public class ArcGISAuthenticationHandler : OAuthHandler<ArcGISAuthenticationOpti
                 ["token"] = tokens.AccessToken
             });
 
-            var request = new HttpRequestMessage(HttpMethod.Get, address);
+            using var request = new HttpRequestMessage(HttpMethod.Get, address);
             request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
 
             // Request the token
-            var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
+            using var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
 
-            using (var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync()))
+            using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync());
+
+            // Note: error responses always return 200 status codes.
+            if (payload.RootElement.TryGetProperty("error", out var error))
             {
-                // Note: error responses always return 200 status codes.
-                if (payload.RootElement.TryGetProperty("error", out var error))
-                {
-                    // See https://developers.arcgis.com/authentication/server-based-user-logins/ for more information
-                    Logger.LogError("An error occurred while retrieving the user profile: the remote server " +
-                                    "returned a response with the following error code: {Code} {Message}.",
-                                    /* Code: */ error.GetString("code"),
-                                    /* Message: */ error.GetString("message"));
+                // See https://developers.arcgis.com/authentication/server-based-user-logins/ for more information
+                Logger.LogError("An error occurred while retrieving the user profile: the remote server " +
+                                "returned a response with the following error code: {Code} {Message}.",
+                                /* Code: */ error.GetString("code"),
+                                /* Message: */ error.GetString("message"));
 
-                    throw new InvalidOperationException("An error occurred while retrieving the user profile.");
-                }
+                throw new InvalidOperationException("An error occurred while retrieving the user profile.");
+            }
 
-                var principal = new ClaimsPrincipal(identity);
-                var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
-                context.RunClaimActions();
+            var principal = new ClaimsPrincipal(identity);
+            var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
+            context.RunClaimActions();
 
-                await Options.Events.CreatingTicket(context);
-                return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
-            }
+            await Options.Events.CreatingTicket(context);
+            return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
         }
     }
 }
diff --git a/src/AspNet.Security.OAuth.Asana/AsanaAuthenticationHandler.cs b/src/AspNet.Security.OAuth.Asana/AsanaAuthenticationHandler.cs
index 75ee46926..e2c381f91 100644
--- a/src/AspNet.Security.OAuth.Asana/AsanaAuthenticationHandler.cs
+++ b/src/AspNet.Security.OAuth.Asana/AsanaAuthenticationHandler.cs
@@ -32,11 +32,11 @@ public class AsanaAuthenticationHandler : OAuthHandler<AsanaAuthenticationOption
         protected override async Task<AuthenticationTicket> CreateTicketAsync([NotNull] ClaimsIdentity identity,
             [NotNull] AuthenticationProperties properties, [NotNull] OAuthTokenResponse tokens)
         {
-            var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
+            using var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
             request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
             request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken);
 
-            var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
+            using var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
             if (!response.IsSuccessStatusCode)
             {
                 Logger.LogError("An error occurred while retrieving the user profile: the remote server " +
@@ -48,15 +48,14 @@ public class AsanaAuthenticationHandler : OAuthHandler<AsanaAuthenticationOption
                 throw new HttpRequestException("An error occurred while retrieving the user profile.");
             }
 
-            using (var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync()))
-            {
-                var principal = new ClaimsPrincipal(identity);
-                var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
-                context.RunClaimActions(payload.RootElement.GetProperty("data"));
+            using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync());
 
-                await Options.Events.CreatingTicket(context);
-                return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
-            }
+            var principal = new ClaimsPrincipal(identity);
+            var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
+            context.RunClaimActions(payload.RootElement.GetProperty("data"));
+
+            await Options.Events.CreatingTicket(context);
+            return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
         }
     }
 }
diff --git a/src/AspNet.Security.OAuth.Autodesk/AutodeskAuthenticationHandler.cs b/src/AspNet.Security.OAuth.Autodesk/AutodeskAuthenticationHandler.cs
index a0e46dc98..ce3bbc97c 100644
--- a/src/AspNet.Security.OAuth.Autodesk/AutodeskAuthenticationHandler.cs
+++ b/src/AspNet.Security.OAuth.Autodesk/AutodeskAuthenticationHandler.cs
@@ -32,11 +32,11 @@ public class AutodeskAuthenticationHandler : OAuthHandler<AutodeskAuthentication
         protected override async Task<AuthenticationTicket> CreateTicketAsync([NotNull] ClaimsIdentity identity,
             [NotNull] AuthenticationProperties properties, [NotNull] OAuthTokenResponse tokens)
         {
-            var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
+            using var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
             request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
             request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken);
 
-            var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
+            using var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
             if (!response.IsSuccessStatusCode)
             {
                 Logger.LogError("An error occurred while retrieving the user profile: the remote server " +
@@ -48,15 +48,14 @@ public class AutodeskAuthenticationHandler : OAuthHandler<AutodeskAuthentication
                 throw new HttpRequestException("An error occurred while retrieving the user profile.");
             }
 
-            using (var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync()))
-            {
-                var principal = new ClaimsPrincipal(identity);
-                var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
-                context.RunClaimActions();
+            using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync());
 
-                await Options.Events.CreatingTicket(context);
-                return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
-            }
+            var principal = new ClaimsPrincipal(identity);
+            var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
+            context.RunClaimActions();
+
+            await Options.Events.CreatingTicket(context);
+            return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
         }
     }
 }
diff --git a/src/AspNet.Security.OAuth.Automatic/AutomaticAuthenticationHandler.cs b/src/AspNet.Security.OAuth.Automatic/AutomaticAuthenticationHandler.cs
index 0bc1cd2d2..174a364ac 100644
--- a/src/AspNet.Security.OAuth.Automatic/AutomaticAuthenticationHandler.cs
+++ b/src/AspNet.Security.OAuth.Automatic/AutomaticAuthenticationHandler.cs
@@ -34,11 +34,11 @@ public class AutomaticAuthenticationHandler : OAuthHandler<AutomaticAuthenticati
         protected override async Task<AuthenticationTicket> CreateTicketAsync([NotNull] ClaimsIdentity identity,
             [NotNull] AuthenticationProperties properties, [NotNull] OAuthTokenResponse tokens)
         {
-            var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
+            using var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
             request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
             request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken);
 
-            var response = await Backchannel.SendAsync(request, Context.RequestAborted);
+            using var response = await Backchannel.SendAsync(request, Context.RequestAborted);
             if (!response.IsSuccessStatusCode)
             {
                 Logger.LogError("An error occurred while retrieving the user profile: the remote server " +
@@ -50,15 +50,14 @@ public class AutomaticAuthenticationHandler : OAuthHandler<AutomaticAuthenticati
                 throw new HttpRequestException("An error occurred while retrieving the user profile.");
             }
 
-            using (var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync()))
-            {
-                var principal = new ClaimsPrincipal(identity);
-                var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
-                context.RunClaimActions();
+            using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync());
 
-                await Options.Events.CreatingTicket(context);
-                return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
-            }
+            var principal = new ClaimsPrincipal(identity);
+            var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
+            context.RunClaimActions();
+
+            await Options.Events.CreatingTicket(context);
+            return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
         }
 
         protected override string BuildChallengeUrl(AuthenticationProperties properties, string redirectUri)
diff --git a/src/AspNet.Security.OAuth.BattleNet/BattleNetAuthenticationHandler.cs b/src/AspNet.Security.OAuth.BattleNet/BattleNetAuthenticationHandler.cs
index 6cb2c7675..bf978062c 100644
--- a/src/AspNet.Security.OAuth.BattleNet/BattleNetAuthenticationHandler.cs
+++ b/src/AspNet.Security.OAuth.BattleNet/BattleNetAuthenticationHandler.cs
@@ -35,10 +35,10 @@ public class BattleNetAuthenticationHandler : OAuthHandler<BattleNetAuthenticati
         {
             var address = QueryHelpers.AddQueryString(Options.UserInformationEndpoint, "access_token", tokens.AccessToken);
 
-            var request = new HttpRequestMessage(HttpMethod.Get, address);
+            using var request = new HttpRequestMessage(HttpMethod.Get, address);
             request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
 
-            var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
+            using var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
             if (!response.IsSuccessStatusCode)
             {
                 Logger.LogError("An error occurred while retrieving the user profile: the remote server " +
@@ -50,15 +50,14 @@ public class BattleNetAuthenticationHandler : OAuthHandler<BattleNetAuthenticati
                 throw new HttpRequestException("An error occurred while retrieving the user profile.");
             }
 
-            using (var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync()))
-            {
-                var principal = new ClaimsPrincipal(identity);
-                var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
-                context.RunClaimActions();
+            using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync());
 
-                await Options.Events.CreatingTicket(context);
-                return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
-            }
+            var principal = new ClaimsPrincipal(identity);
+            var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
+            context.RunClaimActions();
+
+            await Options.Events.CreatingTicket(context);
+            return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
         }
     }
 }
diff --git a/src/AspNet.Security.OAuth.Beam/BeamAuthenticationHandler.cs b/src/AspNet.Security.OAuth.Beam/BeamAuthenticationHandler.cs
index 0b5c156c4..5d9db07b5 100644
--- a/src/AspNet.Security.OAuth.Beam/BeamAuthenticationHandler.cs
+++ b/src/AspNet.Security.OAuth.Beam/BeamAuthenticationHandler.cs
@@ -32,11 +32,11 @@ public class BeamAuthenticationHandler : OAuthHandler<BeamAuthenticationOptions>
         protected override async Task<AuthenticationTicket> CreateTicketAsync([NotNull] ClaimsIdentity identity,
             [NotNull] AuthenticationProperties properties, [NotNull] OAuthTokenResponse tokens)
         {
-            var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
+            using var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
             request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
             request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken);
 
-            var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
+            using var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
             if (!response.IsSuccessStatusCode)
             {
                 Logger.LogError("An error occurred while retrieving the user profile: the remote server " +
@@ -48,15 +48,14 @@ public class BeamAuthenticationHandler : OAuthHandler<BeamAuthenticationOptions>
                 throw new HttpRequestException("An error occurred while retrieving the user profile.");
             }
 
-            using (var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync()))
-            {
-                var principal = new ClaimsPrincipal(identity);
-                var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
-                context.RunClaimActions();
+            using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync());
 
-                await Options.Events.CreatingTicket(context);
-                return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
-            }
+            var principal = new ClaimsPrincipal(identity);
+            var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
+            context.RunClaimActions();
+
+            await Options.Events.CreatingTicket(context);
+            return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
         }
     }
 }
diff --git a/src/AspNet.Security.OAuth.Bitbucket/BitbucketAuthenticationHandler.cs b/src/AspNet.Security.OAuth.Bitbucket/BitbucketAuthenticationHandler.cs
index 4d73780ae..7f5a4152a 100644
--- a/src/AspNet.Security.OAuth.Bitbucket/BitbucketAuthenticationHandler.cs
+++ b/src/AspNet.Security.OAuth.Bitbucket/BitbucketAuthenticationHandler.cs
@@ -33,11 +33,11 @@ public class BitbucketAuthenticationHandler : OAuthHandler<BitbucketAuthenticati
         protected override async Task<AuthenticationTicket> CreateTicketAsync([NotNull] ClaimsIdentity identity,
             [NotNull] AuthenticationProperties properties, [NotNull] OAuthTokenResponse tokens)
         {
-            var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
+            using var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
             request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
             request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken);
 
-            var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
+            using var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
             if (!response.IsSuccessStatusCode)
             {
                 Logger.LogError("An error occurred while retrieving the user profile: the remote server " +
@@ -49,37 +49,36 @@ public class BitbucketAuthenticationHandler : OAuthHandler<BitbucketAuthenticati
                 throw new HttpRequestException("An error occurred while retrieving the user profile.");
             }
 
-            using (var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync()))
-            {
-                var principal = new ClaimsPrincipal(identity);
-                var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
-                context.RunClaimActions();
+            using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync());
+
+            var principal = new ClaimsPrincipal(identity);
+            var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
+            context.RunClaimActions();
 
-                // When the email address is not public, retrieve it from
-                // the emails endpoint if the user:email scope is specified.
-                if (!string.IsNullOrEmpty(Options.UserEmailsEndpoint) &&
-                    !identity.HasClaim(claim => claim.Type == ClaimTypes.Email) && Options.Scope.Contains("email"))
+            // When the email address is not public, retrieve it from
+            // the emails endpoint if the user:email scope is specified.
+            if (!string.IsNullOrEmpty(Options.UserEmailsEndpoint) &&
+                !identity.HasClaim(claim => claim.Type == ClaimTypes.Email) && Options.Scope.Contains("email"))
+            {
+                var address = await GetEmailAsync(tokens);
+                if (!string.IsNullOrEmpty(address))
                 {
-                    var address = await GetEmailAsync(tokens);
-                    if (!string.IsNullOrEmpty(address))
-                    {
-                        identity.AddClaim(new Claim(ClaimTypes.Email, address, ClaimValueTypes.String, Options.ClaimsIssuer));
-                    }
+                    identity.AddClaim(new Claim(ClaimTypes.Email, address, ClaimValueTypes.String, Options.ClaimsIssuer));
                 }
-
-                await Options.Events.CreatingTicket(context);
-                return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
             }
+
+            await Options.Events.CreatingTicket(context);
+            return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
         }
 
         protected virtual async Task<string> GetEmailAsync([NotNull] OAuthTokenResponse tokens)
         {
-            var request = new HttpRequestMessage(HttpMethod.Get, Options.UserEmailsEndpoint);
+            using var request = new HttpRequestMessage(HttpMethod.Get, Options.UserEmailsEndpoint);
             request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
             request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken);
 
             // Failed requests shouldn't cause an error: in this case, return null to indicate that the email address cannot be retrieved.
-            var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
+            using var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
             if (!response.IsSuccessStatusCode)
             {
                 Logger.LogWarning("An error occurred while retrieving the email address associated with the logged in user: " +
@@ -91,12 +90,11 @@ protected virtual async Task<string> GetEmailAsync([NotNull] OAuthTokenResponse
                 return null;
             }
 
-            using (var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync()))
-            {
-                return (from address in payload.RootElement.GetProperty("values").EnumerateArray()
-                        where address.GetProperty("is_primary").GetBoolean()
-                        select address.GetString("email")).FirstOrDefault();
-            }
+            using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync());
+
+            return (from address in payload.RootElement.GetProperty("values").EnumerateArray()
+                    where address.GetProperty("is_primary").GetBoolean()
+                    select address.GetString("email")).FirstOrDefault();
         }
     }
 }
diff --git a/src/AspNet.Security.OAuth.Buffer/BufferAuthenticationHandler.cs b/src/AspNet.Security.OAuth.Buffer/BufferAuthenticationHandler.cs
index 3a5750a60..b670fdd26 100644
--- a/src/AspNet.Security.OAuth.Buffer/BufferAuthenticationHandler.cs
+++ b/src/AspNet.Security.OAuth.Buffer/BufferAuthenticationHandler.cs
@@ -32,11 +32,11 @@ public class BufferAuthenticationHandler : OAuthHandler<BufferAuthenticationOpti
         protected override async Task<AuthenticationTicket> CreateTicketAsync([NotNull] ClaimsIdentity identity,
             [NotNull] AuthenticationProperties properties, [NotNull] OAuthTokenResponse tokens)
         {
-            var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
+            using var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
             request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
             request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken);
 
-            var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
+            using var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
             if (!response.IsSuccessStatusCode)
             {
                 Logger.LogError("An error occurred while retrieving the user profile: the remote server " +
@@ -48,15 +48,14 @@ public class BufferAuthenticationHandler : OAuthHandler<BufferAuthenticationOpti
                 throw new HttpRequestException("An error occurred while retrieving the user profile.");
             }
 
-            using (var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync()))
-            {
-                var principal = new ClaimsPrincipal(identity);
-                var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
-                context.RunClaimActions();
+            using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync());
 
-                await Options.Events.CreatingTicket(context);
-                return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
-            }
+            var principal = new ClaimsPrincipal(identity);
+            var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
+            context.RunClaimActions();
+
+            await Options.Events.CreatingTicket(context);
+            return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
         }
     }
 }
diff --git a/src/AspNet.Security.OAuth.CiscoSpark/CiscoSparkAuthenticationHandler.cs b/src/AspNet.Security.OAuth.CiscoSpark/CiscoSparkAuthenticationHandler.cs
index bf9233f14..d9d52dee5 100644
--- a/src/AspNet.Security.OAuth.CiscoSpark/CiscoSparkAuthenticationHandler.cs
+++ b/src/AspNet.Security.OAuth.CiscoSpark/CiscoSparkAuthenticationHandler.cs
@@ -33,11 +33,11 @@ public class CiscoSparkAuthenticationHandler : OAuthHandler<CiscoSparkAuthentica
             [NotNull] AuthenticationProperties properties, [NotNull] OAuthTokenResponse tokens)
         {
 
-            var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
+            using var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
             request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
             request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken);
 
-            var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
+            using var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
             if (!response.IsSuccessStatusCode)
             {
                 Logger.LogError("An error occurred while retrieving the user profile: the remote server " +
@@ -49,15 +49,14 @@ public class CiscoSparkAuthenticationHandler : OAuthHandler<CiscoSparkAuthentica
                 throw new HttpRequestException("An error occurred while retrieving the user profile.");
             }
 
-            using (var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync()))
-            {
-                var principal = new ClaimsPrincipal(identity);
-                var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
-                context.RunClaimActions();
+            using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync());
 
-                await Options.Events.CreatingTicket(context);
-                return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
-            }
+            var principal = new ClaimsPrincipal(identity);
+            var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
+            context.RunClaimActions();
+
+            await Options.Events.CreatingTicket(context);
+            return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
         }
     }
 }
diff --git a/src/AspNet.Security.OAuth.DeviantArt/DeviantArtAuthenticationHandler.cs b/src/AspNet.Security.OAuth.DeviantArt/DeviantArtAuthenticationHandler.cs
index 26193358f..b514ebb19 100644
--- a/src/AspNet.Security.OAuth.DeviantArt/DeviantArtAuthenticationHandler.cs
+++ b/src/AspNet.Security.OAuth.DeviantArt/DeviantArtAuthenticationHandler.cs
@@ -32,11 +32,11 @@ public class DeviantArtAuthenticationHandler : OAuthHandler<DeviantArtAuthentica
         protected override async Task<AuthenticationTicket> CreateTicketAsync([NotNull] ClaimsIdentity identity,
             [NotNull] AuthenticationProperties properties, [NotNull] OAuthTokenResponse tokens)
         {
-            var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
+            using var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
             request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
             request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken);
 
-            var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
+            using var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
             if (!response.IsSuccessStatusCode)
             {
                 Logger.LogError("An error occurred while retrieving the user profile: the remote server " +
@@ -48,15 +48,14 @@ public class DeviantArtAuthenticationHandler : OAuthHandler<DeviantArtAuthentica
                 throw new HttpRequestException("An error occurred while retrieving the user profile.");
             }
 
-            using (var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync()))
-            {
-                var principal = new ClaimsPrincipal(identity);
-                var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
-                context.RunClaimActions();
+            using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync());
 
-                await Options.Events.CreatingTicket(context);
-                return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
-            }
+            var principal = new ClaimsPrincipal(identity);
+            var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
+            context.RunClaimActions();
+
+            await Options.Events.CreatingTicket(context);
+            return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
         }
     }
 }
diff --git a/src/AspNet.Security.OAuth.Discord/DiscordAuthenticationHandler.cs b/src/AspNet.Security.OAuth.Discord/DiscordAuthenticationHandler.cs
index 46a6a8f51..15110c9aa 100644
--- a/src/AspNet.Security.OAuth.Discord/DiscordAuthenticationHandler.cs
+++ b/src/AspNet.Security.OAuth.Discord/DiscordAuthenticationHandler.cs
@@ -32,11 +32,11 @@ public class DiscordAuthenticationHandler : OAuthHandler<DiscordAuthenticationOp
         protected override async Task<AuthenticationTicket> CreateTicketAsync([NotNull] ClaimsIdentity identity,
             [NotNull] AuthenticationProperties properties, [NotNull] OAuthTokenResponse tokens)
         {
-            var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
+            using var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
             request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
             request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken);
 
-            var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
+            using var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
             if (!response.IsSuccessStatusCode)
             {
                 Logger.LogError("An error occurred while retrieving the user profile: the remote server " +
@@ -48,15 +48,14 @@ public class DiscordAuthenticationHandler : OAuthHandler<DiscordAuthenticationOp
                 throw new HttpRequestException("An error occurred while retrieving the user profile.");
             }
 
-            using (var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync()))
-            {
-                var principal = new ClaimsPrincipal(identity);
-                var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
-                context.RunClaimActions();
+            using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync());
 
-                await Options.Events.CreatingTicket(context);
-                return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
-            }
+            var principal = new ClaimsPrincipal(identity);
+            var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
+            context.RunClaimActions();
+
+            await Options.Events.CreatingTicket(context);
+            return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
         }
     }
 }
diff --git a/src/AspNet.Security.OAuth.Dropbox/DropboxAuthenticationHandler.cs b/src/AspNet.Security.OAuth.Dropbox/DropboxAuthenticationHandler.cs
index 8be2f2018..43a71cd5f 100644
--- a/src/AspNet.Security.OAuth.Dropbox/DropboxAuthenticationHandler.cs
+++ b/src/AspNet.Security.OAuth.Dropbox/DropboxAuthenticationHandler.cs
@@ -32,11 +32,11 @@ public class DropboxAuthenticationHandler : OAuthHandler<DropboxAuthenticationOp
         protected override async Task<AuthenticationTicket> CreateTicketAsync([NotNull] ClaimsIdentity identity,
             [NotNull] AuthenticationProperties properties, [NotNull] OAuthTokenResponse tokens)
         {
-            var request = new HttpRequestMessage(HttpMethod.Post, Options.UserInformationEndpoint);
+            using var request = new HttpRequestMessage(HttpMethod.Post, Options.UserInformationEndpoint);
             request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
             request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken);
 
-            var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
+            using var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
             if (!response.IsSuccessStatusCode)
             {
                 Logger.LogError("An error occurred while retrieving the user profile: the remote server " +
@@ -48,15 +48,14 @@ public class DropboxAuthenticationHandler : OAuthHandler<DropboxAuthenticationOp
                 throw new HttpRequestException("An error occurred while retrieving the user profile.");
             }
 
-            using (var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync()))
-            {
-                var principal = new ClaimsPrincipal(identity);
-                var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
-                context.RunClaimActions();
+            using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync());
 
-                await Options.Events.CreatingTicket(context);
-                return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
-            }
+            var principal = new ClaimsPrincipal(identity);
+            var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
+            context.RunClaimActions();
+
+            await Options.Events.CreatingTicket(context);
+            return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
         }
     }
 }
diff --git a/src/AspNet.Security.OAuth.EVEOnline/EVEOnlineAuthenticationHandler.cs b/src/AspNet.Security.OAuth.EVEOnline/EVEOnlineAuthenticationHandler.cs
index f5529f992..82ecef2a3 100644
--- a/src/AspNet.Security.OAuth.EVEOnline/EVEOnlineAuthenticationHandler.cs
+++ b/src/AspNet.Security.OAuth.EVEOnline/EVEOnlineAuthenticationHandler.cs
@@ -32,11 +32,11 @@ public class EVEOnlineAuthenticationHandler : OAuthHandler<EVEOnlineAuthenticati
         protected override async Task<AuthenticationTicket> CreateTicketAsync([NotNull] ClaimsIdentity identity,
             [NotNull] AuthenticationProperties properties, [NotNull] OAuthTokenResponse tokens)
         {
-            var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
+            using var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
             request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
             request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken);
 
-            var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
+            using var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
             if (!response.IsSuccessStatusCode)
             {
                 Logger.LogError("An error occurred while retrieving the user profile: the remote server " +
@@ -48,15 +48,14 @@ public class EVEOnlineAuthenticationHandler : OAuthHandler<EVEOnlineAuthenticati
                 throw new HttpRequestException("An error occurred while retrieving the user profile.");
             }
 
-            using (var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync()))
-            {
-                var principal = new ClaimsPrincipal(identity);
-                var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
-                context.RunClaimActions();
+            using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync());
 
-                await Options.Events.CreatingTicket(context);
-                return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
-            }
+            var principal = new ClaimsPrincipal(identity);
+            var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
+            context.RunClaimActions();
+
+            await Options.Events.CreatingTicket(context);
+            return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
         }
     }
 }
diff --git a/src/AspNet.Security.OAuth.Fitbit/FitbitAuthenticationHandler.cs b/src/AspNet.Security.OAuth.Fitbit/FitbitAuthenticationHandler.cs
index 0724a07d6..d0d0022db 100644
--- a/src/AspNet.Security.OAuth.Fitbit/FitbitAuthenticationHandler.cs
+++ b/src/AspNet.Security.OAuth.Fitbit/FitbitAuthenticationHandler.cs
@@ -35,11 +35,11 @@ public class FitbitAuthenticationHandler : OAuthHandler<FitbitAuthenticationOpti
         protected override async Task<AuthenticationTicket> CreateTicketAsync([NotNull] ClaimsIdentity identity,
             [NotNull] AuthenticationProperties properties, [NotNull] OAuthTokenResponse tokens)
         {
-            var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
+            using var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
             request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
             request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken);
 
-            var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
+            using var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
             if (!response.IsSuccessStatusCode)
             {
                 Logger.LogError("An error occurred while retrieving the user profile: the remote server " +
@@ -51,22 +51,21 @@ public class FitbitAuthenticationHandler : OAuthHandler<FitbitAuthenticationOpti
                 throw new HttpRequestException("An error occurred while retrieving the user profile.");
             }
 
-            using (var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync()))
-            {
-                var principal = new ClaimsPrincipal(identity);
-                var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
-                context.RunClaimActions(payload.RootElement.GetProperty("user"));
+            using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync());
 
-                await Options.Events.CreatingTicket(context);
-                return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
-            }
+            var principal = new ClaimsPrincipal(identity);
+            var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
+            context.RunClaimActions(payload.RootElement.GetProperty("user"));
+
+            await Options.Events.CreatingTicket(context);
+            return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
         }
 
         protected override async Task<OAuthTokenResponse> ExchangeCodeAsync([NotNull] string code, [NotNull] string redirectUri)
         {
             var credentials = Convert.ToBase64String(Encoding.UTF8.GetBytes($"{Options.ClientId}:{Options.ClientSecret}"));
 
-            var request = new HttpRequestMessage(HttpMethod.Post, Options.TokenEndpoint);
+            using var request = new HttpRequestMessage(HttpMethod.Post, Options.TokenEndpoint);
             request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
             request.Headers.Authorization = new AuthenticationHeaderValue("Basic", credentials);
 
@@ -77,7 +76,7 @@ protected override async Task<OAuthTokenResponse> ExchangeCodeAsync([NotNull] st
                 ["code"] = code
             });
 
-            var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
+            using var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
             if (!response.IsSuccessStatusCode)
             {
                 Logger.LogError("An error occurred while retrieving an access token: the remote server " +
diff --git a/src/AspNet.Security.OAuth.Foursquare/FoursquareAuthenticationHandler.cs b/src/AspNet.Security.OAuth.Foursquare/FoursquareAuthenticationHandler.cs
index 3735f6203..eb83ab1bd 100644
--- a/src/AspNet.Security.OAuth.Foursquare/FoursquareAuthenticationHandler.cs
+++ b/src/AspNet.Security.OAuth.Foursquare/FoursquareAuthenticationHandler.cs
@@ -42,9 +42,9 @@ public class FoursquareAuthenticationHandler : OAuthHandler<FoursquareAuthentica
                 ["oauth_token"] = tokens.AccessToken,
             });
 
-            var request = new HttpRequestMessage(HttpMethod.Get, address);
+            using var request = new HttpRequestMessage(HttpMethod.Get, address);
 
-            var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
+            using var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
             if (!response.IsSuccessStatusCode)
             {
                 Logger.LogError("An error occurred while retrieving the user profile: the remote server " +
@@ -56,23 +56,22 @@ public class FoursquareAuthenticationHandler : OAuthHandler<FoursquareAuthentica
                 throw new HttpRequestException("An error occurred while retrieving the user profile.");
             }
 
-            using (var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync()))
-            {
-                var principal = new ClaimsPrincipal(identity);
-                var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
+            using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync());
 
-                if (payload.RootElement.TryGetProperty("response", out var responseProperty))
-                {
-                    context.RunClaimActions(responseProperty.GetProperty("user"));
-                }
-                else
-                {
-                    context.RunClaimActions();
-                }
+            var principal = new ClaimsPrincipal(identity);
+            var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
 
-                await Options.Events.CreatingTicket(context);
-                return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
+            if (payload.RootElement.TryGetProperty("response", out var responseProperty))
+            {
+                context.RunClaimActions(responseProperty.GetProperty("user"));
             }
+            else
+            {
+                context.RunClaimActions();
+            }
+
+            await Options.Events.CreatingTicket(context);
+            return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
         }
     }
 }
diff --git a/src/AspNet.Security.OAuth.GitHub/GitHubAuthenticationHandler.cs b/src/AspNet.Security.OAuth.GitHub/GitHubAuthenticationHandler.cs
index 12d17dda9..6186877cb 100644
--- a/src/AspNet.Security.OAuth.GitHub/GitHubAuthenticationHandler.cs
+++ b/src/AspNet.Security.OAuth.GitHub/GitHubAuthenticationHandler.cs
@@ -33,11 +33,11 @@ public class GitHubAuthenticationHandler : OAuthHandler<GitHubAuthenticationOpti
         protected override async Task<AuthenticationTicket> CreateTicketAsync([NotNull] ClaimsIdentity identity,
             [NotNull] AuthenticationProperties properties, [NotNull] OAuthTokenResponse tokens)
         {
-            var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
+            using var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
             request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
             request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken);
 
-            var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
+            using var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
             if (!response.IsSuccessStatusCode)
             {
                 Logger.LogError("An error occurred while retrieving the user profile: the remote server " +
@@ -49,38 +49,37 @@ public class GitHubAuthenticationHandler : OAuthHandler<GitHubAuthenticationOpti
                 throw new HttpRequestException("An error occurred while retrieving the user profile.");
             }
 
-            using (var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync()))
-            {
-                var principal = new ClaimsPrincipal(identity);
-                var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
-                context.RunClaimActions();
+            using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync());
+
+            var principal = new ClaimsPrincipal(identity);
+            var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
+            context.RunClaimActions();
 
-                // When the email address is not public, retrieve it from
-                // the emails endpoint if the user:email scope is specified.
-                if (!string.IsNullOrEmpty(Options.UserEmailsEndpoint) &&
-                    !identity.HasClaim(claim => claim.Type == ClaimTypes.Email) && Options.Scope.Contains("user:email"))
+            // When the email address is not public, retrieve it from
+            // the emails endpoint if the user:email scope is specified.
+            if (!string.IsNullOrEmpty(Options.UserEmailsEndpoint) &&
+                !identity.HasClaim(claim => claim.Type == ClaimTypes.Email) && Options.Scope.Contains("user:email"))
+            {
+                var address = await GetEmailAsync(tokens);
+                if (!string.IsNullOrEmpty(address))
                 {
-                    var address = await GetEmailAsync(tokens);
-                    if (!string.IsNullOrEmpty(address))
-                    {
-                        identity.AddClaim(new Claim(ClaimTypes.Email, address, ClaimValueTypes.String, Options.ClaimsIssuer));
-                    }
+                    identity.AddClaim(new Claim(ClaimTypes.Email, address, ClaimValueTypes.String, Options.ClaimsIssuer));
                 }
-
-                await Options.Events.CreatingTicket(context);
-                return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
             }
+
+            await Options.Events.CreatingTicket(context);
+            return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
         }
 
         protected virtual async Task<string> GetEmailAsync([NotNull] OAuthTokenResponse tokens)
         {
             // See https://developer.github.com/v3/users/emails/ for more information about the /user/emails endpoint.
-            var request = new HttpRequestMessage(HttpMethod.Get, Options.UserEmailsEndpoint);
+            using var request = new HttpRequestMessage(HttpMethod.Get, Options.UserEmailsEndpoint);
             request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
             request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken);
 
             // Failed requests shouldn't cause an error: in this case, return null to indicate that the email address cannot be retrieved.
-            var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
+            using var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
             if (!response.IsSuccessStatusCode)
             {
                 Logger.LogWarning("An error occurred while retrieving the email address associated with the logged in user: " +
@@ -92,12 +91,11 @@ protected virtual async Task<string> GetEmailAsync([NotNull] OAuthTokenResponse
                 return null;
             }
 
-            using (var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync()))
-            {
-                return (from address in payload.RootElement.EnumerateArray()
-                        where address.GetProperty("primary").GetBoolean()
-                        select address.GetString("email")).FirstOrDefault();
-            }
+            using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync());
+
+            return (from address in payload.RootElement.EnumerateArray()
+                    where address.GetProperty("primary").GetBoolean()
+                    select address.GetString("email")).FirstOrDefault();
         }
     }
 }
diff --git a/src/AspNet.Security.OAuth.Gitter/GitterAuthenticationHandler.cs b/src/AspNet.Security.OAuth.Gitter/GitterAuthenticationHandler.cs
index 1bf28c400..62f587eed 100644
--- a/src/AspNet.Security.OAuth.Gitter/GitterAuthenticationHandler.cs
+++ b/src/AspNet.Security.OAuth.Gitter/GitterAuthenticationHandler.cs
@@ -32,11 +32,11 @@ public class GitterAuthenticationHandler : OAuthHandler<GitterAuthenticationOpti
         protected override async Task<AuthenticationTicket> CreateTicketAsync([NotNull] ClaimsIdentity identity,
             [NotNull] AuthenticationProperties properties, [NotNull] OAuthTokenResponse tokens)
         {
-            var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
+            using var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
             request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
             request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken);
 
-            var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
+            using var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
             if (!response.IsSuccessStatusCode)
             {
                 Logger.LogError("An error occurred while retrieving the user profile: the remote server " +
@@ -48,15 +48,14 @@ public class GitterAuthenticationHandler : OAuthHandler<GitterAuthenticationOpti
                 throw new HttpRequestException("An error occurred while retrieving the user profile.");
             }
 
-            using (var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync()))
-            {
-                var principal = new ClaimsPrincipal(identity);
-                var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
-                context.RunClaimActions();
+            using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync());
 
-                await Options.Events.CreatingTicket(context);
-                return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
-            }
+            var principal = new ClaimsPrincipal(identity);
+            var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
+            context.RunClaimActions();
+
+            await Options.Events.CreatingTicket(context);
+            return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
         }
     }
 }
diff --git a/src/AspNet.Security.OAuth.HealthGraph/HealthGraphAuthenticationHandler.cs b/src/AspNet.Security.OAuth.HealthGraph/HealthGraphAuthenticationHandler.cs
index 7b219e4d1..a29b36eac 100644
--- a/src/AspNet.Security.OAuth.HealthGraph/HealthGraphAuthenticationHandler.cs
+++ b/src/AspNet.Security.OAuth.HealthGraph/HealthGraphAuthenticationHandler.cs
@@ -32,11 +32,11 @@ public class HealthGraphAuthenticationHandler : OAuthHandler<HealthGraphAuthenti
         protected override async Task<AuthenticationTicket> CreateTicketAsync([NotNull] ClaimsIdentity identity,
             [NotNull] AuthenticationProperties properties, [NotNull] OAuthTokenResponse tokens)
         {
-            var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
+            using var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
             request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/vnd.com.runkeeper.User+json"));
             request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken);
 
-            var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
+            using var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
             if (!response.IsSuccessStatusCode)
             {
                 Logger.LogError("An error occurred while retrieving the user profile: the remote server " +
@@ -48,15 +48,14 @@ public class HealthGraphAuthenticationHandler : OAuthHandler<HealthGraphAuthenti
                 throw new HttpRequestException("An error occurred while retrieving the user profile.");
             }
 
-            using (var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync()))
-            {
-                var principal = new ClaimsPrincipal(identity);
-                var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
-                context.RunClaimActions();
+            using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync());
 
-                await Options.Events.CreatingTicket(context);
-                return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
-            }
+            var principal = new ClaimsPrincipal(identity);
+            var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
+            context.RunClaimActions();
+
+            await Options.Events.CreatingTicket(context);
+            return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
         }
     }
 }
diff --git a/src/AspNet.Security.OAuth.Imgur/ImgurAuthenticationHandler.cs b/src/AspNet.Security.OAuth.Imgur/ImgurAuthenticationHandler.cs
index f8fe48603..bba9a9281 100644
--- a/src/AspNet.Security.OAuth.Imgur/ImgurAuthenticationHandler.cs
+++ b/src/AspNet.Security.OAuth.Imgur/ImgurAuthenticationHandler.cs
@@ -32,11 +32,11 @@ public class ImgurAuthenticationHandler : OAuthHandler<ImgurAuthenticationOption
         protected override async Task<AuthenticationTicket> CreateTicketAsync([NotNull] ClaimsIdentity identity,
             [NotNull] AuthenticationProperties properties, [NotNull] OAuthTokenResponse tokens)
         {
-            var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
+            using var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
             request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
             request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken);
 
-            var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
+            using var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
             if (!response.IsSuccessStatusCode)
             {
                 Logger.LogError("An error occurred while retrieving the user profile: the remote server " +
@@ -48,15 +48,14 @@ public class ImgurAuthenticationHandler : OAuthHandler<ImgurAuthenticationOption
                 throw new HttpRequestException("An error occurred while retrieving the user profile.");
             }
 
-            using (var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync()))
-            {
-                var principal = new ClaimsPrincipal(identity);
-                var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
-                context.RunClaimActions(payload.RootElement.GetProperty("data"));
+            using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync());
 
-                await Options.Events.CreatingTicket(context);
-                return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
-            }
+            var principal = new ClaimsPrincipal(identity);
+            var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
+            context.RunClaimActions(payload.RootElement.GetProperty("data"));
+
+            await Options.Events.CreatingTicket(context);
+            return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
         }
     }
 }
diff --git a/src/AspNet.Security.OAuth.Instagram/InstagramAuthenticationHandler.cs b/src/AspNet.Security.OAuth.Instagram/InstagramAuthenticationHandler.cs
index 8acf2b85b..9afe7c56a 100644
--- a/src/AspNet.Security.OAuth.Instagram/InstagramAuthenticationHandler.cs
+++ b/src/AspNet.Security.OAuth.Instagram/InstagramAuthenticationHandler.cs
@@ -49,10 +49,10 @@ public class InstagramAuthenticationHandler : OAuthHandler<InstagramAuthenticati
                 address = QueryHelpers.AddQueryString(address, "sig", signature);
             }
 
-            var request = new HttpRequestMessage(HttpMethod.Get, address);
+            using var request = new HttpRequestMessage(HttpMethod.Get, address);
             request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
 
-            var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
+            using var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
             if (!response.IsSuccessStatusCode)
             {
                 Logger.LogError("An error occurred while retrieving the user profile: the remote server " +
@@ -64,15 +64,14 @@ public class InstagramAuthenticationHandler : OAuthHandler<InstagramAuthenticati
                 throw new HttpRequestException("An error occurred while retrieving the user profile.");
             }
 
-            using (var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync()))
-            {
-                var principal = new ClaimsPrincipal(identity);
-                var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
-                context.RunClaimActions(payload.RootElement.GetProperty("data"));
+            using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync());
 
-                await Options.Events.CreatingTicket(context);
-                return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
-            }
+            var principal = new ClaimsPrincipal(identity);
+            var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
+            context.RunClaimActions(payload.RootElement.GetProperty("data"));
+
+            await Options.Events.CreatingTicket(context);
+            return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
         }
 
         protected virtual string ComputeSignature(string address)
diff --git a/src/AspNet.Security.OAuth.LinkedIn/LinkedInAuthenticationHandler.cs b/src/AspNet.Security.OAuth.LinkedIn/LinkedInAuthenticationHandler.cs
index 760fee539..ff035a96b 100644
--- a/src/AspNet.Security.OAuth.LinkedIn/LinkedInAuthenticationHandler.cs
+++ b/src/AspNet.Security.OAuth.LinkedIn/LinkedInAuthenticationHandler.cs
@@ -41,11 +41,11 @@ public class LinkedInAuthenticationHandler : OAuthHandler<LinkedInAuthentication
                 address = address.Insert(address.LastIndexOf("~") + 1, $":({ string.Join(",", Options.Fields)})");
             }
 
-            var request = new HttpRequestMessage(HttpMethod.Get, address);
+            using var request = new HttpRequestMessage(HttpMethod.Get, address);
             request.Headers.Add("x-li-format", "json");
             request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken);
 
-            var response = await Backchannel.SendAsync(request, Context.RequestAborted);
+            using var response = await Backchannel.SendAsync(request, Context.RequestAborted);
             if (!response.IsSuccessStatusCode)
             {
                 Logger.LogError("An error occurred while retrieving the user profile: the remote server " +
@@ -57,15 +57,14 @@ public class LinkedInAuthenticationHandler : OAuthHandler<LinkedInAuthentication
                 throw new HttpRequestException("An error occurred while retrieving the user profile.");
             }
 
-            using (var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync()))
-            {
-                var principal = new ClaimsPrincipal(identity);
-                var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
-                context.RunClaimActions();
+            using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync());
 
-                await Options.Events.CreatingTicket(context);
-                return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
-            }
+            var principal = new ClaimsPrincipal(identity);
+            var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
+            context.RunClaimActions();
+
+            await Options.Events.CreatingTicket(context);
+            return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
         }
     }
 }
diff --git a/src/AspNet.Security.OAuth.MailChimp/MailChimpAuthenticationHandler.cs b/src/AspNet.Security.OAuth.MailChimp/MailChimpAuthenticationHandler.cs
index 9a483ea5b..9d4bfe5fe 100644
--- a/src/AspNet.Security.OAuth.MailChimp/MailChimpAuthenticationHandler.cs
+++ b/src/AspNet.Security.OAuth.MailChimp/MailChimpAuthenticationHandler.cs
@@ -32,11 +32,11 @@ public class MailChimpAuthenticationHandler : OAuthHandler<MailChimpAuthenticati
         protected override async Task<AuthenticationTicket> CreateTicketAsync([NotNull] ClaimsIdentity identity,
             [NotNull] AuthenticationProperties properties, [NotNull] OAuthTokenResponse tokens)
         {
-            var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
+            using var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
             request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
             request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken);
 
-            var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
+            using var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
             if (!response.IsSuccessStatusCode)
             {
                 Logger.LogError("An error occurred while retrieving the user profile: the remote server " +
@@ -48,15 +48,14 @@ public class MailChimpAuthenticationHandler : OAuthHandler<MailChimpAuthenticati
                 throw new HttpRequestException("An error occurred while retrieving the user profile.");
             }
 
-            using (var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync()))
-            {
-                var principal = new ClaimsPrincipal(identity);
-                var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
-                context.RunClaimActions();
+            using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync());
 
-                await Options.Events.CreatingTicket(context);
-                return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
-            }
+            var principal = new ClaimsPrincipal(identity);
+            var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
+            context.RunClaimActions();
+
+            await Options.Events.CreatingTicket(context);
+            return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
         }
     }
 }
diff --git a/src/AspNet.Security.OAuth.Onshape/OnshapeAuthenticationHandler.cs b/src/AspNet.Security.OAuth.Onshape/OnshapeAuthenticationHandler.cs
index ad7c9cb8d..aa43093e2 100644
--- a/src/AspNet.Security.OAuth.Onshape/OnshapeAuthenticationHandler.cs
+++ b/src/AspNet.Security.OAuth.Onshape/OnshapeAuthenticationHandler.cs
@@ -32,11 +32,11 @@ public class OnshapeAuthenticationHandler : OAuthHandler<OnshapeAuthenticationOp
         protected override async Task<AuthenticationTicket> CreateTicketAsync([NotNull] ClaimsIdentity identity,
             [NotNull] AuthenticationProperties properties, [NotNull] OAuthTokenResponse tokens)
         {
-            var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
+            using var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
             request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
             request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken);
 
-            var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
+            using var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
             if (!response.IsSuccessStatusCode)
             {
                 Logger.LogError("An error occurred while retrieving the user profile: the remote server " +
@@ -48,15 +48,14 @@ public class OnshapeAuthenticationHandler : OAuthHandler<OnshapeAuthenticationOp
                 throw new HttpRequestException("An error occurred while retrieving the user profile.");
             }
 
-            using (var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync()))
-            {
-                var principal = new ClaimsPrincipal(identity);
-                var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
-                context.RunClaimActions();
+            using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync());
 
-                await Options.Events.CreatingTicket(context);
-                return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
-            }
+            var principal = new ClaimsPrincipal(identity);
+            var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
+            context.RunClaimActions();
+
+            await Options.Events.CreatingTicket(context);
+            return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
         }
     }
 }
diff --git a/src/AspNet.Security.OAuth.Patreon/PatreonAuthenticationHandler.cs b/src/AspNet.Security.OAuth.Patreon/PatreonAuthenticationHandler.cs
index 601360d84..4b24c6a6b 100644
--- a/src/AspNet.Security.OAuth.Patreon/PatreonAuthenticationHandler.cs
+++ b/src/AspNet.Security.OAuth.Patreon/PatreonAuthenticationHandler.cs
@@ -32,11 +32,11 @@ public class PatreonAuthenticationHandler : OAuthHandler<PatreonAuthenticationOp
         protected override async Task<AuthenticationTicket> CreateTicketAsync([NotNull] ClaimsIdentity identity,
             [NotNull] AuthenticationProperties properties, [NotNull] OAuthTokenResponse tokens)
         {
-            var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
+            using var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
             request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
             request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken);
 
-            var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
+            using var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
             if (!response.IsSuccessStatusCode)
             {
                 Logger.LogError("An error occurred while retrieving the user profile: the remote server " +
@@ -48,15 +48,14 @@ public class PatreonAuthenticationHandler : OAuthHandler<PatreonAuthenticationOp
                 throw new HttpRequestException("An error occurred while retrieving the user profile.");
             }
 
-            using (var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync()))
-            {
-                var principal = new ClaimsPrincipal(identity);
-                var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
-                context.RunClaimActions(payload.RootElement.GetProperty("data"));
+            using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync());
 
-                await Options.Events.CreatingTicket(context);
-                return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
-            }
+            var principal = new ClaimsPrincipal(identity);
+            var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
+            context.RunClaimActions(payload.RootElement.GetProperty("data"));
+
+            await Options.Events.CreatingTicket(context);
+            return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
         }
     }
 }
diff --git a/src/AspNet.Security.OAuth.Paypal/PaypalAuthenticationHandler.cs b/src/AspNet.Security.OAuth.Paypal/PaypalAuthenticationHandler.cs
index 7a1eb7f70..67d7da87a 100644
--- a/src/AspNet.Security.OAuth.Paypal/PaypalAuthenticationHandler.cs
+++ b/src/AspNet.Security.OAuth.Paypal/PaypalAuthenticationHandler.cs
@@ -32,11 +32,11 @@ public class PaypalAuthenticationHandler : OAuthHandler<PaypalAuthenticationOpti
         protected override async Task<AuthenticationTicket> CreateTicketAsync([NotNull] ClaimsIdentity identity,
             [NotNull] AuthenticationProperties properties, [NotNull] OAuthTokenResponse tokens)
         {
-            var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
+            using var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
             request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
             request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken);
 
-            var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
+            using var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
             if (!response.IsSuccessStatusCode)
             {
                 Logger.LogError("An error occurred while retrieving the user profile: the remote server " +
@@ -48,15 +48,14 @@ public class PaypalAuthenticationHandler : OAuthHandler<PaypalAuthenticationOpti
                 throw new HttpRequestException("An error occurred while retrieving the user profile.");
             }
 
-            using (var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync()))
-            {
-                var principal = new ClaimsPrincipal(identity);
-                var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
-                context.RunClaimActions();
+            using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync());
 
-                await Options.Events.CreatingTicket(context);
-                return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
-            }
+            var principal = new ClaimsPrincipal(identity);
+            var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
+            context.RunClaimActions();
+
+            await Options.Events.CreatingTicket(context);
+            return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
         }
     }
 }
diff --git a/src/AspNet.Security.OAuth.QQ/QQAuthenticationHandler.cs b/src/AspNet.Security.OAuth.QQ/QQAuthenticationHandler.cs
index 118c69f3c..d9b4f118b 100644
--- a/src/AspNet.Security.OAuth.QQ/QQAuthenticationHandler.cs
+++ b/src/AspNet.Security.OAuth.QQ/QQAuthenticationHandler.cs
@@ -53,7 +53,7 @@ public class QQAuthenticationHandler : OAuthHandler<QQAuthenticationOptions>
                 ["openid"] = identifier,
             });
 
-            var response = await Backchannel.GetAsync(address);
+            using var response = await Backchannel.GetAsync(address);
             if (!response.IsSuccessStatusCode)
             {
                 Logger.LogError("An error occurred while retrieving the user profile: the remote server " +
@@ -65,26 +65,25 @@ public class QQAuthenticationHandler : OAuthHandler<QQAuthenticationOptions>
                 throw new HttpRequestException("An error occurred while retrieving user information.");
             }
 
-            using (var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync()))
+            using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync());
+
+            var status = payload.RootElement.GetProperty("ret").GetInt32();
+            if (status != 0)
             {
-                var status = payload.RootElement.GetProperty("ret").GetInt32();
-                if (status != 0)
-                {
-                    Logger.LogError("An error occurred while retrieving the user profile: the remote server " +
-                                    "returned a {Status} response with the following message: {Message}.",
-                                    /* Status: */ status,
-                                    /* Message: */ payload.RootElement.GetString("msg"));
+                Logger.LogError("An error occurred while retrieving the user profile: the remote server " +
+                                "returned a {Status} response with the following message: {Message}.",
+                                /* Status: */ status,
+                                /* Message: */ payload.RootElement.GetString("msg"));
 
-                    throw new HttpRequestException("An error occurred while retrieving user information.");
-                }
+                throw new HttpRequestException("An error occurred while retrieving user information.");
+            }
 
-                var principal = new ClaimsPrincipal(identity);
-                var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
-                context.RunClaimActions();
+            var principal = new ClaimsPrincipal(identity);
+            var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
+            context.RunClaimActions();
 
-                await Options.Events.CreatingTicket(context);
-                return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
-            }
+            await Options.Events.CreatingTicket(context);
+            return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
         }
 
         protected override async Task<OAuthTokenResponse> ExchangeCodeAsync([NotNull] string code, [NotNull] string redirectUri)
@@ -98,9 +97,9 @@ protected override async Task<OAuthTokenResponse> ExchangeCodeAsync([NotNull] st
                 ["grant_type"] = "authorization_code",
             });
 
-            var request = new HttpRequestMessage(HttpMethod.Get, address);
+            using var request = new HttpRequestMessage(HttpMethod.Get, address);
 
-            var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
+            using var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
             if (!response.IsSuccessStatusCode)
             {
                 Logger.LogError("An error occurred while retrieving an access token: the remote server " +
@@ -121,9 +120,9 @@ protected override async Task<OAuthTokenResponse> ExchangeCodeAsync([NotNull] st
         private async Task<string> GetUserIdentifierAsync(OAuthTokenResponse tokens)
         {
             var address = QueryHelpers.AddQueryString(Options.UserIdentificationEndpoint, "access_token", tokens.AccessToken);
-            var request = new HttpRequestMessage(HttpMethod.Get, address);
+            using var request = new HttpRequestMessage(HttpMethod.Get, address);
 
-            var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
+            using var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
             if (!response.IsSuccessStatusCode)
             {
                 Logger.LogError("An error occurred while retrieving the user identifier: the remote server " +
@@ -143,10 +142,8 @@ private async Task<string> GetUserIdentifierAsync(OAuthTokenResponse tokens)
                 body = body.Substring(index, body.LastIndexOf("}") - index + 1);
             }
 
-            using (var payload = JsonDocument.Parse(body))
-            {
-                return payload.RootElement.GetString("openid");
-            }
+            using var payload = JsonDocument.Parse(body);
+            return payload.RootElement.GetString("openid");
         }
 
         protected override string FormatScope() => string.Join(",", Options.Scope);
diff --git a/src/AspNet.Security.OAuth.Reddit/RedditAuthenticationHandler.cs b/src/AspNet.Security.OAuth.Reddit/RedditAuthenticationHandler.cs
index 5791cb066..681866dbf 100644
--- a/src/AspNet.Security.OAuth.Reddit/RedditAuthenticationHandler.cs
+++ b/src/AspNet.Security.OAuth.Reddit/RedditAuthenticationHandler.cs
@@ -36,7 +36,7 @@ public class RedditAuthenticationHandler : OAuthHandler<RedditAuthenticationOpti
         protected override async Task<AuthenticationTicket> CreateTicketAsync([NotNull] ClaimsIdentity identity,
             [NotNull] AuthenticationProperties properties, [NotNull] OAuthTokenResponse tokens)
         {
-            var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
+            using var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
             request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
             request.Headers.Authorization = new AuthenticationHeaderValue("bearer", tokens.AccessToken);
 
@@ -47,7 +47,7 @@ public class RedditAuthenticationHandler : OAuthHandler<RedditAuthenticationOpti
                 request.Headers.UserAgent.ParseAdd(Options.UserAgent);
             }
 
-            var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
+            using var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
             if (!response.IsSuccessStatusCode)
             {
                 Logger.LogError("An error occurred while retrieving the user profile: the remote server " +
@@ -59,15 +59,14 @@ public class RedditAuthenticationHandler : OAuthHandler<RedditAuthenticationOpti
                 throw new HttpRequestException("An error occurred while retrieving the user profile.");
             }
 
-            using (var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync()))
-            {
-                var principal = new ClaimsPrincipal(identity);
-                var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
-                context.RunClaimActions();
+            using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync());
 
-                await Options.Events.CreatingTicket(context);
-                return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
-            }
+            var principal = new ClaimsPrincipal(identity);
+            var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
+            context.RunClaimActions();
+
+            await Options.Events.CreatingTicket(context);
+            return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
         }
 
         protected override string BuildChallengeUrl(AuthenticationProperties properties, string redirectUri)
@@ -91,7 +90,7 @@ protected override async Task<OAuthTokenResponse> ExchangeCodeAsync([NotNull] st
         {
             var credentials = Convert.ToBase64String(Encoding.UTF8.GetBytes($"{Options.ClientId}:{Options.ClientSecret}"));
 
-            var request = new HttpRequestMessage(HttpMethod.Post, Options.TokenEndpoint);
+            using var request = new HttpRequestMessage(HttpMethod.Post, Options.TokenEndpoint);
             request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
             request.Headers.Authorization = new AuthenticationHeaderValue("Basic", credentials);
 
@@ -109,7 +108,7 @@ protected override async Task<OAuthTokenResponse> ExchangeCodeAsync([NotNull] st
                 ["code"] = code
             });
 
-            var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
+            using var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
             if (!response.IsSuccessStatusCode)
             {
                 Logger.LogError("An error occurred while retrieving an access token: the remote server " +
diff --git a/src/AspNet.Security.OAuth.Salesforce/SalesforceAuthenticationHandler.cs b/src/AspNet.Security.OAuth.Salesforce/SalesforceAuthenticationHandler.cs
index a11101602..3968c6eb7 100644
--- a/src/AspNet.Security.OAuth.Salesforce/SalesforceAuthenticationHandler.cs
+++ b/src/AspNet.Security.OAuth.Salesforce/SalesforceAuthenticationHandler.cs
@@ -34,12 +34,12 @@ public class SalesforceAuthenticationHandler : OAuthHandler<SalesforceAuthentica
         {
             // Note: unlike the other social providers, the userinfo endpoint is user-specific and can't be set globally.
             // For more information, see https://developer.salesforce.com/page/Digging_Deeper_into_OAuth_2.0_on_Force.com
-            var request = new HttpRequestMessage(HttpMethod.Get, tokens.Response.RootElement.GetString("id"));
+            using var request = new HttpRequestMessage(HttpMethod.Get, tokens.Response.RootElement.GetString("id"));
 
             request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken);
             request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
 
-            var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
+            using var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
             if (!response.IsSuccessStatusCode)
             {
                 Logger.LogError("An error occurred while retrieving the user profile: the remote server " +
@@ -51,15 +51,14 @@ public class SalesforceAuthenticationHandler : OAuthHandler<SalesforceAuthentica
                 throw new HttpRequestException("An error occurred while retrieving the user from the Salesforce identity service.");
             }
 
-            using (var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync()))
-            {
-                var principal = new ClaimsPrincipal(identity);
-                var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
-                context.RunClaimActions();
+            using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync());
 
-                await Options.Events.CreatingTicket(context);
-                return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
-            }
+            var principal = new ClaimsPrincipal(identity);
+            var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
+            context.RunClaimActions();
+
+            await Options.Events.CreatingTicket(context);
+            return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
         }
     }
 }
diff --git a/src/AspNet.Security.OAuth.Slack/SlackAuthenticationHandler.cs b/src/AspNet.Security.OAuth.Slack/SlackAuthenticationHandler.cs
index 097459f29..5fb655e80 100644
--- a/src/AspNet.Security.OAuth.Slack/SlackAuthenticationHandler.cs
+++ b/src/AspNet.Security.OAuth.Slack/SlackAuthenticationHandler.cs
@@ -35,10 +35,10 @@ public class SlackAuthenticationHandler : OAuthHandler<SlackAuthenticationOption
         {
             var address = QueryHelpers.AddQueryString(Options.UserInformationEndpoint, "token", tokens.AccessToken);
 
-            var request = new HttpRequestMessage(HttpMethod.Get, address);
+            using var request = new HttpRequestMessage(HttpMethod.Get, address);
             request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
 
-            var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
+            using var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
             if (!response.IsSuccessStatusCode)
             {
                 Logger.LogError("An error occurred while retrieving the user profile: the remote server " +
@@ -50,15 +50,14 @@ public class SlackAuthenticationHandler : OAuthHandler<SlackAuthenticationOption
                 throw new HttpRequestException("An error occurred while retrieving the user profile.");
             }
 
-            using (var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync()))
-            {
-                var principal = new ClaimsPrincipal(identity);
-                var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
-                context.RunClaimActions();
+            using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync());
 
-                await Options.Events.CreatingTicket(context);
-                return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
-            }
+            var principal = new ClaimsPrincipal(identity);
+            var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
+            context.RunClaimActions();
+
+            await Options.Events.CreatingTicket(context);
+            return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
         }
     }
 }
diff --git a/src/AspNet.Security.OAuth.SoundCloud/SoundCloudAuthenticationHandler.cs b/src/AspNet.Security.OAuth.SoundCloud/SoundCloudAuthenticationHandler.cs
index fc932c614..be9e16dba 100644
--- a/src/AspNet.Security.OAuth.SoundCloud/SoundCloudAuthenticationHandler.cs
+++ b/src/AspNet.Security.OAuth.SoundCloud/SoundCloudAuthenticationHandler.cs
@@ -35,10 +35,10 @@ public class SoundCloudAuthenticationHandler : OAuthHandler<SoundCloudAuthentica
         {
             var address = QueryHelpers.AddQueryString(Options.UserInformationEndpoint, "oauth_token", tokens.AccessToken);
 
-            var request = new HttpRequestMessage(HttpMethod.Get, address);
+            using var request = new HttpRequestMessage(HttpMethod.Get, address);
             request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
 
-            var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
+            using var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
             if (!response.IsSuccessStatusCode)
             {
                 Logger.LogError("An error occurred while retrieving the user profile: the remote server " +
@@ -50,15 +50,14 @@ public class SoundCloudAuthenticationHandler : OAuthHandler<SoundCloudAuthentica
                 throw new HttpRequestException("An error occurred while retrieving the user profile.");
             }
 
-            using (var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync()))
-            {
-                var principal = new ClaimsPrincipal(identity);
-                var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
-                context.RunClaimActions();
+            using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync());
 
-                await Options.Events.CreatingTicket(context);
-                return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
-            }
+            var principal = new ClaimsPrincipal(identity);
+            var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
+            context.RunClaimActions();
+
+            await Options.Events.CreatingTicket(context);
+            return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
         }
     }
 }
diff --git a/src/AspNet.Security.OAuth.Spotify/SpotifyAuthenticationHandler.cs b/src/AspNet.Security.OAuth.Spotify/SpotifyAuthenticationHandler.cs
index 45c2e2256..bf6b806a5 100644
--- a/src/AspNet.Security.OAuth.Spotify/SpotifyAuthenticationHandler.cs
+++ b/src/AspNet.Security.OAuth.Spotify/SpotifyAuthenticationHandler.cs
@@ -32,11 +32,11 @@ public class SpotifyAuthenticationHandler : OAuthHandler<SpotifyAuthenticationOp
         protected override async Task<AuthenticationTicket> CreateTicketAsync([NotNull] ClaimsIdentity identity,
             [NotNull] AuthenticationProperties properties, [NotNull] OAuthTokenResponse tokens)
         {
-            var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
+            using var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
             request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
             request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken);
 
-            var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
+            using var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
             if (!response.IsSuccessStatusCode)
             {
                 Logger.LogError("An error occurred while retrieving the user profile: the remote server " +
@@ -48,15 +48,14 @@ public class SpotifyAuthenticationHandler : OAuthHandler<SpotifyAuthenticationOp
                 throw new HttpRequestException("An error occurred while retrieving the user profile.");
             }
 
-            using (var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync()))
-            {
-                var principal = new ClaimsPrincipal(identity);
-                var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
-                context.RunClaimActions();
+            using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync());
 
-                await Options.Events.CreatingTicket(context);
-                return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
-            }
+            var principal = new ClaimsPrincipal(identity);
+            var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
+            context.RunClaimActions();
+
+            await Options.Events.CreatingTicket(context);
+            return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
         }
     }
 }
diff --git a/src/AspNet.Security.OAuth.StackExchange/StackExchangeAuthenticationHandler.cs b/src/AspNet.Security.OAuth.StackExchange/StackExchangeAuthenticationHandler.cs
index a2ae26ec2..3d53def61 100644
--- a/src/AspNet.Security.OAuth.StackExchange/StackExchangeAuthenticationHandler.cs
+++ b/src/AspNet.Security.OAuth.StackExchange/StackExchangeAuthenticationHandler.cs
@@ -56,10 +56,10 @@ public class StackExchangeAuthenticationHandler : OAuthHandler<StackExchangeAuth
 
             var address = QueryHelpers.AddQueryString(Options.UserInformationEndpoint, queryArguments);
 
-            var request = new HttpRequestMessage(HttpMethod.Get, address);
+            using var request = new HttpRequestMessage(HttpMethod.Get, address);
             request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
 
-            var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
+            using var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
             if (!response.IsSuccessStatusCode)
             {
                 Logger.LogError("An error occurred while retrieving the user profile: the remote server " +
@@ -71,20 +71,19 @@ public class StackExchangeAuthenticationHandler : OAuthHandler<StackExchangeAuth
                 throw new HttpRequestException("An error occurred while retrieving the user profile.");
             }
 
-            using (var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync()))
-            {
-                var principal = new ClaimsPrincipal(identity);
-                var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
-                context.RunClaimActions(payload.RootElement.GetProperty("items").EnumerateArray().First());
+            using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync());
 
-                await Options.Events.CreatingTicket(context);
-                return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
-            }
+            var principal = new ClaimsPrincipal(identity);
+            var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
+            context.RunClaimActions(payload.RootElement.GetProperty("items").EnumerateArray().First());
+
+            await Options.Events.CreatingTicket(context);
+            return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
         }
 
         protected override async Task<OAuthTokenResponse> ExchangeCodeAsync([NotNull] string code, [NotNull] string redirectUri)
         {
-            var request = new HttpRequestMessage(HttpMethod.Post, Options.TokenEndpoint)
+            using var request = new HttpRequestMessage(HttpMethod.Post, Options.TokenEndpoint)
             {
                 Content = new FormUrlEncodedContent(new Dictionary<string, string>
                 {
@@ -96,7 +95,7 @@ protected override async Task<OAuthTokenResponse> ExchangeCodeAsync([NotNull] st
                 })
             };
 
-            var response = await Backchannel.SendAsync(request, Context.RequestAborted);
+            using var response = await Backchannel.SendAsync(request, Context.RequestAborted);
             if (!response.IsSuccessStatusCode)
             {
                 Logger.LogError("An error occurred while retrieving an access token: the remote server " +
diff --git a/src/AspNet.Security.OAuth.Strava/StravaAuthenticationHandler.cs b/src/AspNet.Security.OAuth.Strava/StravaAuthenticationHandler.cs
index a3421c8aa..7660e1e89 100644
--- a/src/AspNet.Security.OAuth.Strava/StravaAuthenticationHandler.cs
+++ b/src/AspNet.Security.OAuth.Strava/StravaAuthenticationHandler.cs
@@ -35,11 +35,11 @@ public class StravaAuthenticationHandler : OAuthHandler<StravaAuthenticationOpti
         protected override async Task<AuthenticationTicket> CreateTicketAsync([NotNull] ClaimsIdentity identity,
             [NotNull] AuthenticationProperties properties, [NotNull] OAuthTokenResponse tokens)
         {
-            var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
+            using var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
             request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
             request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken);
 
-            var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
+            using var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
             if (!response.IsSuccessStatusCode)
             {
                 Logger.LogError("An error occurred while retrieving the user profile: the remote server " +
@@ -51,15 +51,14 @@ public class StravaAuthenticationHandler : OAuthHandler<StravaAuthenticationOpti
                 throw new HttpRequestException("An error occurred while retrieving the user profile.");
             }
 
-            using (var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync()))
-            {
-                var principal = new ClaimsPrincipal(identity);
-                var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
-                context.RunClaimActions();
+            using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync());
 
-                await Options.Events.CreatingTicket(context);
-                return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
-            }
+            var principal = new ClaimsPrincipal(identity);
+            var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
+            context.RunClaimActions();
+
+            await Options.Events.CreatingTicket(context);
+            return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
         }
 
         protected override string FormatScope() => string.Join(",", Options.Scope);
diff --git a/src/AspNet.Security.OAuth.Twitch/TwitchAuthenticationHandler.cs b/src/AspNet.Security.OAuth.Twitch/TwitchAuthenticationHandler.cs
index 5ee45c94e..ef169c93a 100644
--- a/src/AspNet.Security.OAuth.Twitch/TwitchAuthenticationHandler.cs
+++ b/src/AspNet.Security.OAuth.Twitch/TwitchAuthenticationHandler.cs
@@ -45,11 +45,11 @@ protected override string BuildChallengeUrl(AuthenticationProperties properties,
         protected override async Task<AuthenticationTicket> CreateTicketAsync([NotNull] ClaimsIdentity identity,
             [NotNull] AuthenticationProperties properties, [NotNull] OAuthTokenResponse tokens)
         {
-            var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
+            using var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
             request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
             request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken);
 
-            var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
+            using var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
             if (!response.IsSuccessStatusCode)
             {
                 Logger.LogError("An error occurred while retrieving the user profile: the remote server " +
@@ -61,15 +61,14 @@ protected override string BuildChallengeUrl(AuthenticationProperties properties,
                 throw new HttpRequestException("An error occurred while retrieving the user profile.");
             }
 
-            using (var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync()))
-            {
-                var principal = new ClaimsPrincipal(identity);
-                var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
-                context.RunClaimActions();
+            using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync());
 
-                await Options.Events.CreatingTicket(context);
-                return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
-            }
+            var principal = new ClaimsPrincipal(identity);
+            var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
+            context.RunClaimActions();
+
+            await Options.Events.CreatingTicket(context);
+            return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
         }
     }
 }
diff --git a/src/AspNet.Security.OAuth.Untappd/UntappdAuthenticationHandler.cs b/src/AspNet.Security.OAuth.Untappd/UntappdAuthenticationHandler.cs
index 844dfa716..dbc3444c9 100644
--- a/src/AspNet.Security.OAuth.Untappd/UntappdAuthenticationHandler.cs
+++ b/src/AspNet.Security.OAuth.Untappd/UntappdAuthenticationHandler.cs
@@ -32,11 +32,11 @@ public class UntappdAuthenticationHandler : OAuthHandler<UntappdAuthenticationOp
         protected override async Task<AuthenticationTicket> CreateTicketAsync([NotNull] ClaimsIdentity identity,
             [NotNull] AuthenticationProperties properties, [NotNull] OAuthTokenResponse tokens)
         {
-            var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
+            using var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
             request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
             request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken);
 
-            var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
+            using var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
             if (!response.IsSuccessStatusCode)
             {
                 Logger.LogError("An error occurred while retrieving the user profile: the remote server " +
@@ -48,15 +48,14 @@ public class UntappdAuthenticationHandler : OAuthHandler<UntappdAuthenticationOp
                 throw new HttpRequestException("An error occurred while retrieving the user profile.");
             }
 
-            using (var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync()))
-            {
-                var principal = new ClaimsPrincipal(identity);
-                var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
-                context.RunClaimActions(payload.RootElement.GetProperty("user"));
+            using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync());
 
-                await Options.Events.CreatingTicket(context);
-                return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
-            }
+            var principal = new ClaimsPrincipal(identity);
+            var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
+            context.RunClaimActions(payload.RootElement.GetProperty("user"));
+
+            await Options.Events.CreatingTicket(context);
+            return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
         }
     }
 }
diff --git a/src/AspNet.Security.OAuth.Vimeo/VimeoAuthenticationHandler.cs b/src/AspNet.Security.OAuth.Vimeo/VimeoAuthenticationHandler.cs
index da8ffa835..c9b46c675 100644
--- a/src/AspNet.Security.OAuth.Vimeo/VimeoAuthenticationHandler.cs
+++ b/src/AspNet.Security.OAuth.Vimeo/VimeoAuthenticationHandler.cs
@@ -32,11 +32,11 @@ public class VimeoAuthenticationHandler : OAuthHandler<VimeoAuthenticationOption
         protected override async Task<AuthenticationTicket> CreateTicketAsync([NotNull] ClaimsIdentity identity,
             [NotNull] AuthenticationProperties properties, [NotNull] OAuthTokenResponse tokens)
         {
-            var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
+            using var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
             request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
             request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken);
 
-            var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
+            using var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
             if (!response.IsSuccessStatusCode)
             {
                 Logger.LogError("An error occurred while retrieving the user profile: the remote server " +
@@ -48,15 +48,14 @@ public class VimeoAuthenticationHandler : OAuthHandler<VimeoAuthenticationOption
                 throw new HttpRequestException("An error occurred while retrieving the user profile.");
             }
 
-            using (var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync()))
-            {
-                var principal = new ClaimsPrincipal(identity);
-                var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
-                context.RunClaimActions();
+            using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync());
 
-                await Options.Events.CreatingTicket(context);
-                return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
-            }
+            var principal = new ClaimsPrincipal(identity);
+            var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
+            context.RunClaimActions();
+
+            await Options.Events.CreatingTicket(context);
+            return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
         }
     }
 }
diff --git a/src/AspNet.Security.OAuth.VisualStudio/VisualStudioAuthenticationHandler.cs b/src/AspNet.Security.OAuth.VisualStudio/VisualStudioAuthenticationHandler.cs
index 7278020e6..c56c667f2 100644
--- a/src/AspNet.Security.OAuth.VisualStudio/VisualStudioAuthenticationHandler.cs
+++ b/src/AspNet.Security.OAuth.VisualStudio/VisualStudioAuthenticationHandler.cs
@@ -35,11 +35,11 @@ public class VisualStudioAuthenticationHandler : OAuthHandler<VisualStudioAuthen
         protected override async Task<AuthenticationTicket> CreateTicketAsync([NotNull] ClaimsIdentity identity,
             [NotNull] AuthenticationProperties properties, [NotNull] OAuthTokenResponse tokens)
         {
-            var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
+            using var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
             request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
             request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken);
 
-            var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
+            using var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
             if (!response.IsSuccessStatusCode)
             {
                 Logger.LogError("An error occurred while retrieving the user profile: the remote server " +
@@ -51,20 +51,19 @@ public class VisualStudioAuthenticationHandler : OAuthHandler<VisualStudioAuthen
                 throw new HttpRequestException("An error occurred while retrieving the user profile.");
             }
 
-            using (var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync()))
-            {
-                var principal = new ClaimsPrincipal(identity);
-                var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
-                context.RunClaimActions();
+            var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync());
 
-                await Options.Events.CreatingTicket(context);
-                return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
-            }
+            var principal = new ClaimsPrincipal(identity);
+            var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
+            context.RunClaimActions();
+
+            await Options.Events.CreatingTicket(context);
+            return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
         }
 
         protected override async Task<OAuthTokenResponse> ExchangeCodeAsync([NotNull] string code, [NotNull] string redirectUri)
         {
-            var request = new HttpRequestMessage(HttpMethod.Post, Options.TokenEndpoint);
+            using var request = new HttpRequestMessage(HttpMethod.Post, Options.TokenEndpoint);
             request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/x-www-form-urlencoded"));
 
             request.Content = new FormUrlEncodedContent(new Dictionary<string, string>
@@ -76,7 +75,7 @@ protected override async Task<OAuthTokenResponse> ExchangeCodeAsync([NotNull] st
                 ["client_assertion_type"] = "urn:ietf:params:oauth:client-assertion-type:jwt-bearer"
             });
 
-            var response = await Backchannel.SendAsync(request, Context.RequestAborted);
+            using var response = await Backchannel.SendAsync(request, Context.RequestAborted);
 
             if (!response.IsSuccessStatusCode)
             {
diff --git a/src/AspNet.Security.OAuth.Vkontakte/VkontakteAuthenticationHandler.cs b/src/AspNet.Security.OAuth.Vkontakte/VkontakteAuthenticationHandler.cs
index f5f39a99c..d2fd34ed3 100644
--- a/src/AspNet.Security.OAuth.Vkontakte/VkontakteAuthenticationHandler.cs
+++ b/src/AspNet.Security.OAuth.Vkontakte/VkontakteAuthenticationHandler.cs
@@ -45,7 +45,7 @@ public class VkontakteAuthenticationHandler : OAuthHandler<VkontakteAuthenticati
                 address = QueryHelpers.AddQueryString(address, "fields", string.Join(",", Options.Fields));
             }
 
-            var response = await Backchannel.GetAsync(address, Context.RequestAborted);
+            using var response = await Backchannel.GetAsync(address, Context.RequestAborted);
             if (!response.IsSuccessStatusCode)
             {
                 Logger.LogError("An error occurred while retrieving the user profile: the remote server " +
@@ -57,25 +57,20 @@ public class VkontakteAuthenticationHandler : OAuthHandler<VkontakteAuthenticati
                 throw new HttpRequestException("An error occurred while retrieving the user profile.");
             }
 
-            using (var container = JsonDocument.Parse(await response.Content.ReadAsStringAsync()))
-            {
-                JsonElement payload;
+            using var container = JsonDocument.Parse(await response.Content.ReadAsStringAsync());
 
-                using (var enumerator = container.RootElement.GetProperty("response").EnumerateArray())
-                {
-                    payload = enumerator.First();
-                }
+            using var enumerator = container.RootElement.GetProperty("response").EnumerateArray();
+            var payload = enumerator.First();
 
-                var principal = new ClaimsPrincipal(identity);
-                var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload);
-                context.RunClaimActions();
+            var principal = new ClaimsPrincipal(identity);
+            var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload);
+            context.RunClaimActions();
 
-                // Re-run to get the email claim from the tokens response
-                context.RunClaimActions(tokens.Response.RootElement);
+            // Re-run to get the email claim from the tokens response
+            context.RunClaimActions(tokens.Response.RootElement);
 
-                await Options.Events.CreatingTicket(context);
-                return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
-            }
+            await Options.Events.CreatingTicket(context);
+            return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
         }
     }
 }
diff --git a/src/AspNet.Security.OAuth.Weibo/WeiboAuthenticationHandler.cs b/src/AspNet.Security.OAuth.Weibo/WeiboAuthenticationHandler.cs
index 84fe7cd4c..825162f94 100644
--- a/src/AspNet.Security.OAuth.Weibo/WeiboAuthenticationHandler.cs
+++ b/src/AspNet.Security.OAuth.Weibo/WeiboAuthenticationHandler.cs
@@ -41,10 +41,10 @@ public class WeiboAuthenticationHandler : OAuthHandler<WeiboAuthenticationOption
                 ["uid"] = tokens.Response.RootElement.GetString("uid")
             });
 
-            var request = new HttpRequestMessage(HttpMethod.Get, address);
+            using var request = new HttpRequestMessage(HttpMethod.Get, address);
             request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
 
-            var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
+            using var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
             if (!response.IsSuccessStatusCode)
             {
                 Logger.LogError("An error occurred while retrieving the user profile: the remote server " +
@@ -56,27 +56,26 @@ public class WeiboAuthenticationHandler : OAuthHandler<WeiboAuthenticationOption
                 throw new HttpRequestException("An error occurred while retrieving the user profile.");
             }
 
-            using (var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync()))
+            using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync());
+
+            // When the email address is not public, retrieve it from
+            // the emails endpoint if the user:email scope is specified.
+            if (!string.IsNullOrEmpty(Options.UserEmailsEndpoint) &&
+                !identity.HasClaim(claim => claim.Type == ClaimTypes.Email) && Options.Scope.Contains("email"))
             {
-                // When the email address is not public, retrieve it from
-                // the emails endpoint if the user:email scope is specified.
-                if (!string.IsNullOrEmpty(Options.UserEmailsEndpoint) &&
-                    !identity.HasClaim(claim => claim.Type == ClaimTypes.Email) && Options.Scope.Contains("email"))
+                var email = await GetEmailAsync(tokens);
+                if (!string.IsNullOrEmpty(address))
                 {
-                    var email = await GetEmailAsync(tokens);
-                    if (!string.IsNullOrEmpty(address))
-                    {
-                        identity.AddClaim(new Claim(ClaimTypes.Email, email, ClaimValueTypes.String, Options.ClaimsIssuer));
-                    }
+                    identity.AddClaim(new Claim(ClaimTypes.Email, email, ClaimValueTypes.String, Options.ClaimsIssuer));
                 }
+            }
 
-                var principal = new ClaimsPrincipal(identity);
-                var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
-                context.RunClaimActions();
+            var principal = new ClaimsPrincipal(identity);
+            var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
+            context.RunClaimActions();
 
-                await Options.Events.CreatingTicket(context);
-                return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
-            }
+            await Options.Events.CreatingTicket(context);
+            return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
         }
 
         protected override string FormatScope() => string.Join(",", Options.Scope);
@@ -89,11 +88,11 @@ protected virtual async Task<string> GetEmailAsync([NotNull] OAuthTokenResponse
                 ["access_token"] = tokens.AccessToken
             });
 
-            var request = new HttpRequestMessage(HttpMethod.Get, address);
+            using var request = new HttpRequestMessage(HttpMethod.Get, address);
             request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
 
             // Failed requests shouldn't cause an error: in this case, return null to indicate that the email address cannot be retrieved.
-            var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
+            using var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
             if (!response.IsSuccessStatusCode)
             {
                 Logger.LogWarning("An error occurred while retrieving the email address associated with the logged in user: " +
@@ -105,11 +104,10 @@ protected virtual async Task<string> GetEmailAsync([NotNull] OAuthTokenResponse
                 return null;
             }
 
-            using (var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync()))
-            {
-                return (from email in payload.RootElement.EnumerateArray()
-                        select email.GetString("email")).FirstOrDefault();
-            }
+            using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync());
+
+            return (from email in payload.RootElement.EnumerateArray()
+                    select email.GetString("email")).FirstOrDefault();
         }
     }
 }
diff --git a/src/AspNet.Security.OAuth.Weixin/WeixinAuthenticationHandler.cs b/src/AspNet.Security.OAuth.Weixin/WeixinAuthenticationHandler.cs
index 62fdbe82c..1ef422d97 100644
--- a/src/AspNet.Security.OAuth.Weixin/WeixinAuthenticationHandler.cs
+++ b/src/AspNet.Security.OAuth.Weixin/WeixinAuthenticationHandler.cs
@@ -39,7 +39,7 @@ protected override async Task<AuthenticationTicket> CreateTicketAsync([NotNull]
                 ["openid"] = tokens.Response.RootElement.GetString("openid")
             });
 
-            var response = await Backchannel.GetAsync(address);
+            using var response = await Backchannel.GetAsync(address);
             if (!response.IsSuccessStatusCode)
             {
                 Logger.LogError("An error occurred while retrieving the user profile: the remote server " +
@@ -51,26 +51,25 @@ protected override async Task<AuthenticationTicket> CreateTicketAsync([NotNull]
                 throw new HttpRequestException("An error occurred while retrieving user information.");
             }
 
-            using (var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync()))
+            using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync());
+
+            if (!string.IsNullOrEmpty(payload.RootElement.GetString("errcode")))
             {
-                if (!string.IsNullOrEmpty(payload.RootElement.GetString("errcode")))
-                {
-                    Logger.LogError("An error occurred while retrieving the user profile: the remote server " +
-                                    "returned a {Status} response with the following payload: {Headers} {Body}.",
-                                    /* Status: */ response.StatusCode,
-                                    /* Headers: */ response.Headers.ToString(),
-                                    /* Body: */ await response.Content.ReadAsStringAsync());
-
-                    throw new HttpRequestException("An error occurred while retrieving user information.");
-                }
-
-                var principal = new ClaimsPrincipal(identity);
-                var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
-                context.RunClaimActions();
-
-                await Options.Events.CreatingTicket(context);
-                return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
+                Logger.LogError("An error occurred while retrieving the user profile: the remote server " +
+                                "returned a {Status} response with the following payload: {Headers} {Body}.",
+                                /* Status: */ response.StatusCode,
+                                /* Headers: */ response.Headers.ToString(),
+                                /* Body: */ await response.Content.ReadAsStringAsync());
+
+                throw new HttpRequestException("An error occurred while retrieving user information.");
             }
+
+            var principal = new ClaimsPrincipal(identity);
+            var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
+            context.RunClaimActions();
+
+            await Options.Events.CreatingTicket(context);
+            return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
         }
 
         protected override async Task<OAuthTokenResponse> ExchangeCodeAsync(string code, string redirectUri)
@@ -83,7 +82,7 @@ protected override async Task<OAuthTokenResponse> ExchangeCodeAsync(string code,
                 ["grant_type"] = "authorization_code"
             });
 
-            var response = await Backchannel.GetAsync(address);
+            using var response = await Backchannel.GetAsync(address);
             if (!response.IsSuccessStatusCode)
             {
                 Logger.LogError("An error occurred while retrieving an access token: the remote server " +
@@ -106,6 +105,7 @@ protected override async Task<OAuthTokenResponse> ExchangeCodeAsync(string code,
 
                 return OAuthTokenResponse.Failed(new Exception("An error occurred while retrieving an access token."));
             }
+
             return OAuthTokenResponse.Success(payload);
         }
 
diff --git a/src/AspNet.Security.OAuth.WordPress/WordPressAuthenticationHandler.cs b/src/AspNet.Security.OAuth.WordPress/WordPressAuthenticationHandler.cs
index 3247af927..3f7f5e957 100644
--- a/src/AspNet.Security.OAuth.WordPress/WordPressAuthenticationHandler.cs
+++ b/src/AspNet.Security.OAuth.WordPress/WordPressAuthenticationHandler.cs
@@ -32,11 +32,11 @@ public class WordPressAuthenticationHandler : OAuthHandler<WordPressAuthenticati
         protected override async Task<AuthenticationTicket> CreateTicketAsync([NotNull] ClaimsIdentity identity,
             [NotNull] AuthenticationProperties properties, [NotNull] OAuthTokenResponse tokens)
         {
-            var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
+            using var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
             request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
             request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken);
 
-            var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
+            using var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
             if (!response.IsSuccessStatusCode)
             {
                 Logger.LogError("An error occurred while retrieving the user profile: the remote server " +
@@ -48,15 +48,14 @@ public class WordPressAuthenticationHandler : OAuthHandler<WordPressAuthenticati
                 throw new HttpRequestException("An error occurred while retrieving the user profile.");
             }
 
-            using (var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync()))
-            {
-                var principal = new ClaimsPrincipal(identity);
-                var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
-                context.RunClaimActions();
+            using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync());
 
-                await Options.Events.CreatingTicket(context);
-                return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
-            }
+            var principal = new ClaimsPrincipal(identity);
+            var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
+            context.RunClaimActions();
+
+            await Options.Events.CreatingTicket(context);
+            return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
         }
     }
 }
diff --git a/src/AspNet.Security.OAuth.Yahoo/YahooAuthenticationHandler.cs b/src/AspNet.Security.OAuth.Yahoo/YahooAuthenticationHandler.cs
index a8aeccf52..855c7928f 100644
--- a/src/AspNet.Security.OAuth.Yahoo/YahooAuthenticationHandler.cs
+++ b/src/AspNet.Security.OAuth.Yahoo/YahooAuthenticationHandler.cs
@@ -35,11 +35,11 @@ public class YahooAuthenticationHandler : OAuthHandler<YahooAuthenticationOption
         protected override async Task<AuthenticationTicket> CreateTicketAsync([NotNull] ClaimsIdentity identity,
             [NotNull] AuthenticationProperties properties, [NotNull] OAuthTokenResponse tokens)
         {
-            var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
+            using var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
             request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
             request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken);
 
-            var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
+            using var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
             if (!response.IsSuccessStatusCode)
             {
                 Logger.LogError("An error occurred while retrieving the user profile: the remote server " +
@@ -51,22 +51,21 @@ public class YahooAuthenticationHandler : OAuthHandler<YahooAuthenticationOption
                 throw new HttpRequestException("An error occurred while retrieving the user profile.");
             }
 
-            using (var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync()))
-            {
-                var principal = new ClaimsPrincipal(identity);
-                var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
-                context.RunClaimActions(payload.RootElement.GetProperty("profile"));
+            using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync());
 
-                await Options.Events.CreatingTicket(context);
-                return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
-            }
+            var principal = new ClaimsPrincipal(identity);
+            var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
+            context.RunClaimActions(payload.RootElement.GetProperty("profile"));
+
+            await Options.Events.CreatingTicket(context);
+            return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
         }
 
         protected override async Task<OAuthTokenResponse> ExchangeCodeAsync([NotNull] string code, [NotNull] string redirectUri)
         {
             var credentials = Convert.ToBase64String(Encoding.UTF8.GetBytes($"{Options.ClientId}:{Options.ClientSecret}"));
 
-            var request = new HttpRequestMessage(HttpMethod.Post, Options.TokenEndpoint);
+            using var request = new HttpRequestMessage(HttpMethod.Post, Options.TokenEndpoint);
             request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
             request.Headers.Authorization = new AuthenticationHeaderValue("Basic", credentials);
 
@@ -77,7 +76,7 @@ protected override async Task<OAuthTokenResponse> ExchangeCodeAsync([NotNull] st
                 ["code"] = code
             });
 
-            var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
+            using var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
             if (!response.IsSuccessStatusCode)
             {
                 Logger.LogError("An error occurred while retrieving an access token: the remote server " +
diff --git a/src/AspNet.Security.OAuth.Yammer/YammerAuthenticationHandler.cs b/src/AspNet.Security.OAuth.Yammer/YammerAuthenticationHandler.cs
index 65aa4d7d8..dd9a3dcb8 100644
--- a/src/AspNet.Security.OAuth.Yammer/YammerAuthenticationHandler.cs
+++ b/src/AspNet.Security.OAuth.Yammer/YammerAuthenticationHandler.cs
@@ -35,10 +35,10 @@ public class YammerAuthenticationHandler : OAuthHandler<YammerAuthenticationOpti
         protected override async Task<AuthenticationTicket> CreateTicketAsync([NotNull] ClaimsIdentity identity,
             [NotNull] AuthenticationProperties properties, [NotNull] OAuthTokenResponse tokens)
         {
-            var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
+            using var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
             request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken);
 
-            var response = await Backchannel.SendAsync(request, Context.RequestAborted);
+            using var response = await Backchannel.SendAsync(request, Context.RequestAborted);
             if (!response.IsSuccessStatusCode)
             {
                 Logger.LogError("An error occurred while retrieving the user profile: the remote server " +
@@ -50,21 +50,20 @@ public class YammerAuthenticationHandler : OAuthHandler<YammerAuthenticationOpti
                 throw new HttpRequestException("An error occurred while retrieving the user profile.");
             }
 
-            using (var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync()))
-            {
-                var principal = new ClaimsPrincipal(identity);
-                var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
-                context.RunClaimActions();
+            using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync());
 
-                await Options.Events.CreatingTicket(context);
+            var principal = new ClaimsPrincipal(identity);
+            var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
+            context.RunClaimActions();
 
-                return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
-            }
+            await Options.Events.CreatingTicket(context);
+
+            return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
         }
 
         protected override async Task<OAuthTokenResponse> ExchangeCodeAsync([NotNull] string code, [NotNull] string redirectUri)
         {
-            var request = new HttpRequestMessage(HttpMethod.Post, Options.TokenEndpoint);
+            using var request = new HttpRequestMessage(HttpMethod.Post, Options.TokenEndpoint);
             request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
 
             request.Content = new FormUrlEncodedContent(new Dictionary<string, string>
@@ -76,7 +75,7 @@ protected override async Task<OAuthTokenResponse> ExchangeCodeAsync([NotNull] st
                 ["grant_type"] = "authorization_code"
             });
 
-            var response = await Backchannel.SendAsync(request, Context.RequestAborted);
+            using var response = await Backchannel.SendAsync(request, Context.RequestAborted);
             if (!response.IsSuccessStatusCode)
             {
                 Logger.LogError("An error occurred while retrieving an access token: the remote server " +
@@ -91,12 +90,8 @@ protected override async Task<OAuthTokenResponse> ExchangeCodeAsync([NotNull] st
             // Note: Yammer doesn't return a standard OAuth2 response. To make this middleware compatible
             // with the OAuth2 generic middleware, a compliant JSON payload is generated manually.
             // See https://developer.yammer.com/docs/oauth-2 for more information about this process.
-            string accessToken;
-
-            using (var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync()))
-            {
-                accessToken = payload.RootElement.GetProperty("access_token").GetString("token");
-            }
+            using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync());
+            string accessToken = payload.RootElement.GetProperty("access_token").GetString("token");
 
             var token = await CreateAccessTokenAsync(accessToken);
             return OAuthTokenResponse.Success(token);
diff --git a/src/AspNet.Security.OAuth.Yandex/YandexAuthenticationHandler.cs b/src/AspNet.Security.OAuth.Yandex/YandexAuthenticationHandler.cs
index 3bd30b902..07c906882 100644
--- a/src/AspNet.Security.OAuth.Yandex/YandexAuthenticationHandler.cs
+++ b/src/AspNet.Security.OAuth.Yandex/YandexAuthenticationHandler.cs
@@ -35,11 +35,11 @@ public class YandexAuthenticationHandler : OAuthHandler<YandexAuthenticationOpti
         protected override async Task<AuthenticationTicket> CreateTicketAsync([NotNull] ClaimsIdentity identity,
             [NotNull] AuthenticationProperties properties, [NotNull] OAuthTokenResponse tokens)
         {
-            var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
+            using var request = new HttpRequestMessage(HttpMethod.Get, Options.UserInformationEndpoint);
             request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
             request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", tokens.AccessToken);
 
-            var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
+            using var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
             if (!response.IsSuccessStatusCode)
             {
                 Logger.LogError("An error occurred while retrieving the user profile: the remote server " +
@@ -51,22 +51,21 @@ public class YandexAuthenticationHandler : OAuthHandler<YandexAuthenticationOpti
                 throw new HttpRequestException("An error occurred while retrieving the user profile.");
             }
 
-            using (var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync()))
-            {
-                var principal = new ClaimsPrincipal(identity);
-                var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
-                context.RunClaimActions();
+            using var payload = JsonDocument.Parse(await response.Content.ReadAsStringAsync());
 
-                await Options.Events.CreatingTicket(context);
-                return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
-            }
+            var principal = new ClaimsPrincipal(identity);
+            var context = new OAuthCreatingTicketContext(principal, properties, Context, Scheme, Options, Backchannel, tokens, payload.RootElement);
+            context.RunClaimActions();
+
+            await Options.Events.CreatingTicket(context);
+            return new AuthenticationTicket(context.Principal, context.Properties, Scheme.Name);
         }
 
         protected override async Task<OAuthTokenResponse> ExchangeCodeAsync([NotNull] string code, [NotNull] string redirectUri)
         {
             var credentials = Convert.ToBase64String(Encoding.UTF8.GetBytes($"{Options.ClientId}:{Options.ClientSecret}"));
 
-            var request = new HttpRequestMessage(HttpMethod.Post, Options.TokenEndpoint);
+            using var request = new HttpRequestMessage(HttpMethod.Post, Options.TokenEndpoint);
             request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
             request.Headers.Authorization = new AuthenticationHeaderValue("Basic", credentials);
 
@@ -77,7 +76,7 @@ protected override async Task<OAuthTokenResponse> ExchangeCodeAsync([NotNull] st
                 ["code"] = code
             });
 
-            var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
+            using var response = await Backchannel.SendAsync(request, HttpCompletionOption.ResponseHeadersRead, Context.RequestAborted);
             if (!response.IsSuccessStatusCode)
             {
                 Logger.LogError("An error occurred while retrieving an access token: the remote server " +