use char base overloads where possible

src/IdentityServer/Endpoints/Results/EndSessionCallbackResult.cs

@@ -73,7 +73,7 @@ private void AddCspHeaders(EndSessionCallbackResult result, HttpContext context)
                 foreach (var origin in origins.Distinct())
                 {
                     sb.Append(origin);
-                    if (sb.Length > 0) sb.Append(" ");
+                    if (sb.Length > 0) sb.Append(' ');
                 }
             }
 

src/IdentityServer/Extensions/NameValueCollectionExtensions.cs

@@ -152,13 +152,13 @@ private static bool AppendNameValuePair(StringBuilder builder, bool first, bool
         }
         else
         {
-            builder.Append("&");
+            builder.Append('&');
         }
 
         builder.Append(encodedName);
         if (!String.IsNullOrEmpty(encodedValue))
         {
-            builder.Append("=");
+            builder.Append('=');
             builder.Append(encodedValue);
         }
         return first;

src/IdentityServer/Extensions/ScopeExtensions.cs

@@ -16,7 +16,7 @@ public static string ToSpaceSeparatedString(this IEnumerable<ApiScope> apiScopes
         var scopeNames = from s in apiScopes
             select s.Name;
 
-        return string.Join(" ", scopeNames.ToArray());
+        return string.Join(' ', scopeNames.ToArray());
     }
 
     [DebuggerStepThrough]

src/IdentityServer/Extensions/TokenExtensions.cs

@@ -74,7 +74,7 @@ public static Dictionary<string, object> CreateJwtPayloadDictionary(this Token t
 
                 if (options.EmitScopesAsSpaceDelimitedStringInJwt)
                 {
-                    payload.Add(JwtClaimTypes.Scope, string.Join(" ", scopeValues));
+                    payload.Add(JwtClaimTypes.Scope, string.Join(' ', scopeValues));
                 }
                 else
                 {

src/IdentityServer/Extensions/ValidatedAuthorizeRequestExtensions.cs

@@ -29,15 +29,15 @@ public static void RemovePrompt(this ValidatedAuthorizeRequest request)
         {
             if (suppress.Length > 0)
             {
-                suppress.Append(" ");
+                suppress.Append(' ');
             }
             suppress.Append(OidcConstants.PromptModes.SelectAccount);
         }
         if (request.PromptModes.Contains(OidcConstants.PromptModes.Create))
         {
             if (suppress.Length > 0)
             {
-                suppress.Append(" ");
+                suppress.Append(' ');
             }
             suppress.Append(OidcConstants.PromptModes.Create);
         }

src/IdentityServer/ResponseHandling/Default/UserInfoResponseGenerator.cs

@@ -121,7 +121,7 @@ protected internal virtual async Task<ResourceValidationResult> GetRequestedReso
             return null;
         }
 
-        var scopeString = string.Join(" ", scopes);
+        var scopeString = string.Join(' ', scopes);
         Logger.LogDebug("Scopes in access token: {scopes}", scopeString);
 
         // if we ever parameterized identity scopes, then we would need to invoke the resource validator's parse API here

test/IdentityServer.IntegrationTests/Common/BrowserHandler.cs

@@ -87,7 +87,7 @@ protected async Task<HttpResponseMessage> SendCookiesAsync(HttpRequestMessage re
 
         if (AllowCookies && response.Headers.Contains("Set-Cookie"))
         {
-            var responseCookieHeader = string.Join(",", response.Headers.GetValues("Set-Cookie"));
+            var responseCookieHeader = string.Join(',', response.Headers.GetValues("Set-Cookie"));
             _cookieContainer.SetCookies(request.RequestUri, responseCookieHeader);
         }
 

test/IdentityServer.IntegrationTests/TestFramework/TestBrowserClient.cs

@@ -43,7 +43,7 @@ protected override async Task<HttpResponseMessage> SendAsync(HttpRequestMessage
 
             if (response.Headers.Contains("Set-Cookie"))
             {
-                var responseCookieHeader = string.Join(",", response.Headers.GetValues("Set-Cookie"));
+                var responseCookieHeader = string.Join(',', response.Headers.GetValues("Set-Cookie"));
                 CookieContainer.SetCookies(request.RequestUri, responseCookieHeader);
             }
 

test/IdentityServer.UnitTests/Services/Default/DefaultUserSessionTests.cs

@@ -112,7 +112,7 @@ public async Task CreateSessionId_should_issue_session_id_cookie()
 
         var cookieContainer = new CookieContainer();
         var cookies = _mockHttpContext.HttpContext.Response.Headers.Where(x => x.Key.Equals("Set-Cookie", StringComparison.OrdinalIgnoreCase)).Select(x => x.Value);
-        cookieContainer.SetCookies(new Uri("http://server"), string.Join(",", cookies));
+        cookieContainer.SetCookies(new Uri("http://server"), string.Join(',', cookies));
         _mockHttpContext.HttpContext.Response.Headers.Clear();
 
         var cookie = cookieContainer.GetCookies(new Uri("http://server")).Cast<Cookie>().Where(x => x.Name == _options.Authentication.CheckSessionCookieName).FirstOrDefault();
@@ -129,7 +129,7 @@ public async Task EnsureSessionIdCookieAsync_should_add_cookie()
 
         var cookieContainer = new CookieContainer();
         var cookies = _mockHttpContext.HttpContext.Response.Headers.Where(x => x.Key.Equals("Set-Cookie", StringComparison.OrdinalIgnoreCase)).Select(x => x.Value);
-        cookieContainer.SetCookies(new Uri("http://server"), string.Join(",", cookies));
+        cookieContainer.SetCookies(new Uri("http://server"), string.Join(',', cookies));
         _mockHttpContext.HttpContext.Response.Headers.Clear();
 
         var cookie = cookieContainer.GetCookies(new Uri("http://server")).Cast<Cookie>().Where(x => x.Name == _options.Authentication.CheckSessionCookieName).FirstOrDefault();
@@ -143,7 +143,7 @@ public async Task EnsureSessionIdCookieAsync_should_not_add_cookie_if_no_sid()
 
         var cookieContainer = new CookieContainer();
         var cookies = _mockHttpContext.HttpContext.Response.Headers.Where(x => x.Key.Equals("Set-Cookie", StringComparison.OrdinalIgnoreCase)).Select(x => x.Value);
-        cookieContainer.SetCookies(new Uri("http://server"), string.Join(",", cookies));
+        cookieContainer.SetCookies(new Uri("http://server"), string.Join(',', cookies));
         _mockHttpContext.HttpContext.Response.Headers.Clear();
 
         var cookie = cookieContainer.GetCookies(new Uri("http://server")).Cast<Cookie>().Where(x => x.Name == _options.Authentication.CheckSessionCookieName).FirstOrDefault();
@@ -160,7 +160,7 @@ public async Task RemoveSessionIdCookie_should_remove_cookie()
 
         var cookieContainer = new CookieContainer();
         var cookies = _mockHttpContext.HttpContext.Response.Headers.Where(x => x.Key.Equals("Set-Cookie", StringComparison.OrdinalIgnoreCase)).Select(x => x.Value);
-        cookieContainer.SetCookies(new Uri("http://server"), string.Join(",", cookies));
+        cookieContainer.SetCookies(new Uri("http://server"), string.Join(',', cookies));
         _mockHttpContext.HttpContext.Response.Headers.Clear();
 
         string cookie = cookieContainer.GetCookieHeader(new Uri("http://server"));
@@ -169,7 +169,7 @@ public async Task RemoveSessionIdCookie_should_remove_cookie()
         await _subject.RemoveSessionIdCookieAsync();
 
         cookies = _mockHttpContext.HttpContext.Response.Headers.Where(x => x.Key.Equals("Set-Cookie", StringComparison.OrdinalIgnoreCase)).Select(x => x.Value);
-        cookieContainer.SetCookies(new Uri("http://server"), string.Join(",", cookies));
+        cookieContainer.SetCookies(new Uri("http://server"), string.Join(',', cookies));
 
         var query = cookieContainer.GetCookies(new Uri("http://server")).Cast<Cookie>().Where(x => x.Name == _options.Authentication.CheckSessionCookieName);
         query.Count().Should().Be(0);