diff --git a/Directory.Packages.props b/Directory.Packages.props
index 13c268a1..58628bd5 100644
--- a/Directory.Packages.props
+++ b/Directory.Packages.props
@@ -44,11 +44,11 @@
     <PackageVersion Include="Microsoft.Owin.Security.Cookies"                            Version="4.2.2"   />
     <PackageVersion Include="Microsoft.Owin.Security.OAuth"                              Version="4.2.2"   />
     <PackageVersion Include="Microsoft.Web.Infrastructure"                               Version="1.0.0"   />
-    <PackageVersion Include="OpenIddict.Client.SystemIntegration"                        Version="5.3.0"   />
-    <PackageVersion Include="OpenIddict.Client.SystemNetHttp"                            Version="5.3.0"   />
-    <PackageVersion Include="OpenIddict.EntityFramework"                                 Version="5.3.0"   />
-    <PackageVersion Include="OpenIddict.EntityFrameworkCore"                             Version="5.3.0"   />
-    <PackageVersion Include="OpenIddict.Owin"                                            Version="5.3.0"   />
+    <PackageVersion Include="OpenIddict.Client.SystemIntegration"                        Version="5.4.0"   />
+    <PackageVersion Include="OpenIddict.Client.SystemNetHttp"                            Version="5.4.0"   />
+    <PackageVersion Include="OpenIddict.EntityFramework"                                 Version="5.4.0"   />
+    <PackageVersion Include="OpenIddict.EntityFrameworkCore"                             Version="5.4.0"   />
+    <PackageVersion Include="OpenIddict.Owin"                                            Version="5.4.0"   />
     <PackageVersion Include="WebGrease"                                                  Version="1.6.0"   />
   </ItemGroup>
 
@@ -85,15 +85,15 @@
     <PackageVersion Include="Microsoft.Extensions.Hosting"                               Version="8.0.0"   />
     <PackageVersion Include="Microsoft.Extensions.Http"                                  Version="8.0.0"   />
     <PackageVersion Include="Microsoft.VisualStudio.Web.CodeGeneration.Design"           Version="8.0.0"   />
-    <PackageVersion Include="OpenIddict.Abstractions"                                    Version="5.3.0"   />
-    <PackageVersion Include="OpenIddict.AspNetCore"                                      Version="5.3.0"   />
-    <PackageVersion Include="OpenIddict.Client.SystemIntegration"                        Version="5.3.0"   />
-    <PackageVersion Include="OpenIddict.Client.SystemNetHttp"                            Version="5.3.0"   />
-    <PackageVersion Include="OpenIddict.Client.WebIntegration"                           Version="5.3.0"   />
-    <PackageVersion Include="OpenIddict.EntityFrameworkCore"                             Version="5.3.0"   />
-    <PackageVersion Include="OpenIddict.Quartz"                                          Version="5.3.0"   />
-    <PackageVersion Include="OpenIddict.Validation.AspNetCore"                           Version="5.3.0"   />
-    <PackageVersion Include="OpenIddict.Validation.SystemNetHttp"                        Version="5.3.0"   />
+    <PackageVersion Include="OpenIddict.Abstractions"                                    Version="5.4.0"   />
+    <PackageVersion Include="OpenIddict.AspNetCore"                                      Version="5.4.0"   />
+    <PackageVersion Include="OpenIddict.Client.SystemIntegration"                        Version="5.4.0"   />
+    <PackageVersion Include="OpenIddict.Client.SystemNetHttp"                            Version="5.4.0"   />
+    <PackageVersion Include="OpenIddict.Client.WebIntegration"                           Version="5.4.0"   />
+    <PackageVersion Include="OpenIddict.EntityFrameworkCore"                             Version="5.4.0"   />
+    <PackageVersion Include="OpenIddict.Quartz"                                          Version="5.4.0"   />
+    <PackageVersion Include="OpenIddict.Validation.AspNetCore"                           Version="5.4.0"   />
+    <PackageVersion Include="OpenIddict.Validation.SystemNetHttp"                        Version="5.4.0"   />
     <PackageVersion Include="Quartz.Extensions.Hosting"                                  Version="3.5.0"   />
     <PackageVersion Include="Spectre.Console"                                            Version="0.48.0"  />
     <PackageVersion Include="System.Linq.Async"                                          Version="6.0.1"   />
diff --git a/samples/Matty/Matty.Server/Controllers/AuthorizationController.cs b/samples/Matty/Matty.Server/Controllers/AuthorizationController.cs
index 88f7c205..ed411ea2 100644
--- a/samples/Matty/Matty.Server/Controllers/AuthorizationController.cs
+++ b/samples/Matty/Matty.Server/Controllers/AuthorizationController.cs
@@ -48,16 +48,6 @@ public AuthorizationController(
     [Authorize, HttpGet("~/connect/verify"), IgnoreAntiforgeryToken]
     public async Task<IActionResult> Verify()
     {
-        var request = HttpContext.GetOpenIddictServerRequest() ??
-            throw new InvalidOperationException("The OpenID Connect request cannot be retrieved.");
-
-        // If the user code was not specified in the query string (e.g as part of the verification_uri_complete),
-        // render a form to ask the user to enter the user code manually (non-digit chars are automatically ignored).
-        if (string.IsNullOrEmpty(request.UserCode))
-        {
-            return View(new VerifyViewModel());
-        }
-
         // Retrieve the claims principal associated with the user code.
         var result = await HttpContext.AuthenticateAsync(OpenIddictServerAspNetCoreDefaults.AuthenticationScheme);
         if (result.Succeeded && !string.IsNullOrEmpty(result.Principal.GetClaim(Claims.ClientId)))
@@ -71,16 +61,23 @@ public async Task<IActionResult> Verify()
             {
                 ApplicationName = await _applicationManager.GetLocalizedDisplayNameAsync(application),
                 Scope = string.Join(" ", result.Principal.GetScopes()),
-                UserCode = request.UserCode
+                UserCode = result.Properties.GetTokenValue(OpenIddictServerAspNetCoreConstants.Tokens.UserCode)
             });
         }
 
-        // Redisplay the form when the user code is not valid.
-        return View(new VerifyViewModel
+        // If a user code was specified (e.g as part of the verification_uri_complete)
+        // but is not valid, render a form asking the user to enter the user code manually.
+        else if (!string.IsNullOrEmpty(result.Properties.GetTokenValue(OpenIddictServerAspNetCoreConstants.Tokens.UserCode)))
         {
-            Error = Errors.InvalidToken,
-            ErrorDescription = "The specified user code is not valid. Please make sure you typed it correctly."
-        });
+            return View(new VerifyViewModel
+            {
+                Error = Errors.InvalidToken,
+                ErrorDescription = "The specified user code is not valid. Please make sure you typed it correctly."
+            });
+        }
+
+        // Otherwise, render a form asking the user to enter the user code manually.
+        return View(new VerifyViewModel());
     }
 
     [Authorize, FormValueRequired("submit.Accept")]