In #6 we fixed that the HttpHaveIBeenPwnedClient does not dispose an injected HttpClient because it's not the owner of it. Disposing it is the responsibility of the caller, because they created the HttpClient and might be using it after disposing of HttpHaveIBeenPwnedClient.
However, HaveIBeenPwnedClient always disposes its injected IHaveIBeenPwnedClient and that's incorrect in the same way: The creator is responsible for cleaning up too.
So, we must adapt HaveIBeenPwnedClient to only dispose of the IHaveIBeenPwnedClient used when it was not injected into the constructor.
In #6 we fixed that the
HttpHaveIBeenPwnedClientdoes not dispose an injectedHttpClientbecause it's not the owner of it. Disposing it is the responsibility of the caller, because they created theHttpClientand might be using it after disposing ofHttpHaveIBeenPwnedClient.However,
HaveIBeenPwnedClientalways disposes its injectedIHaveIBeenPwnedClientand that's incorrect in the same way: The creator is responsible for cleaning up too.So, we must adapt
HaveIBeenPwnedClientto only dispose of theIHaveIBeenPwnedClientused when it was not injected into the constructor.