diff --git a/cmd/example-app/main.go b/cmd/example-app/main.go
index d527bbc8e8c7ac39c2ffc3555d62e576c7b7013b..d88b6838150c21d3c5e0548262f0bba72a785e6e 100644
--- a/cmd/example-app/main.go
+++ b/cmd/example-app/main.go
@@ -261,7 +261,7 @@ func (a *app) handleCallback(w http.ResponseWriter, r *http.Request) {
 	ctx := oidc.ClientContext(r.Context(), a.client)
 	oauth2Config := a.oauth2Config(nil)
 	switch r.Method {
-	case "GET":
+	case http.MethodGet:
 		// Authorization redirect callback from OAuth2 auth flow.
 		if errMsg := r.FormValue("error"); errMsg != "" {
 			http.Error(w, errMsg+": "+r.FormValue("error_description"), http.StatusBadRequest)
@@ -277,7 +277,7 @@ func (a *app) handleCallback(w http.ResponseWriter, r *http.Request) {
 			return
 		}
 		token, err = oauth2Config.Exchange(ctx, code)
-	case "POST":
+	case http.MethodPost:
 		// Form request from frontend to refresh a token.
 		refresh := r.FormValue("refresh_token")
 		if refresh == "" {
diff --git a/server/handlers.go b/server/handlers.go
index b309191dfbb67c782cee668f5928cfdb9f35f55a..5bdf39f0254388b63922ccda4bfc62efa45dae8a 100644
--- a/server/handlers.go
+++ b/server/handlers.go
@@ -240,7 +240,7 @@ func (s *Server) handleConnectorLogin(w http.ResponseWriter, r *http.Request) {
 	showBacklink := len(s.connectors) > 1
 
 	switch r.Method {
-	case "GET":
+	case http.MethodGet:
 		switch conn := conn.Connector.(type) {
 		case connector.CallbackConnector:
 			// Use the auth request ID as the "state" token.
@@ -285,7 +285,7 @@ func (s *Server) handleConnectorLogin(w http.ResponseWriter, r *http.Request) {
 		default:
 			s.renderError(w, http.StatusBadRequest, "Requested resource does not exist.")
 		}
-	case "POST":
+	case http.MethodPost:
 		passwordConnector, ok := conn.Connector.(connector.PasswordConnector)
 		if !ok {
 			s.renderError(w, http.StatusBadRequest, "Requested resource does not exist.")
@@ -323,12 +323,12 @@ func (s *Server) handleConnectorLogin(w http.ResponseWriter, r *http.Request) {
 func (s *Server) handleConnectorCallback(w http.ResponseWriter, r *http.Request) {
 	var authID string
 	switch r.Method {
-	case "GET": // OAuth2 callback
+	case http.MethodGet: // OAuth2 callback
 		if authID = r.URL.Query().Get("state"); authID == "" {
 			s.renderError(w, http.StatusBadRequest, "User session error.")
 			return
 		}
-	case "POST": // SAML POST binding
+	case http.MethodPost: // SAML POST binding
 		if authID = r.PostFormValue("RelayState"); authID == "" {
 			s.renderError(w, http.StatusBadRequest, "User session error.")
 			return
@@ -366,14 +366,14 @@ func (s *Server) handleConnectorCallback(w http.ResponseWriter, r *http.Request)
 	var identity connector.Identity
 	switch conn := conn.Connector.(type) {
 	case connector.CallbackConnector:
-		if r.Method != "GET" {
+		if r.Method != http.MethodGet {
 			s.logger.Errorf("SAML request mapped to OAuth2 connector")
 			s.renderError(w, http.StatusBadRequest, "Invalid request")
 			return
 		}
 		identity, err = conn.HandleCallback(parseScopes(authReq.Scopes), r)
 	case connector.SAMLConnector:
-		if r.Method != "POST" {
+		if r.Method != http.MethodPost {
 			s.logger.Errorf("OAuth2 request mapped to SAML connector")
 			s.renderError(w, http.StatusBadRequest, "Invalid request")
 			return
@@ -446,7 +446,7 @@ func (s *Server) handleApproval(w http.ResponseWriter, r *http.Request) {
 	}
 
 	switch r.Method {
-	case "GET":
+	case http.MethodGet:
 		if s.skipApproval {
 			s.sendCodeResponse(w, r, authReq)
 			return
@@ -460,7 +460,7 @@ func (s *Server) handleApproval(w http.ResponseWriter, r *http.Request) {
 		if err := s.templates.approval(w, authReq.ID, authReq.Claims.Username, client.Name, authReq.Scopes); err != nil {
 			s.logger.Errorf("Server template error: %v", err)
 		}
-	case "POST":
+	case http.MethodPost:
 		if r.FormValue("approval") != "approve" {
 			s.renderError(w, http.StatusInternalServerError, "Approval rejected.")
 			return
diff --git a/storage/kubernetes/client.go b/storage/kubernetes/client.go
index f95acaffa7ce2842645600e76678cf7bc39cadfe..cb7fd2802453853c4993495336243d1f43e97c77 100644
--- a/storage/kubernetes/client.go
+++ b/storage/kubernetes/client.go
@@ -137,7 +137,7 @@ func checkHTTPErr(r *http.Response, validStatusCodes ...int) error {
 	if r.StatusCode == http.StatusNotFound {
 		return storage.ErrNotFound
 	}
-	if r.Request.Method == "POST" && r.StatusCode == http.StatusConflict {
+	if r.Request.Method == http.MethodPost && r.StatusCode == http.StatusConflict {
 		return storage.ErrAlreadyExists
 	}