NFC-99 Review findings and fixes from rebase

Author: SanderKondratjevNortal

example/src/WebEid.AspNetCore.Example/Signing/MobileSigningService.cs

@@ -143,15 +143,15 @@ internal sealed record RequestObject
 
             [JsonIgnore(Condition = JsonIgnoreCondition.WhenWritingNull)]
             [JsonPropertyName("signing_certificate")]
-            public string? SigningCertificate { get; init; } = null!;
+            public string? SigningCertificate { get; init; }
 
             [JsonIgnore(Condition = JsonIgnoreCondition.WhenWritingNull)]
             [JsonPropertyName("hash")]
-            public string? Hash { get; init; } = null!;
+            public string? Hash { get; init; }
 
             [JsonIgnore(Condition = JsonIgnoreCondition.WhenWritingNull)]
             [JsonPropertyName("hash_function")]
-            public string? HashFunction { get; init; } = null!;
+            public string? HashFunction { get; init; }
         }
     }
 }

src/WebEid.Security.Tests/Validator/AuthTokenValidatonOcspTest.cs

@@ -40,9 +40,7 @@ public void WhenOcspRequestTimeoutIsReachedThenValidationFails()
                .WithOcspRequestTimeout(TimeSpan.FromMilliseconds(1))
                 .Build();
 
-            var exception = Assert.ThrowsAsync<UserCertificateOcspCheckFailedException>(() => authTokenValidator.Validate(authTokenValidator.Parse(ValidAuthTokenStr), ValidChallengeNonce));
-            Assert.That(exception.InnerException, Is.TypeOf<TaskCanceledException>());
-            Assert.That(exception.InnerException.Message, Does.Contain("The request was canceled due to the configured HttpClient.Timeout of"));
+            Assert.ThrowsAsync<UserCertificateOcspCheckFailedException>(() => authTokenValidator.Validate(authTokenValidator.Parse(ValidAuthTokenStr), ValidChallengeNonce));
 
         }
 

src/WebEid.Security/Validator/AuthTokenValidatorBuilder.cs

@@ -35,7 +35,7 @@ namespace WebEid.Security.Validator
     public class AuthTokenValidatorBuilder
     {
         private readonly ILogger logger;
-        private readonly IOcspClient ocspClient;
+        private IOcspClient ocspClient;
         private readonly AuthTokenValidationConfiguration configuration = new AuthTokenValidationConfiguration();
 
         /// <summary>
@@ -185,6 +185,14 @@ public AuthTokenValidatorBuilder WithDesignatedOcspServiceConfiguration(Designat
         public IAuthTokenValidator Build()
         {
             configuration.Validate();
+
+            if (configuration.IsUserCertificateRevocationCheckWithOcspEnabled && ocspClient == null)
+            {
+                ocspClient = new OcspClient(
+                configuration.OcspRequestTimeout,
+                logger);
+            }
+
             return new AuthTokenValidator(configuration, ocspClient, logger);
         }
     }