Fix two potential NREs

identity-server/src/IdentityServer/Configuration/DependencyInjection/PostConfigureApplicationCookieTicketStore.cs

@@ -68,7 +68,7 @@ public void PostConfigure(string name, CookieAuthenticationOptions options)
 
             IdentityServerLicenseValidator.Instance.ValidateServerSideSessions();
             var licenseUsage = _httpContextAccessor.HttpContext?.RequestServices.GetRequiredService<LicenseUsageTracker>();
-            licenseUsage.FeatureUsed(LicenseFeature.ServerSideSessions);
+            licenseUsage?.FeatureUsed(LicenseFeature.ServerSideSessions);
 
             var sessionStore = _httpContextAccessor.HttpContext!.RequestServices.GetService<IServerSideSessionStore>();
             if (sessionStore is InMemoryServerSideSessionStore)
@@ -128,4 +128,4 @@ public Task<string> StoreAsync(AuthenticationTicket ticket)
     {
         return Inner.StoreAsync(ticket);
     }
-}
+}

identity-server/src/IdentityServer/Hosting/DynamicProviders/Store/CachingIdentityProviderStore.cs

@@ -101,7 +101,7 @@ void RemoveCacheEntry(IdentityProvider idp)
                 var optionsMonitorType = typeof(IOptionsMonitorCache<>).MakeGenericType(provider.OptionsType);
                 // need to resolve the provide type dynamically, thus the need for the http context accessor
                 // this will throw if attempted outside an http request, but that is checked in the caller
-                var optionsCache = _httpContextAccessor.HttpContext.RequestServices.GetService(optionsMonitorType);
+                var optionsCache = _httpContextAccessor.HttpContext?.RequestServices.GetService(optionsMonitorType);
                 if (optionsCache != null)
                 {
                     var mi = optionsMonitorType.GetMethod("TryRemove");
@@ -113,4 +113,4 @@ void RemoveCacheEntry(IdentityProvider idp)
             }
         }
     }
-}
+}