fix: add PooledConnectionLifetime to static discovery HttpClient

The static HttpClient used for OIDC discovery document fetching never
recycled its handler, meaning DNS changes to the IdP would not be
picked up in containerized deployments. Adding PooledConnectionLifetime
of 5 minutes ensures connections are recycled periodically.

Co-Authored-By: Claude Opus 4.6 (1M context) <[email protected]>

Author: James Blair

src/SEBT.Portal.Api/Services/OidcExchangeService.cs

@@ -103,7 +103,11 @@ public sealed class OidcExchangeService : IOidcExchangeService
     /// </summary>
     private static readonly ConcurrentDictionary<string, ConfigurationManager<OpenIdConnectConfiguration>>
         DiscoveryManagers = new(StringComparer.OrdinalIgnoreCase);
-    private static readonly HttpClient DiscoveryHttpClient = new() { Timeout = TimeSpan.FromSeconds(30) };
+    private static readonly HttpClient DiscoveryHttpClient = new(
+        new SocketsHttpHandler { PooledConnectionLifetime = TimeSpan.FromMinutes(5) })
+    {
+        Timeout = TimeSpan.FromSeconds(30)
+    };
 
     /// <inheritdoc cref="OidcExchangeService"/>
     public OidcExchangeService(