Replace static time access with injected TimeProvider for testability

[egil]

Summary & Motivation

Replaces all static DateTimeOffset.UtcNow and TimeProvider.System.GetUtcNow() calls with injected TimeProvider to enable time mocking in tests. This makes time-sensitive business logic (expiration, rate limiting, token generation) fully testable.

Key changes:

• Services inject TimeProvider: AccessTokenGenerator, RefreshTokenGenerator, BlobStorageClient, and handlers now inject TimeProvider for timestamp operations
• Domain methods accept DateTimeOffset: Methods like EmailConfirmation.HasExpired() now accept DateTimeOffset now parameter instead of calling static time directly, maintaining clean domain boundaries
• TimeProviderAccessor for entity construction: Introduces TimeProviderAccessor using AsyncLocal<TimeProvider> to provide CreatedAt timestamps during entity construction, ensuring computed properties like EmailConfirmation.ValidUntil calculate correctly immediately after creation
• UpdateAuditableEntitiesInterceptor: Now uses TimeProvider from DbContext for setting ModifiedAt, with validation that CreatedAt is already set
• Test infrastructure: Tests use TimeProvider.System by default; TimeProviderAccessor.Current can be overridden for tests requiring time control
• DbContext updates: All SharedKernelDbContext implementations now accept TimeProvider as dependency and implement ITimeProviderSource interface
• SecurityTokenDescriptorExtensions: Token generation now accepts both now and expires timestamps to properly set NotBefore and IssuedAt claims

Minor fixes:

• Added DateTimeOffset type handling in SqliteConnectionExtensions.Insert() for test data
• Updated backend AI rules documentation to reflect TimeProvider usage patterns

Downstream projects

Search for TimeProvider.System in your codebase and apply these changes:

1. Update your DbContext implementations to accept and pass TimeProvider:

-public sealed class YourDbContext(DbContextOptions<YourDbContext> options, IExecutionContext executionContext)
-    : SharedKernelDbContext<YourDbContext>(options, executionContext);
+public sealed class YourDbContext(DbContextOptions<YourDbContext> options, IExecutionContext executionContext, TimeProvider timeProvider)
+    : SharedKernelDbContext<YourDbContext>(options, executionContext, timeProvider);

2. Inject TimeProvider into all handlers, services, and repositories that use timestamps, and replace TimeProvider.System.GetUtcNow() with timeProvider.GetUtcNow():

-public sealed class YourHandler(IRepository repository)
+public sealed class YourHandler(IRepository repository, TimeProvider timeProvider)
     : IRequestHandler<YourCommand, Result>
 {
     public async Task<Result> Handle(YourCommand command, CancellationToken cancellationToken)
     {
-        var expiresAt = TimeProvider.System.GetUtcNow().AddMinutes(30);
+        var expiresAt = timeProvider.GetUtcNow().AddMinutes(30);
         // ...
     }
 }

3. Update your-self-contained-system/Tests/EndpointBaseTest.cs to add TimeProvider field:

 public abstract class EndpointBaseTest<TContext> : IDisposable where TContext : DbContext
 {
     protected readonly ServiceCollection Services;
+    [UsedImplicitly] protected readonly TimeProvider TimeProvider;
     
     protected EndpointBaseTest()
     {
         Services = new ServiceCollection();
+        TimeProvider = TimeProvider.System;
         // ...
     }
 }

4. Replace all TimeProvider.System.GetUtcNow() calls with TimeProvider.GetUtcNow() in test files to use the instance field.

Checklist

• I have added tests, or done manual regression tests
• I have updated the documentation, if necessary

[CLAassistant]

All committers have signed the CLA.

[Copilot]

Pull Request Overview

This PR refactors the codebase to use TimeProvider via dependency injection instead of directly using TimeProvider.System.GetUtcNow(). The goal is to enable controlled time during testing while distinguishing between business logic that should use injectable TimeProvider and infrastructure code that should use DateTimeOffset.UtcNow.

• Creates a custom FromPlatformServicesAttribute for easier keyed service injection
• Registers TimeProvider as a keyed singleton service in dependency injection
• Replaces TimeProvider.System.GetUtcNow() calls with injected TimeProvider in business logic
• Uses DateTimeOffset.UtcNow for infrastructure code that cannot work with fake TimeProvider

Reviewed Changes

Copilot reviewed 29 out of 29 changed files in this pull request and generated 3 comments.

Show a summary per file

File	Description
SharedKernel.csproj	Added TimeProviderExtensions package dependency
AudibleEntity.cs	Changed to use DateTimeOffset.UtcNow for entity timestamps
SharedDependencyConfiguration.cs	Added TimeProvider registration as keyed service
FromPlatformServicesAttribute.cs	New custom attribute for platform service injection
Token generation files	Updated to use DateTimeOffset.UtcNow for JWT timestamps
Test files	Updated to use injected TimeProvider for controllable time
Repository/Handler files	Injected TimeProvider for business logic operations
EmailConfirmation domain	Updated methods to accept TimeProvider parameter
Directory.Packages.props	Added TimeProviderExtensions package version
AuthenticationCookieMiddleware.cs	Injected TimeProvider for token validation
backend.mdc	Updated coding guidelines for TimeProvider usage

[tjementum]

Hi @egil,

Thanks for the pull-request.

I introduced TimeProvider just when it was introduced in .NET 8, but never got around to truly making it possible to inject it. I will take a look at your Pull Request asap.

You should run pp check (dotnet run check from the developer-cli folder), and fix all static code analysis warnings.

As you noticed, there are conventions for commit messages, which made the Pull Request Conventions fail. One line in imperative form (no description, as nobody sees them). Also, please squash your commits into two idiomatic commits (that is, remove "Fix spelling mistake", "Remove unused parameter", "Revert line breaks") ;)

[tjementum]

Hi @egil

I had a few comments and change requests, so your pull request became stale. I have now made the implementation a bit more straightforward by removing the keyed service and dropping the passing of timeProvider as a parameter to methods, etc.

I also introduced a new TimeProviderAccessor, which will set the CreatedAt timestamp of aggregates to the mocked TimeProvider. It's a bit hidden as it's a static class, and maybe not the best design. But I feel it's important that you can mock the CreatedAt and ModifiedAt timestamps. And I did not like the alternative of passing timeProvider as paramter when creating all domain objects.

[egil]

Hi @tjementum, apologies for the radio silence on this. Have had a lot going on in my life last few months so this slipped through the cracks. Happy that you could use what I shared and fix the problems I caused 🙂

I also introduced a new TimeProviderAccessor, which will set the CreatedAt timestamp of aggregates to the mocked TimeProvider. It's a bit hidden as it's a static class, and maybe not the best design. But I feel it's important that you can mock the CreatedAt and ModifiedAt timestamps. And I did not like the alternative of passing timeProvider as paramter when creating all domain objects.

Yep, TimeProvider works best in DI scenarios, for sure, and did notice the friction with your particular domain object creation/setup approach.

If you can figure out a good pattern that allows time(stamps) to be controlled during testing, I have no objections.