Tratcher
diff --git a/‎src/Identity/Core/src/PublicAPI.Unshipped.txt
Lines changed: 5 additions & 0 deletions b/‎src/Identity/Core/src/PublicAPI.Unshipped.txt
Lines changed: 5 additions & 0 deletions
diff --git a/‎src/Identity/Core/src/SecurityStampValidator.cs
Lines changed: 45 additions & 3 deletions b/‎src/Identity/Core/src/SecurityStampValidator.cs
Lines changed: 45 additions & 3 deletions
diff --git a/‎src/Identity/Core/src/TimeClockProvider.cs
Lines changed: 23 additions & 0 deletions b/‎src/Identity/Core/src/TimeClockProvider.cs
Lines changed: 23 additions & 0 deletions
diff --git a/‎src/Identity/Core/src/TwoFactorSecurityStampValidator.cs
Lines changed: 23 additions & 0 deletions b/‎src/Identity/Core/src/TwoFactorSecurityStampValidator.cs
Lines changed: 23 additions & 0 deletions
@@ -1,2 +1,7 @@
 #nullable enable
+Microsoft.AspNetCore.Identity.SecurityStampValidator<TUser>.SecurityStampValidator(Microsoft.Extensions.Options.IOptions<Microsoft.AspNetCore.Identity.SecurityStampValidatorOptions!>! options, Microsoft.AspNetCore.Identity.SignInManager<TUser!>! signInManager, Microsoft.AspNetCore.Authentication.ISystemClock! clock, Microsoft.Extensions.Logging.ILoggerFactory! logger, System.TimeProvider! time) -> void
+Microsoft.AspNetCore.Identity.SecurityStampValidator<TUser>.SecurityStampValidator(Microsoft.Extensions.Options.IOptions<Microsoft.AspNetCore.Identity.SecurityStampValidatorOptions!>! options, Microsoft.AspNetCore.Identity.SignInManager<TUser!>! signInManager, System.TimeProvider! time, Microsoft.Extensions.Logging.ILoggerFactory! logger) -> void
+Microsoft.AspNetCore.Identity.SecurityStampValidator<TUser>.Time.get -> System.TimeProvider!
+Microsoft.AspNetCore.Identity.TwoFactorSecurityStampValidator<TUser>.TwoFactorSecurityStampValidator(Microsoft.Extensions.Options.IOptions<Microsoft.AspNetCore.Identity.SecurityStampValidatorOptions!>! options, Microsoft.AspNetCore.Identity.SignInManager<TUser!>! signInManager, Microsoft.AspNetCore.Authentication.ISystemClock! clock, Microsoft.Extensions.Logging.ILoggerFactory! logger, System.TimeProvider! time) -> void
+Microsoft.AspNetCore.Identity.TwoFactorSecurityStampValidator<TUser>.TwoFactorSecurityStampValidator(Microsoft.Extensions.Options.IOptions<Microsoft.AspNetCore.Identity.SecurityStampValidatorOptions!>! options, Microsoft.AspNetCore.Identity.SignInManager<TUser!>! signInManager, System.TimeProvider! time, Microsoft.Extensions.Logging.ILoggerFactory! logger) -> void
 virtual Microsoft.AspNetCore.Identity.SignInManager<TUser>.IsTwoFactorEnabledAsync(TUser! user) -> System.Threading.Tasks.Task<bool>!
@@ -23,16 +23,52 @@ public class SecurityStampValidator<TUser> : ISecurityStampValidator where TUser
     /// <param name="signInManager">The <see cref="SignInManager{TUser}"/>.</param>
     /// <param name="clock">The system clock.</param>
     /// <param name="logger">The logger.</param>
+    [Obsolete("ISystemClock is obsolete, use TimeProvider instead.")]
     public SecurityStampValidator(IOptions<SecurityStampValidatorOptions> options, SignInManager<TUser> signInManager, ISystemClock clock, ILoggerFactory logger)
     {
         ArgumentNullException.ThrowIfNull(options);
         ArgumentNullException.ThrowIfNull(signInManager);
         SignInManager = signInManager;
         Options = options.Value;
+        Time = new TimeClockProvider(clock);
         Clock = clock;
         Logger = logger.CreateLogger(GetType());
     }
 
+    /// <summary>
+    /// Creates a new instance of <see cref="SecurityStampValidator{TUser}"/>.
+    /// </summary>
+    /// <param name="options">Used to access the <see cref="IdentityOptions"/>.</param>
+    /// <param name="signInManager">The <see cref="SignInManager{TUser}"/>.</param>
+    /// <param name="clock">The system clock.</param>
+    /// <param name="time">The system clock.</param>
+    /// <param name="logger">The logger.</param>
+    [Obsolete("ISystemClock is obsolete, use TimeProvider instead.")]
+    public SecurityStampValidator(IOptions<SecurityStampValidatorOptions> options, SignInManager<TUser> signInManager, ISystemClock clock, ILoggerFactory logger, TimeProvider time)
+        : this(options, signInManager, time, logger)
+    {
+    }
+
+    /// <summary>
+    /// Creates a new instance of <see cref="SecurityStampValidator{TUser}"/>.
+    /// </summary>
+    /// <param name="options">Used to access the <see cref="IdentityOptions"/>.</param>
+    /// <param name="signInManager">The <see cref="SignInManager{TUser}"/>.</param>
+    /// <param name="time">The system clock.</param>
+    /// <param name="logger">The logger.</param>
+    public SecurityStampValidator(IOptions<SecurityStampValidatorOptions> options, SignInManager<TUser> signInManager, TimeProvider time, ILoggerFactory logger)
+    {
+        ArgumentNullException.ThrowIfNull(options);
+        ArgumentNullException.ThrowIfNull(signInManager);
+        SignInManager = signInManager;
+        Options = options.Value;
+        Time = time;
+#pragma warning disable CS0618 // Type or member is obsolete
+        Clock = new SystemClock(time);
+#pragma warning restore CS0618 // Type or member is obsolete
+        Logger = logger.CreateLogger(GetType());
+    }
+
     /// <summary>
     /// The SignInManager.
     /// </summary>
@@ -46,8 +82,14 @@ public SecurityStampValidator(IOptions<SecurityStampValidatorOptions> options, S
     /// <summary>
     /// The <see cref="ISystemClock"/>.
     /// </summary>
+    [Obsolete("ISystemClock is obsolete, use TimeProvider instead.")]
     public ISystemClock Clock { get; }
 
+    /// <summary>
+    /// The <see cref="ISystemClock"/>.
+    /// </summary>
+    public TimeProvider Time { get; }
+
     /// <summary>
     /// Gets the <see cref="ILogger"/> used to log messages.
     /// </summary>
@@ -87,7 +129,7 @@ protected virtual async Task SecurityStampVerified(TUser user, CookieValidatePri
         {
             // On renewal calculate the new ticket length relative to now to avoid
             // extending the expiration.
-            context.Properties.IssuedUtc = Clock.UtcNow;
+            context.Properties.IssuedUtc = Time.GetUtcNow();
         }
     }
 
@@ -109,9 +151,9 @@ protected virtual async Task SecurityStampVerified(TUser user, CookieValidatePri
     public virtual async Task ValidateAsync(CookieValidatePrincipalContext context)
     {
         var currentUtc = DateTimeOffset.UtcNow;
-        if (Clock != null)
+        if (Time != null)
         {
-            currentUtc = Clock.UtcNow;
+            currentUtc = Time.GetUtcNow();
         }
         var issuedUtc = context.Properties.IssuedUtc;
 
 
@@ -0,0 +1,23 @@
+// Licensed to the .NET Foundation under one or more agreements.
+// The .NET Foundation licenses this file to you under the MIT license.
+
+using Microsoft.AspNetCore.Authentication;
+
+namespace Microsoft.AspNetCore.Identity;
+
+internal sealed class TimeClockProvider : TimeProvider
+{
+#pragma warning disable CS0618 // Type or member is obsolete
+    private readonly ISystemClock _clock;
+
+    public TimeClockProvider(ISystemClock clock)
+    {
+        _clock = clock;
+    }
+#pragma warning restore CS0618 // Type or member is obsolete
+
+    public override DateTimeOffset GetUtcNow()
+    {
+        return _clock.UtcNow;
+    }
+}
@@ -22,9 +22,32 @@ public class TwoFactorSecurityStampValidator<TUser> : SecurityStampValidator<TUs
     /// <param name="signInManager">The <see cref="SignInManager{TUser}"/>.</param>
     /// <param name="clock">The system clock.</param>
     /// <param name="logger">The logger.</param>
+    [Obsolete("ISystemClock is obsolete, use TimeProvider instead.")]
     public TwoFactorSecurityStampValidator(IOptions<SecurityStampValidatorOptions> options, SignInManager<TUser> signInManager, ISystemClock clock, ILoggerFactory logger) : base(options, signInManager, clock, logger)
     { }
 
+    /// <summary>
+    /// Creates a new instance of <see cref="SecurityStampValidator{TUser}"/>.
+    /// </summary>
+    /// <param name="options">Used to access the <see cref="IdentityOptions"/>.</param>
+    /// <param name="signInManager">The <see cref="SignInManager{TUser}"/>.</param>
+    /// <param name="clock">The system clock.</param>
+    /// <param name="time">The system clock.</param>
+    /// <param name="logger">The logger.</param>
+    [Obsolete("ISystemClock is obsolete, use TimeProvider instead.")]
+    public TwoFactorSecurityStampValidator(IOptions<SecurityStampValidatorOptions> options, SignInManager<TUser> signInManager, ISystemClock clock, ILoggerFactory logger, TimeProvider time) : base(options, signInManager, time, logger)
+    { }
+
+    /// <summary>
+    /// Creates a new instance of <see cref="SecurityStampValidator{TUser}"/>.
+    /// </summary>
+    /// <param name="options">Used to access the <see cref="IdentityOptions"/>.</param>
+    /// <param name="signInManager">The <see cref="SignInManager{TUser}"/>.</param>
+    /// <param name="time">The system clock.</param>
+    /// <param name="logger">The logger.</param>
+    public TwoFactorSecurityStampValidator(IOptions<SecurityStampValidatorOptions> options, SignInManager<TUser> signInManager, TimeProvider time, ILoggerFactory logger) : base(options, signInManager, time, logger)
+    { }
+
     /// <summary>
     /// Verifies the principal's security stamp, returns the matching user if successful
     /// </summary>