Make sure that identityOptions is overwritten before use.

modules/account/src/Volo.Abp.Account.Application/Volo/Abp/Account/AccountAppService.cs

@@ -16,7 +16,6 @@ namespace Volo.Abp.Account
         protected IdentityUserManager UserManager { get; }
         protected IAccountEmailer AccountEmailer { get; }
         protected IdentitySecurityLogManager IdentitySecurityLogManager { get; }
-
         protected IOptions<IdentityOptions> IdentityOptions { get; }
 
         public AccountAppService(

modules/account/src/Volo.Abp.Account.Web/Areas/Account/Controllers/AccountController.cs

@@ -2,6 +2,7 @@ using System;
 using System.Threading.Tasks;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.AspNetCore.Mvc;
+using Microsoft.Extensions.Options;
 using Volo.Abp.Account.Localization;
 using Volo.Abp.Account.Settings;
 using Volo.Abp.Account.Web.Areas.Account.Controllers.Models;
@@ -27,12 +28,14 @@ namespace Volo.Abp.Account.Web.Areas.Account.Controllers
         protected IdentityUserManager UserManager { get; }
         protected ISettingProvider SettingProvider { get; }
         protected IdentitySecurityLogManager IdentitySecurityLogManager { get; }
+        protected IOptions<IdentityOptions> IdentityOptions { get; }
 
         public AccountController(
             SignInManager<IdentityUser> signInManager,
             IdentityUserManager userManager,
             ISettingProvider settingProvider,
-            IdentitySecurityLogManager identitySecurityLogManager)
+            IdentitySecurityLogManager identitySecurityLogManager,
+            IOptions<IdentityOptions> identityOptions)
         {
             LocalizationResource = typeof(AccountResource);
 
@@ -40,6 +43,7 @@ namespace Volo.Abp.Account.Web.Areas.Account.Controllers
             UserManager = userManager;
             SettingProvider = settingProvider;
             IdentitySecurityLogManager = identitySecurityLogManager;
+            IdentityOptions = identityOptions;
         }
 
         [HttpPost]
@@ -104,6 +108,7 @@ namespace Volo.Abp.Account.Web.Areas.Account.Controllers
                 return new AbpLoginResult(LoginResultType.InvalidUserNameOrPassword);
             }
 
+            await IdentityOptions.SetAsync();
             return GetAbpLoginResult(await SignInManager.CheckPasswordSignInAsync(identityUser, login.Password, true));
         }
 

modules/account/src/Volo.Abp.Account.Web/Pages/Account/AccountPageModel.cs

@@ -3,6 +3,7 @@ using System.Collections.Generic;
 using System.Linq;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.AspNetCore.Mvc;
+using Microsoft.Extensions.Options;
 using Volo.Abp.Account.Localization;
 using Volo.Abp.AspNetCore.Mvc.UI.RazorPages;
 using Volo.Abp.Identity;
@@ -16,6 +17,7 @@ namespace Volo.Abp.Account.Web.Pages.Account
         public SignInManager<IdentityUser> SignInManager { get; set; }
         public IdentityUserManager UserManager { get; set; }
         public IdentitySecurityLogManager IdentitySecurityLogManager { get; set; }
+        public IOptions<IdentityOptions> IdentityOptions { get; set; }
 
         protected AccountPageModel()
         {

modules/account/src/Volo.Abp.Account.Web/Pages/Account/Login.cshtml.cs

@@ -186,6 +186,8 @@ namespace Volo.Abp.Account.Web.Pages.Account
                 return RedirectToPage("./Login");
             }
 
+            await IdentityOptions.SetAsync();
+
             var loginInfo = await SignInManager.GetExternalLoginInfoAsync();
             if (loginInfo == null)
             {
@@ -259,6 +261,8 @@ namespace Volo.Abp.Account.Web.Pages.Account
 
         protected virtual async Task<IdentityUser> CreateExternalUserAsync(ExternalLoginInfo info)
         {
+            await IdentityOptions.SetAsync();
+
             var emailAddress = info.Principal.FindFirstValue(AbpClaimTypes.Email);
 
             var user = new IdentityUser(GuidGenerator.Create(), emailAddress, emailAddress, CurrentTenant.Id);

modules/account/src/Volo.Abp.Account.Web/Pages/Account/Register.cshtml.cs

@@ -7,6 +7,7 @@ using System.Threading.Tasks;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.Extensions.Logging;
+using Microsoft.Extensions.Options;
 using Volo.Abp.Account.Settings;
 using Volo.Abp.Auditing;
 using Volo.Abp.Identity;
@@ -124,6 +125,8 @@ namespace Volo.Abp.Account.Web.Pages.Account
 
         protected virtual async Task RegisterExternalUserAsync(ExternalLoginInfo externalLoginInfo, string emailAddress)
         {
+            await IdentityOptions.SetAsync();
+
             var user = new IdentityUser(GuidGenerator.Create(), emailAddress, emailAddress, CurrentTenant.Id);
 
             (await UserManager.CreateAsync(user)).CheckErrors();

modules/account/test/Volo.Abp.Account.Application.Tests/Volo/Abp/Account/AccountAppService_Tests.cs

@@ -1,5 +1,6 @@
 using System.Threading.Tasks;
 using Microsoft.AspNetCore.Identity;
+using Microsoft.Extensions.Options;
 using Shouldly;
 using Volo.Abp.Identity;
 using Xunit;
@@ -12,18 +13,22 @@ namespace Volo.Abp.Account
         private readonly IIdentityUserRepository _identityUserRepository;
         private readonly ILookupNormalizer _lookupNormalizer;
         private readonly IdentityUserManager _userManager;
-        
+        private readonly IOptions<IdentityOptions> _identityOptions;
+
         public AccountAppService_Tests()
         {
             _accountAppService = GetRequiredService<IAccountAppService>();
             _identityUserRepository = GetRequiredService<IIdentityUserRepository>();
             _lookupNormalizer = GetRequiredService<ILookupNormalizer>();
             _userManager = GetRequiredService<IdentityUserManager>();
+            _identityOptions = GetRequiredService<IOptions<IdentityOptions>>();
         }
 
         [Fact]
         public async Task RegisterAsync()
         {
+            await _identityOptions.SetAsync();
+
             var registerDto = new RegisterDto
             {
                 UserName = "bob.lee",

modules/identity/src/Volo.Abp.Identity.Domain/Volo/Abp/Identity/ExternalLoginProviderBase.cs

@@ -2,6 +2,7 @@
 using System.Linq;
 using System.Threading.Tasks;
 using Microsoft.AspNetCore.Identity;
+using Microsoft.Extensions.Options;
 using Volo.Abp.Domain.Repositories;
 using Volo.Abp.Guids;
 using Volo.Abp.MultiTenancy;
@@ -14,23 +15,28 @@ namespace Volo.Abp.Identity
         protected ICurrentTenant CurrentTenant { get; }
         protected IdentityUserManager UserManager { get; }
         protected IIdentityUserRepository IdentityUserRepository { get; }
+        protected IOptions<IdentityOptions> IdentityOptions { get; }
 
         protected ExternalLoginProviderBase(
             IGuidGenerator guidGenerator,
             ICurrentTenant currentTenant,
             IdentityUserManager userManager,
-            IIdentityUserRepository identityUserRepository)
+            IIdentityUserRepository identityUserRepository,
+            IOptions<IdentityOptions> identityOptions)
         {
             GuidGenerator = guidGenerator;
             CurrentTenant = currentTenant;
             UserManager = userManager;
             IdentityUserRepository = identityUserRepository;
+            IdentityOptions = identityOptions;
         }
 
         public abstract Task<bool> TryAuthenticateAsync(string userName, string plainPassword);
 
         public virtual async Task<IdentityUser> CreateUserAsync(string userName, string providerName)
         {
+            await IdentityOptions.SetAsync();
+
             var externalUser = await GetUserInfoAsync(userName);
             NormalizeExternalLoginUserInfo(externalUser, userName);
 

modules/identity/src/Volo.Abp.Identity.Domain/Volo/Abp/Identity/IdentityDataSeeder.cs

@@ -1,6 +1,7 @@
 using System;
 using System.Threading.Tasks;
 using Microsoft.AspNetCore.Identity;
+using Microsoft.Extensions.Options;
 using Volo.Abp.DependencyInjection;
 using Volo.Abp.Guids;
 using Volo.Abp.MultiTenancy;
@@ -17,6 +18,7 @@ namespace Volo.Abp.Identity
         protected IdentityUserManager UserManager { get; }
         protected IdentityRoleManager RoleManager { get; }
         protected ICurrentTenant CurrentTenant { get; }
+        protected IOptions<IdentityOptions> IdentityOptions { get; }
 
         public IdentityDataSeeder(
             IGuidGenerator guidGenerator,
@@ -25,7 +27,8 @@ namespace Volo.Abp.Identity
             ILookupNormalizer lookupNormalizer,
             IdentityUserManager userManager,
             IdentityRoleManager roleManager,
-            ICurrentTenant currentTenant)
+            ICurrentTenant currentTenant,
+            IOptions<IdentityOptions> identityOptions)
         {
             GuidGenerator = guidGenerator;
             RoleRepository = roleRepository;
@@ -34,6 +37,7 @@ namespace Volo.Abp.Identity
             UserManager = userManager;
             RoleManager = roleManager;
             CurrentTenant = currentTenant;
+            IdentityOptions = identityOptions;
         }
 
         [UnitOfWork]
@@ -45,6 +49,8 @@ namespace Volo.Abp.Identity
             Check.NotNullOrWhiteSpace(adminEmail, nameof(adminEmail));
             Check.NotNullOrWhiteSpace(adminPassword, nameof(adminPassword));
 
+            await IdentityOptions.SetAsync();
+
             var result = new IdentityDataSeedResult();
 
             using (CurrentTenant.Change(tenantId))

modules/identity/test/Volo.Abp.Identity.AspNetCore.Tests/Volo/Abp/Identity/AspNetCore/FakeExternalLoginProvider.cs

@@ -1,5 +1,7 @@
 using System;
 using System.Threading.Tasks;
+using Microsoft.AspNetCore.Identity;
+using Microsoft.Extensions.Options;
 using Volo.Abp.DependencyInjection;
 using Volo.Abp.Guids;
 using Volo.Abp.MultiTenancy;
@@ -14,12 +16,14 @@ namespace Volo.Abp.Identity.AspNetCore
             IGuidGenerator guidGenerator,
             ICurrentTenant currentTenant,
             IdentityUserManager userManager,
-            IIdentityUserRepository identityUserRepository)
+            IIdentityUserRepository identityUserRepository,
+            IOptions<IdentityOptions> identityOptions)
             : base(
                 guidGenerator,
                 currentTenant,
                 userManager,
-                identityUserRepository)
+                identityUserRepository,
+                identityOptions)
         {
 
         }

modules/identity/test/Volo.Abp.Identity.Domain.Tests/Volo/Abp/Identity/IdentityUserManager_Tests.cs

@@ -3,6 +3,7 @@ using System.Collections.Generic;
 using System.Linq;
 using System.Threading.Tasks;
 using Microsoft.AspNetCore.Identity;
+using Microsoft.Extensions.Options;
 using Shouldly;
 using Volo.Abp.Uow;
 using Xunit;
@@ -18,6 +19,7 @@ namespace Volo.Abp.Identity
         private readonly ILookupNormalizer _lookupNormalizer;
         private readonly IUnitOfWorkManager _unitOfWorkManager;
         private readonly IdentityTestData _testData;
+        protected IOptions<IdentityOptions> _identityOptions { get; }
 
         public IdentityUserManager_Tests()
         {
@@ -28,6 +30,7 @@ namespace Volo.Abp.Identity
             _lookupNormalizer = GetRequiredService<ILookupNormalizer>();
             _testData = GetRequiredService<IdentityTestData>();
             _unitOfWorkManager = GetRequiredService<IUnitOfWorkManager>();
+            _identityOptions = GetRequiredService<IOptions<IdentityOptions>>();
         }
 
         [Fact]
@@ -120,6 +123,8 @@ namespace Volo.Abp.Identity
         [Fact]
         public async Task AddDefaultRolesAsync_In_Same_Uow()
         {
+            await _identityOptions.SetAsync();
+
             await CreateRandomDefaultRoleAsync();
 
             using (var uow = _unitOfWorkManager.Begin())
@@ -176,6 +181,8 @@ namespace Volo.Abp.Identity
         [Fact]
         public async Task AddDefaultRolesAsync_In_Different_Uow()
         {
+            await _identityOptions.SetAsync();
+
             await CreateRandomDefaultRoleAsync();
 
             Guid userId;

modules/identityserver/src/Volo.Abp.IdentityServer.Domain/Volo/Abp/IdentityServer/AspNetIdentity/AbpResourceOwnerPasswordValidator.cs

@@ -33,6 +33,7 @@ namespace Volo.Abp.IdentityServer.AspNetIdentity
         protected IStringLocalizer<AbpIdentityServerResource> Localizer { get; }
         protected IHybridServiceScopeFactory ServiceScopeFactory { get; }
         protected AbpIdentityOptions AbpIdentityOptions { get; }
+        protected IOptions<IdentityOptions> IdentityOptions { get; }
 
         public AbpResourceOwnerPasswordValidator(
             UserManager<IdentityUser> userManager,
@@ -41,7 +42,8 @@ namespace Volo.Abp.IdentityServer.AspNetIdentity
             ILogger<ResourceOwnerPasswordValidator<IdentityUser>> logger,
             IStringLocalizer<AbpIdentityServerResource> localizer,
             IOptions<AbpIdentityOptions> abpIdentityOptions,
-            IHybridServiceScopeFactory serviceScopeFactory)
+            IHybridServiceScopeFactory serviceScopeFactory,
+            IOptions<IdentityOptions> identityOptions)
         {
             UserManager = userManager;
             SignInManager = signInManager;
@@ -50,6 +52,7 @@ namespace Volo.Abp.IdentityServer.AspNetIdentity
             Localizer = localizer;
             ServiceScopeFactory = serviceScopeFactory;
             AbpIdentityOptions = abpIdentityOptions.Value;
+            IdentityOptions = identityOptions;
         }
 
         /// <summary>
@@ -123,6 +126,7 @@ namespace Volo.Abp.IdentityServer.AspNetIdentity
             string errorDescription;
             if (user != null)
             {
+                await IdentityOptions.SetAsync();
                 var result = await SignInManager.CheckPasswordSignInAsync(user, context.Password, true);
                 if (result.Succeeded)
                 {