From 9b95c36fa5170d206685a68f631f418def2b8a29 Mon Sep 17 00:00:00 2001
From: Warren Bailey <warren@warrenbailey.net>
Date: Thu, 23 Feb 2023 16:28:00 +0000
Subject: [PATCH] add flag to odic config

---
 synapse/config/oidc.py  | 5 +++++
 synapse/handlers/sso.py | 2 +-
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/synapse/config/oidc.py b/synapse/config/oidc.py
index df8c42204392..77c1d1dc8e0f 100644
--- a/synapse/config/oidc.py
+++ b/synapse/config/oidc.py
@@ -136,6 +136,7 @@ def oidc_enabled(self) -> bool:
             "type": "array",
             "items": SsoAttributeRequirement.JSON_SCHEMA,
         },
+        "enable_registration": {"type": "boolean"},
     },
 }
 
@@ -306,6 +307,7 @@ def _parse_oidc_config_dict(
         user_mapping_provider_class=user_mapping_provider_class,
         user_mapping_provider_config=user_mapping_provider_config,
         attribute_requirements=attribute_requirements,
+        enable_registration=oidc_config.get("enable_registration", True),
     )
 
 
@@ -405,3 +407,6 @@ class OidcProviderConfig:
 
     # required attributes to require in userinfo to allow login/registration
     attribute_requirements: List[SsoAttributeRequirement]
+
+    # Whether automatic registrations are enabled in the ODIC flow. Defaults to True
+    enable_registration: bool
diff --git a/synapse/handlers/sso.py b/synapse/handlers/sso.py
index 51e2c2cdf80e..70be146bf61f 100644
--- a/synapse/handlers/sso.py
+++ b/synapse/handlers/sso.py
@@ -224,7 +224,7 @@ def __init__(self, hs: "HomeServer"):
 
         self._consent_at_registration = hs.config.consent.user_consent_at_registration
 
-        self._registration_enabled = hs.config.registration.enable_registration
+        self._registration_enabled = hs.config.odic.enable_registration
 
     def register_identity_provider(self, p: SsoIdentityProvider) -> None:
         p_id = p.idp_id