add registrations_require_3pid

lets homeservers specify a whitelist for 3PIDs that users are allowed to associate with.
Typically useful for stopping people from registering with non-work emails

synapse/config/registration.py

@@ -31,6 +31,7 @@ class RegistrationConfig(Config):
                 strtobool(str(config["disable_registration"]))
             )
 
+        self.registrations_require_3pid = config.get("registrations_require_3pid", [])
         self.registration_shared_secret = config.get("registration_shared_secret")
 
         self.bcrypt_rounds = config.get("bcrypt_rounds", 12)
@@ -52,6 +53,18 @@ class RegistrationConfig(Config):
         # Enable registration for new users.
         enable_registration: False
 
+        # Mandate that registrations require a 3PID which matches one or more
+        # of these 3PIDs.  N.B. regexp escape backslashes are doubled (once for
+        # YAML and once for the regexp itself)
+        #
+        # registrations_require_3pid:
+        #     - medium: email
+        #       pattern: ".*@matrix\\.org"
+        #     - medium: email
+        #       pattern: ".*@vector\\.im"
+        #     - medium: msisdn
+        #       pattern: "\\+44"
+
         # If set, allows registration by anyone who also has the shared
         # secret, even if registration is otherwise disabled.
         registration_shared_secret: "%(registration_shared_secret)s"