From 18f499df518dfab2dd1750bcff7d36e72ae925ef Mon Sep 17 00:00:00 2001
From: Brent Baude <bbaude@redhat.com>
Date: Tue, 4 Oct 2016 08:15:00 -0500
Subject: [PATCH] Atomic/push.py: Don't prompt for password if token found

If the user has a token for the registry, we assume the token
is good and do not prompt for a username or password.

Closes: #675
Approved by: rhatdan
---
 Atomic/atomic.py | 23 +++++++++++++++++++++++
 Atomic/push.py   | 23 ++++++++++++++++-------
 2 files changed, 39 insertions(+), 7 deletions(-)

diff --git a/Atomic/atomic.py b/Atomic/atomic.py
index 2346875..dcca829 100644
--- a/Atomic/atomic.py
+++ b/Atomic/atomic.py
@@ -67,6 +67,7 @@ class Atomic(object):
         self.syscontainers = SystemContainers()
         self.run_opts = None
         self.atomic_config = util.get_atomic_config()
+        self.local_tokens = {}
 
     def __enter__(self):
         return self
@@ -678,6 +679,28 @@ class Atomic(object):
         except IOError:
             return []
 
+    def get_local_tokens(self):
+        if len(self.local_tokens) < 1:
+            self.local_tokens = self.load_local_tokens()
+        return self.local_tokens
+
+    @staticmethod
+    def load_local_tokens():
+        tokens = {}
+        token_file_name = os.path.expanduser('~/.docker/config.json')
+        if not os.path.exists(token_file_name):
+            return {}
+        with open(token_file_name) as token_file:
+            token_data = json.load(token_file)
+        try:
+            for registry in token_data['auths']:
+                tokens[registry] = token_data['auths'][registry]['auth']
+        except KeyError:
+            # Just return a blank dict
+            pass
+        return tokens
+
+
 class AtomicError(Exception):
     pass
 
diff --git a/Atomic/push.py b/Atomic/push.py
index df7db43..7119768 100644
--- a/Atomic/push.py
+++ b/Atomic/push.py
@@ -89,6 +89,13 @@ class Push(Atomic):
         self.policy_filename=policy_filename
 
     def push(self):
+        def prompt():
+            if not self.args.username:
+                self.args.username = util.input("Registry Username: ")
+
+            if not self.args.password:
+                self.args.password = getpass.getpass("Registry Password: ")
+
         self.ping()
         if self.args.debug:
             util.write_out(str(self.args))
@@ -122,16 +129,13 @@ class Push(Atomic):
         if self.args.verify_ssl is None:
             self.args.verify_ssl = False
 
-        if not self.args.username:
-            self.args.username = util.input("Registry Username: ")
-
-        if not self.args.password:
-            self.args.password = getpass.getpass("Registry Password: ")
-
         if (self.args.satellite | self.args.pulp):
+            prompt()
             if not self.args.url:
                 self.args.url = util.input("URL: ")
 
+        sign = True if self.args.sign_by else False
+
         if self.args.pulp:
             return pulp.push_image_to_pulp(self.image, self.args.url,
                                            self.args.username,
@@ -156,6 +160,12 @@ class Push(Atomic):
 
         else:
             reg, _, tag = util.decompose(self.image)
+            # Check if any local tokens exist
+            if reg not in [x for x in self.get_local_tokens()]:
+                # If we find a token for the registry, we don't
+                # prompt for a username or password
+                prompt()
+
             if not tag:
                 raise ValueError("The image being pushed must have a tag")
 
@@ -168,7 +178,6 @@ class Push(Atomic):
             else:
                 remote_image = "docker://{}".format(self.image)
 
-            sign = True if self.args.sign_by else False
             if sign and self.args.debug:
                 util.write_out("\nSigning with '{}'\n".format(self.args.sign_by))