From d9bc8c0dc598be562e225bd4fc388c23183b52d7 Mon Sep 17 00:00:00 2001
From: Alex Helfet <alex.helfet@gmail.com>
Date: Mon, 15 Apr 2019 19:00:42 +0100
Subject: [PATCH 1/2] Validate registry token before operations that require
 it.

---
 src/cargo/ops/registry.rs       | 14 ++++++++++----
 tests/testsuite/alt_registry.rs |  3 +++
 2 files changed, 13 insertions(+), 4 deletions(-)

diff --git a/src/cargo/ops/registry.rs b/src/cargo/ops/registry.rs
index 110157027ee..41d566c9e9d 100644
--- a/src/cargo/ops/registry.rs
+++ b/src/cargo/ops/registry.rs
@@ -69,6 +69,7 @@ pub fn publish(ws: &Workspace<'_>, opts: &PublishOpts<'_>) -> CargoResult<()> {
         opts.index.clone(),
         opts.registry.clone(),
         true,
+        !opts.dry_run
     )?;
     verify_dependencies(pkg, &registry, reg_id)?;
 
@@ -334,12 +335,13 @@ pub fn registry_configuration(
     Ok(RegistryConfig { index, token })
 }
 
-pub fn registry(
+fn registry(
     config: &Config,
     token: Option<String>,
     index: Option<String>,
     registry: Option<String>,
     force_update: bool,
+    validate_token: bool
 ) -> CargoResult<(Registry, SourceId)> {
     // Parse all configuration options
     let RegistryConfig {
@@ -363,6 +365,9 @@ pub fn registry(
             .ok_or_else(|| format_err!("{} does not support API commands", sid))?
     };
     let handle = http_handle(config)?;
+    if validate_token && token.is_none() {
+        bail!("no upload token found, please run `cargo login`");
+    };
     Ok((Registry::new_handle(api_host, token, handle), sid))
 }
 
@@ -536,7 +541,7 @@ pub fn registry_login(
     token: Option<String>,
     reg: Option<String>,
 ) -> CargoResult<()> {
-    let (registry, _) = registry(config, token.clone(), None, reg.clone(), false)?;
+    let (registry, _) = registry(config, token.clone(), None, reg.clone(), false, false)?;
 
     let token = match token {
         Some(token) => token,
@@ -604,6 +609,7 @@ pub fn modify_owners(config: &Config, opts: &OwnersOptions) -> CargoResult<()> {
         opts.index.clone(),
         opts.registry.clone(),
         true,
+        true
     )?;
 
     if let Some(ref v) = opts.to_add {
@@ -664,7 +670,7 @@ pub fn yank(
         None => bail!("a version must be specified to yank"),
     };
 
-    let (mut registry, _) = registry(config, token, index, reg, true)?;
+    let (mut registry, _) = registry(config, token, index, reg, true, true)?;
 
     if undo {
         config
@@ -720,7 +726,7 @@ pub fn search(
         prefix
     }
 
-    let (mut registry, source_id) = registry(config, None, index, reg, false)?;
+    let (mut registry, source_id) = registry(config, None, index, reg, false, false)?;
     let (crates, total_crates) = registry
         .search(query, limit)
         .chain_err(|| "failed to retrieve search results from the registry")?;
diff --git a/tests/testsuite/alt_registry.rs b/tests/testsuite/alt_registry.rs
index 1bae5739a2f..65ea46a8a7f 100644
--- a/tests/testsuite/alt_registry.rs
+++ b/tests/testsuite/alt_registry.rs
@@ -289,6 +289,9 @@ fn cannot_publish_to_crates_io_with_registry_dependency() {
         )
         .build();
 
+    // Login so that we have the token available
+    p.cargo("login --registry fakeio TOKEN").run();
+
     p.cargo("publish --registry fakeio")
         .with_status(101)
         .with_stderr_contains("[ERROR] crates cannot be published to crates.io[..]")

From f7c424f3620c0ac33b3b42a7583876939dfbd8e4 Mon Sep 17 00:00:00 2001
From: Alex Helfet <alex.helfet@gmail.com>
Date: Tue, 16 Apr 2019 17:52:07 +0100
Subject: [PATCH 2/2] Add check token before verify tests.

---
 tests/testsuite/publish.rs | 36 ++++++++++++++++++++++++++++++++++++
 1 file changed, 36 insertions(+)

diff --git a/tests/testsuite/publish.rs b/tests/testsuite/publish.rs
index e46653519aa..30eb6e969c7 100644
--- a/tests/testsuite/publish.rs
+++ b/tests/testsuite/publish.rs
@@ -977,3 +977,39 @@ fn publish_with_patch() {
         &["Cargo.toml", "Cargo.toml.orig", "src/main.rs"],
     );
 }
+
+#[test]
+fn publish_checks_for_token_before_verify() {
+    registry::init();
+
+    let p = project()
+        .file(
+            "Cargo.toml",
+            r#"
+            [project]
+            name = "foo"
+            version = "0.0.1"
+            authors = []
+            license = "MIT"
+            description = "foo"
+        "#,
+        )
+        .file("src/main.rs", "fn main() {}")
+        .build();
+
+    let credentials = paths::home().join(".cargo/credentials");
+    fs::remove_file(&credentials).unwrap();
+
+    // Assert upload token error before the package is verified
+    p.cargo("publish")
+        .with_status(101)
+        .with_stderr_contains("[ERROR] no upload token found, please run `cargo login`")
+        .with_stderr_does_not_contain("[VERIFYING] foo v0.0.1 ([CWD])")
+        .run();
+
+    // Assert package verified successfully on dry run
+    p.cargo("publish --dry-run")
+        .with_status(0)
+        .with_stderr_contains("[VERIFYING] foo v0.0.1 ([CWD])")
+        .run();
+}