I created a program that works like a subset of curl, but optionally will follow the bearer auth, so a single request against v2 registry will do the right thing.

I was doing a lot of work against the v2 registry. I love how the bearer auth works, but actually testing it was a pain. curl to the registry, read the www-authenticate header, curl to the auth server, read the token, curl to the registry again, this time with a token.

Old way:

1. curl -I http://some.registry.com
2. Read the www-authenticate header from the above to get the realm= and service=, etc.
3. curl -I --user username:pass http://realm.server.from.number2.com
4. Read the token from the JSON body
5. curl -H 'Authorize: Bearer <token> http://some.registry.com

Much simpler:

1. curl --realm-user username:pass http://some.registry.com

Anyone dealing with token-based authentication registries should find this much easier to work with. Also tested against official docker hub. Hope it helps. Built in go, so single binary. Cross-compiled to mac and linux. MIT license.

Always happy to get feedback and PRs. Please cross-post to others who would find it useful.