Credentials from helpers overrule process-local logins

[akx]

I didn't investigate thoroughly (yet), but see title. The gist of the problem is:

• If you have "credsStore": "desktop" (or other) configured in ~/.docker/config.json, docker-py picks that up into AuthConfig
• When requiring registry auth for a call, resolve_authconfig:
  • first queries the configured credential store or helpers
    • if it finds credentials for a given URL, it returns them.
  • falls back to a local in-memory dict of credentials
  • finally returns None if no creds are found.
• If the credentials (say, from a store/helper) are expired, e.g. AWS says "repository does not exist or may require 'docker login': denied: Your authorization token has expired. Reauthenticate and try again.".
• Now, if you have code that e.g. uses the Amazon ECR client to get credentials and call client.api.login() with them (I do, for one), it will happily say authentication is successful, and crucially, saves these only in the aforementioned in-memory dict
• A subsequent call requiring auth to the same registry will still fail because the local credentials are not used.

This is related to #2960, kind of.