Parse and return proper errors with x-amz-security-token (#6766)

This PR also simplifies the token and access key validation
across our signature handling.

cmd/signature-v4-utils.go

@@ -22,6 +22,7 @@ import (
 	"strconv"
 	"strings"
 
+	"github.com/minio/minio/pkg/auth"
 	"github.com/minio/sha256-simd"
 )
 
@@ -102,19 +103,21 @@ func isValidRegion(reqRegion string, confRegion string) bool {
 
 // check if the access key is valid and recognized, additionally
 // also returns if the access key is owner/admin.
-func checkKeyValid(accessKey string) (bool, APIErrorCode) {
+func checkKeyValid(accessKey string) (auth.Credentials, bool, APIErrorCode) {
 	var owner = true
-	if globalServerConfig.GetCredential().AccessKey != accessKey {
+	var cred = globalServerConfig.GetCredential()
+	if cred.AccessKey != accessKey {
 		if globalIAMSys == nil {
-			return false, ErrInvalidAccessKeyID
+			return cred, false, ErrInvalidAccessKeyID
 		}
 		// Check if the access key is part of users credentials.
-		if _, ok := globalIAMSys.GetUser(accessKey); !ok {
-			return false, ErrInvalidAccessKeyID
+		var ok bool
+		if cred, ok = globalIAMSys.GetUser(accessKey); !ok {
+			return cred, false, ErrInvalidAccessKeyID
 		}
 		owner = false
 	}
-	return owner, ErrNone
+	return cred, owner, ErrNone
 }
 
 // sumHMAC calculate hmac between two input byte array.