S3: set identity to request context, and remove obsolete code (#7523)

* list owned buckets

* simplify

* add unit tests

* no-owner buckets

* set identity id

* fallback to request header if iam is not enabled

* refactor to test

* fix comparing

* fix security vulnerability

* Update s3api_bucket_handlers.go

* Update s3api_bucket_handlers.go

* Update s3api_bucket_handlers.go

* set identity to request context

* remove SeaweedFSIsDirectoryKey

* remove obsolete

* simplify

* reuse

* refactor or remove obsolete logic on filer

* Removed the redundant check in GetOrHeadHandler

* surfacing invalid X-Amz-Tagging as a client error

* clean up

* constant

* reuse

* multiple header values

* code reuse

* err on duplicated tag key

weed/s3api/s3err/audit_fluent.go

@@ -152,7 +152,7 @@ func GetAccessLog(r *http.Request, HTTPStatusCode int, s3errCode ErrorCode) *Acc
 		HostHeader:       hostHeader,
 		RequestID:        r.Header.Get("X-Request-ID"),
 		RemoteIP:         remoteIP,
-		Requester:        r.Header.Get(s3_constants.AmzIdentityId),
+		Requester:        s3_constants.GetIdentityNameFromContext(r), // Get from context, not header (secure)
 		SignatureVersion: r.Header.Get(s3_constants.AmzAuthType),
 		UserAgent:        r.Header.Get("user-agent"),
 		HostId:           hostname,