Get LDAP identity for console access/secret keys (#398)

- If MinIO is configured with LDAP then users and groups are external, and
  the credentials provided in the CONSOLE_ACCESS_KEY and
  CONSOLE_SECRET_KEY env vars will belong to an existing user in the active
  directory, therefore we need to authenticate first with
  `credentials.NewLDAPIdentity`
- Fixed race condition bug in which TLS RootCAs certs were not loading
  correctly (certPool was always null)
- Fixed TLS bug in which if Console was deployed without TLS enabled
  RootCAs certs were not loading
- Initialize LDAP Admin credentials once
- Initialize stsClient once

pkg/certs/certs.go

@@ -29,6 +29,7 @@ import (
 	"github.com/minio/minio/cmd/config"
 	"github.com/minio/minio/cmd/logger"
 	"github.com/minio/minio/pkg/certs"
+	certsx "github.com/minio/minio/pkg/certs"
 	"github.com/mitchellh/go-homedir"
 )
 
@@ -220,3 +221,13 @@ func GetTLSConfig() (x509Certs []*x509.Certificate, manager *certs.Manager, err
 	}
 	return x509Certs, manager, nil
 }
+
+func GetAllCertificatesAndCAs() (*x509.CertPool, []*x509.Certificate, *certs.Manager) {
+	// load all CAs from ~/.console/certs/CAs
+	GlobalRootCAs, err := certsx.GetRootCAs(GlobalCertsCADir.Get())
+	logger.FatalIf(err, "Failed to read root CAs (%v)", err)
+	// load all certs from ~/.console/certs
+	globalPublicCerts, globalTLSCertsManager, err := GetTLSConfig()
+	logger.FatalIf(err, "Unable to load the TLS configuration")
+	return GlobalRootCAs, globalPublicCerts, globalTLSCertsManager
+}