Support all session options (including region) when checking the token.

[stensonb]

This ensures token verification works in govcloud. Otherwise, when tokens are verified, the wrong region may be used.

[stensonb]

Without this, this blocks validating tokens via Okta -> AWS STS saml workflow for govcloud accounts.

(Although, tokens generated ARE valid, they just need to point to the correct AWS_REGION to verify).