Support Response Wrapping

[VladRassokhin]

There's great feature introduced recently named 'Resource Wrapping'.
It would be useful to support in in Java client library.

Use case:

1. Service A authenticates with /auth/approle/login endpoint providing App Role role_id, secret_id and X-Vault-Wrap-TTL header.
2. Response contains AccessorID and WrappedTokenID, first one left on Service A, second passed to Service B.
3. Service B connects to Vault server and performs GET on /sys/wrapping/unwrap?token=${WrappedTokenId} and receives proper token, then reconfigures itself and proceeds with operations.

Example was shown during Securing Applications Using Nomad
presentation.

[dubreuia]

Bump. Will that be implemented at some point? Thanks.

[nano4711]

+1 for this request!

[dubreuia]

WIP PR implemented. I'm only supporting unwraping auth token for now.

[dubreuia]

More I think about it, more I think it should be a root operation like Vault#unwrap(String) instead of Auth#unwrap(String) like I implemented it. Who's the maintainer? @steve-perkins?

[nano4711]

Wow, that was fast. PR looks great. Hope it will be accepted soon!

[dubreuia]

I added Auth#unwrap() to unwrap a login token without logging in. Also more documentation and unit tests.

[dubreuia]

I added Auth#lookupWrap() to validate the lookup token before consuming it with Auth#unwrap. From documentation https://www.vaultproject.io/docs/concepts/response-wrapping.html#response-wrapping-token-validation

[steve-perkins]

PR merged, thanks! There's a nice sized list of changes that has built up since 3.0.0 now, so I plan to cut a 3.1.0 release with all of them this week.