From 747ed7f1dcf0dc240b0f7005560f02ad9986438e Mon Sep 17 00:00:00 2001
From: Mark Paluch <mpaluch@vmware.com>
Date: Wed, 19 Apr 2023 08:03:05 +0200
Subject: [PATCH] Upgrade to Spring Javaformat 0.38.

Closes gh-781
---
 etc/ide/org.eclipse.core.jdt.prefs            | 355 ++++++++++++++++++
 pom.xml                                       |   2 +-
 .../VaultPropertySourceRegistrar.java         |  15 +-
 .../vault/aot/VaultRuntimeHints.java          |  37 +-
 .../authentication/AppIdAuthentication.java   |   6 +-
 .../authentication/AppRoleAuthentication.java |  19 +-
 .../AuthenticationStepsOperator.java          |  21 +-
 .../authentication/AwsEc2Authentication.java  |  33 +-
 .../AwsEc2AuthenticationOptions.java          |   2 +-
 .../authentication/AwsIamAuthentication.java  |  17 +-
 .../AzureMsiAuthentication.java               |  23 +-
 .../AzureMsiAuthenticationOptions.java        |   2 +-
 .../ClientCertificateAuthentication.java      |   2 +-
 .../CubbyholeAuthentication.java              |   8 +-
 .../GcpComputeAuthentication.java             |  10 +-
 .../authentication/GcpIamAuthentication.java  |   8 +-
 .../GcpIamCredentialsAuthentication.java      |   5 +-
 .../KubernetesAuthentication.java             |   6 +-
 .../LifecycleAwareSessionManager.java         |   2 +-
 .../authentication/MacAddressUserId.java      |  20 +-
 .../authentication/PcfAuthentication.java     |  10 +-
 .../ReactiveLifecycleAwareSessionManager.java | 117 +++---
 .../authentication/TokenAuthentication.java   |   4 +-
 .../UsernamePasswordAuthentication.java       |   2 +-
 .../client/ClientHttpConnectorFactory.java    |  38 +-
 .../ClientHttpRequestFactoryFactory.java      |  23 +-
 .../vault/client/ReactiveVaultClients.java    |  12 +-
 .../vault/client/RestTemplateBuilder.java     |   2 +-
 .../vault/client/VaultClients.java            |   3 +-
 .../vault/client/WebClientBuilder.java        |  12 +-
 .../AbstractReactiveVaultConfiguration.java   |   5 +-
 .../config/AbstractVaultConfiguration.java    |   7 +-
 .../config/EnvironmentVaultConfiguration.java |  79 ++--
 .../vault/core/ReactiveVaultTemplate.java     |  17 +-
 .../vault/core/VaultKeyValueAccessor.java     |  11 +-
 .../core/VaultKeyValueMetadataTemplate.java   |  31 +-
 .../vault/core/VaultPkiTemplate.java          |  29 +-
 .../vault/core/VaultSysTemplate.java          |   4 +-
 .../vault/core/VaultTemplate.java             |  15 +-
 .../vault/core/VaultTransformTemplate.java    |  15 +-
 .../vault/core/VaultTransitTemplate.java      |  44 ++-
 .../core/VaultVersionedKeyValueTemplate.java  |   6 +-
 .../vault/core/VaultWrappingTemplate.java     |   7 +-
 .../core/lease/SecretLeaseContainer.java      |   8 +-
 .../repository/core/VaultKeyValueAdapter.java |   4 +-
 .../repository/query/VaultQueryCreator.java   |  84 +++--
 .../support/VaultRepositoryFactory.java       |   4 +-
 .../vault/support/CertificateBundle.java      |   8 +-
 .../vault/support/DerParser.java              |  53 +--
 .../vault/support/DurationParser.java         |  48 +--
 .../vault/support/KeystoreUtil.java           |   5 +-
 .../vault/support/PemObject.java              |  20 +-
 .../springframework/vault/support/Policy.java |  16 +-
 .../support/VaultCertificateRequest.java      |  65 ++--
 .../vault/support/VaultMetadataRequest.java   |   2 +-
 .../vault/support/VaultTokenRequest.java      |  26 +-
 ...reVaultPropertySourceIntegrationTests.java |   4 +-
 .../AppIdAuthenticationIntegrationTests.java  |  16 +-
 ...uthenticationOperatorIntegrationTests.java |  26 +-
 ...IdAuthenticationStepsIntegrationTests.java |  14 +-
 .../AppIdAuthenticationUnitTests.java         |  30 +-
 ...RoleAuthenticationIntegrationTestBase.java |  13 +-
 ...AppRoleAuthenticationIntegrationTests.java |  64 ++--
 ...leAuthenticationStepsIntegrationTests.java |  66 ++--
 .../AppRoleAuthenticationUnitTests.java       | 138 ++++---
 .../AuthenticationStepsExecutorUnitTests.java |  91 +++--
 .../AuthenticationStepsOperatorUnitTests.java |  74 ++--
 .../AwsEc2AuthenticationUnitTests.java        |  53 +--
 .../AwsIamAuthenticationUnitTests.java        |  52 ++-
 .../AzureMsiAuthenticationUnitTests.java      |  92 +++--
 ...cateAuthenticationIntegrationTestBase.java |  10 +-
 ...ificateAuthenticationIntegrationTests.java |   2 +-
 ...uthenticationOperatorIntegrationTests.java |  20 +-
 ...teAuthenticationStepsIntegrationTests.java |   3 +-
 ...entCertificateAuthenticationUnitTests.java |  16 +-
 ...tCertificateNamespaceIntegrationTests.java |  33 +-
 ...bbyholeAuthenticationIntegrationTests.java |  11 +-
 ...uthenticationOperatorIntegrationTests.java |  18 +-
 ...leAuthenticationStepsIntegrationTests.java |   6 +-
 .../CubbyholeAuthenticationUnitTests.java     | 109 ++++--
 .../GcpComputeAuthenticationUnitTests.java    |  18 +-
 ...AuthenticationOptionsBuilderUnitTests.java |  47 ++-
 .../GcpIamAuthenticationUnitTests.java        |  40 +-
 ...AuthenticationOptionsBuilderUnitTests.java |  26 +-
 ...IamCredentialsAuthenticationUnitTests.java |  71 ++--
 ...ernetesAuthenticationIntegrationTests.java |  22 +-
 ...esAuthenticationStepsIntegrationTests.java |   6 +-
 .../KubernetesAuthenticationUnitTests.java    |  44 ++-
 ...leAwareSessionManagerIntegrationTests.java |   7 +-
 ...LifecycleAwareSessionManagerUnitTests.java |   6 +-
 .../LoginTokenAdapterUnitTests.java           |  10 +-
 .../authentication/LoginTokenUnitTests.java   |   6 +-
 .../PcfAuthenticationOptionsUnitTests.java    |   4 +-
 .../PcfAuthenticationUnitTests.java           |  36 +-
 ...leAwareSessionManagerIntegrationTests.java |  37 +-
 ...LifecycleAwareSessionManagerUnitTests.java |  77 ++--
 ...uthenticationOperatorIntegrationTests.java |  26 +-
 ...enAuthenticationStepsIntegrationTests.java |  14 +-
 ...wordAuthenticationIntegrationTestBase.java |   6 +-
 ...asswordAuthenticationIntegrationTests.java |   8 +-
 ...ernamePasswordAuthenticationUnitTests.java |  20 +-
 ...RequestFactoryFactoryIntegrationTests.java |   5 +-
 .../ReactiveVaultClientsIntegrationTests.java |  26 +-
 .../client/ReactiveVaultClientsUnitTests.java |  35 +-
 .../client/RestTemplateBuilderUnitTests.java  |  18 +-
 .../vault/client/VaultClientsUnitTests.java   |  12 +-
 .../vault/client/VaultResponsesUnitTests.java |   2 +-
 ...rationAzureMSIAuthenticationUnitTests.java |   2 +-
 ...nvironmentVaultConfigurationUnitTests.java |   4 +-
 ...iveVaultTemplateAgentIntegrationTests.java |  10 +-
 ...eVaultTemplateGenericIntegrationTests.java |  65 ++--
 ...ValueMetadataTemplateIntegrationTests.java |   9 +-
 .../VaultNamespaceSecretIntegrationTests.java |  58 +--
 .../VaultPkiTemplateIntegrationTests.java     |  20 +-
 .../VaultSysTemplateIntegrationTests.java     |  32 +-
 .../VaultTemplateAgentIntegrationTests.java   |   5 +-
 .../VaultTemplateGenericIntegrationTests.java |   4 +-
 ...aultTemplateTransformIntegrationTests.java |   4 +-
 .../VaultTemplateTransitIntegrationTests.java |   6 +-
 .../VaultTokenTemplateIntegrationTests.java   |  53 +--
 ...aultTransformTemplateIntegrationTests.java |  49 ++-
 .../VaultTransitTemplateIntegrationTests.java | 127 ++++---
 ...ionedKeyValueTemplateIntegrationTests.java |   8 +-
 ...VaultWrappingTemplateIntegrationTests.java |   8 +-
 ...easeAwareVaultPropertySourceUnitTests.java |   7 +-
 .../env/VaultPropertySourceUnitTests.java     |   9 +-
 ...sionedKeyValueBackendIntegrationTests.java |   4 +-
 .../core/lease/LeaseEndpointsUnitTests.java   |   8 +-
 ...icSecretsIntegrationTestConfiguration.java |   2 +-
 ...otatingGenericSecretsIntegrationTests.java |   4 +-
 .../lease/SecretLeaseContainerUnitTests.java  |  12 +-
 .../core/util/KeyValueDelegateUnitTests.java  |  12 +-
 .../util/PropertyTransformersUnitTests.java   |  17 +-
 .../VaultKv2RepositoryIntegrationTests.java   |   4 +-
 .../VaultRepositoryIntegrationTests.java      |   2 +-
 .../query/VaultQueryCreatorUnitTests.java     |   2 +-
 ...ultRevisionRepositoryIntegrationTests.java |   5 +-
 .../support/JsonMapFlattenerUnitTests.java    |  10 +-
 .../vault/support/KeyFactoriesUnitTests.java  |   2 +-
 .../vault/support/PemObjectUnitTests.java     |   4 +-
 .../support/PolicySerializationUnitTests.java |  58 ++-
 .../support/SslConfigurationUnitTests.java    |  13 +-
 .../VaultCertificateRequestUnitTests.java     |  20 +-
 .../support/VaultTokenRequestUnitTests.java   |  11 +-
 .../vault/util/PrepareVault.java              |   2 +-
 .../vault/util/TestRestTemplateFactory.java   |   2 +-
 .../vault/util/VaultVersionExtension.java     |   8 +-
 147 files changed, 2292 insertions(+), 1409 deletions(-)
 create mode 100644 etc/ide/org.eclipse.core.jdt.prefs

diff --git a/etc/ide/org.eclipse.core.jdt.prefs b/etc/ide/org.eclipse.core.jdt.prefs
new file mode 100644
index 000000000..46940cbec
--- /dev/null
+++ b/etc/ide/org.eclipse.core.jdt.prefs
@@ -0,0 +1,355 @@
+core.formatter.align_assignment_statements_on_columns=false
+core.formatter.align_fields_grouping_blank_lines=2147483647
+core.formatter.align_type_members_on_columns=false
+core.formatter.align_variable_declarations_on_columns=false
+core.formatter.align_with_spaces=false
+core.formatter.alignment_for_additive_operator=16
+core.formatter.alignment_for_arguments_in_allocation_expression=16
+core.formatter.alignment_for_arguments_in_annotation=16
+core.formatter.alignment_for_arguments_in_enum_constant=16
+core.formatter.alignment_for_arguments_in_explicit_constructor_call=16
+core.formatter.alignment_for_arguments_in_method_invocation=16
+core.formatter.alignment_for_arguments_in_qualified_allocation_expression=16
+core.formatter.alignment_for_assignment=0
+core.formatter.alignment_for_binary_expression=16
+core.formatter.alignment_for_bitwise_operator=16
+core.formatter.alignment_for_compact_if=16
+core.formatter.alignment_for_compact_loops=16
+core.formatter.alignment_for_conditional_expression=16
+core.formatter.alignment_for_conditional_expression_chain=0
+core.formatter.alignment_for_enum_constants=16
+core.formatter.alignment_for_expressions_in_array_initializer=16
+core.formatter.alignment_for_expressions_in_for_loop_header=0
+core.formatter.alignment_for_logical_operator=16
+core.formatter.alignment_for_method_declaration=0
+core.formatter.alignment_for_module_statements=16
+core.formatter.alignment_for_multiple_fields=16
+core.formatter.alignment_for_multiplicative_operator=16
+core.formatter.alignment_for_parameterized_type_references=0
+core.formatter.alignment_for_parameters_in_constructor_declaration=16
+core.formatter.alignment_for_parameters_in_method_declaration=16
+core.formatter.alignment_for_relational_operator=0
+core.formatter.alignment_for_resources_in_try=80
+core.formatter.alignment_for_selector_in_method_invocation=84
+core.formatter.alignment_for_shift_operator=0
+core.formatter.alignment_for_string_concatenation=16
+core.formatter.alignment_for_superclass_in_type_declaration=16
+core.formatter.alignment_for_superinterfaces_in_enum_declaration=16
+core.formatter.alignment_for_superinterfaces_in_type_declaration=16
+core.formatter.alignment_for_throws_clause_in_constructor_declaration=16
+core.formatter.alignment_for_throws_clause_in_method_declaration=16
+core.formatter.alignment_for_type_arguments=0
+core.formatter.alignment_for_type_parameters=0
+core.formatter.alignment_for_union_type_in_multicatch=16
+core.formatter.align_selector_in_method_invocation_on_expression_first_line=true
+core.formatter.blank_lines_after_imports=1
+core.formatter.blank_lines_after_package=1
+core.formatter.blank_lines_before_field=0
+core.formatter.blank_lines_before_first_class_body_declaration=0
+core.formatter.blank_lines_before_imports=1
+core.formatter.blank_lines_before_member_type=1
+core.formatter.blank_lines_before_method=1
+core.formatter.blank_lines_before_new_chunk=1
+core.formatter.blank_lines_before_package=0
+core.formatter.blank_lines_between_import_groups=1
+core.formatter.blank_lines_between_type_declarations=1
+core.formatter.brace_position_for_annotation_type_declaration=end_of_line
+core.formatter.brace_position_for_anonymous_type_declaration=end_of_line
+core.formatter.brace_position_for_array_initializer=end_of_line
+core.formatter.brace_position_for_block=end_of_line
+core.formatter.brace_position_for_block_in_case=end_of_line
+core.formatter.brace_position_for_constructor_declaration=end_of_line
+core.formatter.brace_position_for_enum_constant=end_of_line
+core.formatter.brace_position_for_enum_declaration=end_of_line
+core.formatter.brace_position_for_lambda_body=end_of_line
+core.formatter.brace_position_for_method_declaration=end_of_line
+core.formatter.brace_position_for_switch=end_of_line
+core.formatter.brace_position_for_type_declaration=end_of_line
+core.formatter.comment.align_tags_descriptions_grouped=false
+core.formatter.comment.align_tags_names_descriptions=false
+core.formatter.comment.clear_blank_lines_in_block_comment=false
+core.formatter.comment.clear_blank_lines_in_javadoc_comment=false
+core.formatter.comment.count_line_length_from_starting_position=false
+core.formatter.comment.format_block_comments=true
+core.formatter.comment.format_header=false
+core.formatter.comment.format_html=true
+core.formatter.comment.format_javadoc_comments=true
+core.formatter.comment.format_line_comments=true
+core.formatter.comment.format_source_code=false
+core.formatter.comment.indent_parameter_description=false
+core.formatter.comment.indent_root_tags=false
+core.formatter.comment.indent_tag_description=false
+core.formatter.comment.insert_new_line_before_root_tags=do not insert
+core.formatter.comment.insert_new_line_for_parameter=do not insert
+core.formatter.comment.line_length=90
+core.formatter.comment.new_lines_at_block_boundaries=true
+core.formatter.comment.new_lines_at_javadoc_boundaries=true
+core.formatter.comment.preserve_white_space_between_code_and_line_comments=false
+core.formatter.compact_else_if=true
+core.formatter.continuation_indentation=2
+core.formatter.continuation_indentation_for_array_initializer=2
+core.formatter.disabling_tag=@formatter\:off
+core.formatter.enabling_tag=@formatter\:on
+core.formatter.format_guardian_clause_on_one_line=false
+core.formatter.format_line_comment_starting_on_first_column=true
+core.formatter.indent_body_declarations_compare_to_annotation_declaration_header=true
+core.formatter.indent_body_declarations_compare_to_enum_constant_header=true
+core.formatter.indent_body_declarations_compare_to_enum_declaration_header=true
+core.formatter.indent_body_declarations_compare_to_type_header=true
+core.formatter.indent_breaks_compare_to_cases=true
+core.formatter.indent_empty_lines=false
+core.formatter.indent_statements_compare_to_block=true
+core.formatter.indent_statements_compare_to_body=true
+core.formatter.indent_switchstatements_compare_to_cases=true
+core.formatter.indent_switchstatements_compare_to_switch=true
+core.formatter.indentation.size=4
+core.formatter.insert_new_line_after_annotation_on_enum_constant=insert
+core.formatter.insert_new_line_after_annotation_on_field=insert
+core.formatter.insert_new_line_after_annotation_on_local_variable=insert
+core.formatter.insert_new_line_after_annotation_on_method=insert
+core.formatter.insert_new_line_after_annotation_on_package=insert
+core.formatter.insert_new_line_after_annotation_on_parameter=do not insert
+core.formatter.insert_new_line_after_annotation_on_type=insert
+core.formatter.insert_new_line_after_label=do not insert
+core.formatter.insert_new_line_after_opening_brace_in_array_initializer=do not insert
+core.formatter.insert_new_line_after_type_annotation=do not insert
+core.formatter.insert_new_line_at_end_of_file_if_missing=do not insert
+core.formatter.insert_new_line_before_catch_in_try_statement=insert
+core.formatter.insert_new_line_before_closing_brace_in_array_initializer=do not insert
+core.formatter.insert_new_line_before_else_in_if_statement=insert
+core.formatter.insert_new_line_before_finally_in_try_statement=insert
+core.formatter.insert_new_line_before_while_in_do_statement=insert
+core.formatter.insert_new_line_in_empty_annotation_declaration=insert
+core.formatter.insert_new_line_in_empty_anonymous_type_declaration=insert
+core.formatter.insert_new_line_in_empty_block=insert
+core.formatter.insert_new_line_in_empty_enum_constant=insert
+core.formatter.insert_new_line_in_empty_enum_declaration=insert
+core.formatter.insert_new_line_in_empty_method_body=insert
+core.formatter.insert_new_line_in_empty_type_declaration=insert
+core.formatter.insert_space_after_additive_operator=insert
+core.formatter.insert_space_after_and_in_type_parameter=insert
+core.formatter.insert_space_after_assignment_operator=insert
+core.formatter.insert_space_after_at_in_annotation=do not insert
+core.formatter.insert_space_after_at_in_annotation_type_declaration=do not insert
+core.formatter.insert_space_after_binary_operator=insert
+core.formatter.insert_space_after_bitwise_operator=insert
+core.formatter.insert_space_after_closing_angle_bracket_in_type_arguments=do not insert
+core.formatter.insert_space_after_closing_angle_bracket_in_type_parameters=insert
+core.formatter.insert_space_after_closing_brace_in_block=insert
+core.formatter.insert_space_after_closing_paren_in_cast=insert
+core.formatter.insert_space_after_colon_in_assert=insert
+core.formatter.insert_space_after_colon_in_case=insert
+core.formatter.insert_space_after_colon_in_conditional=insert
+core.formatter.insert_space_after_colon_in_for=insert
+core.formatter.insert_space_after_colon_in_labeled_statement=insert
+core.formatter.insert_space_after_comma_in_allocation_expression=insert
+core.formatter.insert_space_after_comma_in_annotation=insert
+core.formatter.insert_space_after_comma_in_array_initializer=insert
+core.formatter.insert_space_after_comma_in_constructor_declaration_parameters=insert
+core.formatter.insert_space_after_comma_in_constructor_declaration_throws=insert
+core.formatter.insert_space_after_comma_in_enum_constant_arguments=insert
+core.formatter.insert_space_after_comma_in_enum_declarations=insert
+core.formatter.insert_space_after_comma_in_explicitconstructorcall_arguments=insert
+core.formatter.insert_space_after_comma_in_for_increments=insert
+core.formatter.insert_space_after_comma_in_for_inits=insert
+core.formatter.insert_space_after_comma_in_method_declaration_parameters=insert
+core.formatter.insert_space_after_comma_in_method_declaration_throws=insert
+core.formatter.insert_space_after_comma_in_method_invocation_arguments=insert
+core.formatter.insert_space_after_comma_in_multiple_field_declarations=insert
+core.formatter.insert_space_after_comma_in_multiple_local_declarations=insert
+core.formatter.insert_space_after_comma_in_parameterized_type_reference=insert
+core.formatter.insert_space_after_comma_in_superinterfaces=insert
+core.formatter.insert_space_after_comma_in_type_arguments=insert
+core.formatter.insert_space_after_comma_in_type_parameters=insert
+core.formatter.insert_space_after_ellipsis=insert
+core.formatter.insert_space_after_lambda_arrow=insert
+core.formatter.insert_space_after_logical_operator=insert
+core.formatter.insert_space_after_multiplicative_operator=insert
+core.formatter.insert_space_after_opening_angle_bracket_in_parameterized_type_reference=do not insert
+core.formatter.insert_space_after_opening_angle_bracket_in_type_arguments=do not insert
+core.formatter.insert_space_after_opening_angle_bracket_in_type_parameters=do not insert
+core.formatter.insert_space_after_opening_brace_in_array_initializer=insert
+core.formatter.insert_space_after_opening_bracket_in_array_allocation_expression=do not insert
+core.formatter.insert_space_after_opening_bracket_in_array_reference=do not insert
+core.formatter.insert_space_after_opening_paren_in_annotation=do not insert
+core.formatter.insert_space_after_opening_paren_in_cast=do not insert
+core.formatter.insert_space_after_opening_paren_in_catch=do not insert
+core.formatter.insert_space_after_opening_paren_in_constructor_declaration=do not insert
+core.formatter.insert_space_after_opening_paren_in_enum_constant=do not insert
+core.formatter.insert_space_after_opening_paren_in_for=do not insert
+core.formatter.insert_space_after_opening_paren_in_if=do not insert
+core.formatter.insert_space_after_opening_paren_in_method_declaration=do not insert
+core.formatter.insert_space_after_opening_paren_in_method_invocation=do not insert
+core.formatter.insert_space_after_opening_paren_in_parenthesized_expression=do not insert
+core.formatter.insert_space_after_opening_paren_in_switch=do not insert
+core.formatter.insert_space_after_opening_paren_in_synchronized=do not insert
+core.formatter.insert_space_after_opening_paren_in_try=do not insert
+core.formatter.insert_space_after_opening_paren_in_while=do not insert
+core.formatter.insert_space_after_postfix_operator=do not insert
+core.formatter.insert_space_after_prefix_operator=do not insert
+core.formatter.insert_space_after_question_in_conditional=insert
+core.formatter.insert_space_after_question_in_wildcard=do not insert
+core.formatter.insert_space_after_relational_operator=insert
+core.formatter.insert_space_after_semicolon_in_for=insert
+core.formatter.insert_space_after_semicolon_in_try_resources=insert
+core.formatter.insert_space_after_shift_operator=insert
+core.formatter.insert_space_after_string_concatenation=insert
+core.formatter.insert_space_after_unary_operator=do not insert
+core.formatter.insert_space_before_additive_operator=insert
+core.formatter.insert_space_before_and_in_type_parameter=insert
+core.formatter.insert_space_before_assignment_operator=insert
+core.formatter.insert_space_before_at_in_annotation_type_declaration=insert
+core.formatter.insert_space_before_binary_operator=insert
+core.formatter.insert_space_before_bitwise_operator=insert
+core.formatter.insert_space_before_closing_angle_bracket_in_parameterized_type_reference=do not insert
+core.formatter.insert_space_before_closing_angle_bracket_in_type_arguments=do not insert
+core.formatter.insert_space_before_closing_angle_bracket_in_type_parameters=do not insert
+core.formatter.insert_space_before_closing_brace_in_array_initializer=insert
+core.formatter.insert_space_before_closing_bracket_in_array_allocation_expression=do not insert
+core.formatter.insert_space_before_closing_bracket_in_array_reference=do not insert
+core.formatter.insert_space_before_closing_paren_in_annotation=do not insert
+core.formatter.insert_space_before_closing_paren_in_cast=do not insert
+core.formatter.insert_space_before_closing_paren_in_catch=do not insert
+core.formatter.insert_space_before_closing_paren_in_constructor_declaration=do not insert
+core.formatter.insert_space_before_closing_paren_in_enum_constant=do not insert
+core.formatter.insert_space_before_closing_paren_in_for=do not insert
+core.formatter.insert_space_before_closing_paren_in_if=do not insert
+core.formatter.insert_space_before_closing_paren_in_method_declaration=do not insert
+core.formatter.insert_space_before_closing_paren_in_method_invocation=do not insert
+core.formatter.insert_space_before_closing_paren_in_parenthesized_expression=do not insert
+core.formatter.insert_space_before_closing_paren_in_switch=do not insert
+core.formatter.insert_space_before_closing_paren_in_synchronized=do not insert
+core.formatter.insert_space_before_closing_paren_in_try=do not insert
+core.formatter.insert_space_before_closing_paren_in_while=do not insert
+core.formatter.insert_space_before_colon_in_assert=insert
+core.formatter.insert_space_before_colon_in_case=do not insert
+core.formatter.insert_space_before_colon_in_conditional=insert
+core.formatter.insert_space_before_colon_in_default=do not insert
+core.formatter.insert_space_before_colon_in_for=insert
+core.formatter.insert_space_before_colon_in_labeled_statement=do not insert
+core.formatter.insert_space_before_comma_in_allocation_expression=do not insert
+core.formatter.insert_space_before_comma_in_annotation=do not insert
+core.formatter.insert_space_before_comma_in_array_initializer=do not insert
+core.formatter.insert_space_before_comma_in_constructor_declaration_parameters=do not insert
+core.formatter.insert_space_before_comma_in_constructor_declaration_throws=do not insert
+core.formatter.insert_space_before_comma_in_enum_constant_arguments=do not insert
+core.formatter.insert_space_before_comma_in_enum_declarations=do not insert
+core.formatter.insert_space_before_comma_in_explicitconstructorcall_arguments=do not insert
+core.formatter.insert_space_before_comma_in_for_increments=do not insert
+core.formatter.insert_space_before_comma_in_for_inits=do not insert
+core.formatter.insert_space_before_comma_in_method_declaration_parameters=do not insert
+core.formatter.insert_space_before_comma_in_method_declaration_throws=do not insert
+core.formatter.insert_space_before_comma_in_method_invocation_arguments=do not insert
+core.formatter.insert_space_before_comma_in_multiple_field_declarations=do not insert
+core.formatter.insert_space_before_comma_in_multiple_local_declarations=do not insert
+core.formatter.insert_space_before_comma_in_parameterized_type_reference=do not insert
+core.formatter.insert_space_before_comma_in_superinterfaces=do not insert
+core.formatter.insert_space_before_comma_in_type_arguments=do not insert
+core.formatter.insert_space_before_comma_in_type_parameters=do not insert
+core.formatter.insert_space_before_ellipsis=do not insert
+core.formatter.insert_space_before_lambda_arrow=insert
+core.formatter.insert_space_before_logical_operator=insert
+core.formatter.insert_space_before_multiplicative_operator=insert
+core.formatter.insert_space_before_opening_angle_bracket_in_parameterized_type_reference=do not insert
+core.formatter.insert_space_before_opening_angle_bracket_in_type_arguments=do not insert
+core.formatter.insert_space_before_opening_angle_bracket_in_type_parameters=do not insert
+core.formatter.insert_space_before_opening_brace_in_annotation_type_declaration=insert
+core.formatter.insert_space_before_opening_brace_in_anonymous_type_declaration=insert
+core.formatter.insert_space_before_opening_brace_in_array_initializer=insert
+core.formatter.insert_space_before_opening_brace_in_block=insert
+core.formatter.insert_space_before_opening_brace_in_constructor_declaration=insert
+core.formatter.insert_space_before_opening_brace_in_enum_constant=insert
+core.formatter.insert_space_before_opening_brace_in_enum_declaration=insert
+core.formatter.insert_space_before_opening_brace_in_method_declaration=insert
+core.formatter.insert_space_before_opening_brace_in_switch=insert
+core.formatter.insert_space_before_opening_brace_in_type_declaration=insert
+core.formatter.insert_space_before_opening_bracket_in_array_allocation_expression=do not insert
+core.formatter.insert_space_before_opening_bracket_in_array_reference=do not insert
+core.formatter.insert_space_before_opening_bracket_in_array_type_reference=do not insert
+core.formatter.insert_space_before_opening_paren_in_annotation=do not insert
+core.formatter.insert_space_before_opening_paren_in_annotation_type_member_declaration=do not insert
+core.formatter.insert_space_before_opening_paren_in_catch=insert
+core.formatter.insert_space_before_opening_paren_in_constructor_declaration=do not insert
+core.formatter.insert_space_before_opening_paren_in_enum_constant=do not insert
+core.formatter.insert_space_before_opening_paren_in_for=insert
+core.formatter.insert_space_before_opening_paren_in_if=insert
+core.formatter.insert_space_before_opening_paren_in_method_declaration=do not insert
+core.formatter.insert_space_before_opening_paren_in_method_invocation=do not insert
+core.formatter.insert_space_before_opening_paren_in_parenthesized_expression=do not insert
+core.formatter.insert_space_before_opening_paren_in_switch=insert
+core.formatter.insert_space_before_opening_paren_in_synchronized=insert
+core.formatter.insert_space_before_opening_paren_in_try=insert
+core.formatter.insert_space_before_opening_paren_in_while=insert
+core.formatter.insert_space_before_parenthesized_expression_in_return=insert
+core.formatter.insert_space_before_parenthesized_expression_in_throw=insert
+core.formatter.insert_space_before_postfix_operator=do not insert
+core.formatter.insert_space_before_prefix_operator=do not insert
+core.formatter.insert_space_before_question_in_conditional=insert
+core.formatter.insert_space_before_question_in_wildcard=do not insert
+core.formatter.insert_space_before_relational_operator=insert
+core.formatter.insert_space_before_semicolon=do not insert
+core.formatter.insert_space_before_semicolon_in_for=do not insert
+core.formatter.insert_space_before_semicolon_in_try_resources=do not insert
+core.formatter.insert_space_before_shift_operator=insert
+core.formatter.insert_space_before_string_concatenation=insert
+core.formatter.insert_space_before_unary_operator=do not insert
+core.formatter.insert_space_between_brackets_in_array_type_reference=do not insert
+core.formatter.insert_space_between_empty_braces_in_array_initializer=do not insert
+core.formatter.insert_space_between_empty_brackets_in_array_allocation_expression=do not insert
+core.formatter.insert_space_between_empty_parens_in_annotation_type_member_declaration=do not insert
+core.formatter.insert_space_between_empty_parens_in_constructor_declaration=do not insert
+core.formatter.insert_space_between_empty_parens_in_enum_constant=do not insert
+core.formatter.insert_space_between_empty_parens_in_method_declaration=do not insert
+core.formatter.insert_space_between_empty_parens_in_method_invocation=do not insert
+core.formatter.join_lines_in_comments=true
+core.formatter.join_wrapped_lines=true
+core.formatter.keep_annotation_declaration_on_one_line=one_line_never
+core.formatter.keep_anonymous_type_declaration_on_one_line=one_line_never
+core.formatter.keep_code_block_on_one_line=one_line_never
+core.formatter.keep_else_statement_on_same_line=false
+core.formatter.keep_empty_array_initializer_on_one_line=false
+core.formatter.keep_enum_constant_declaration_on_one_line=one_line_never
+core.formatter.keep_enum_declaration_on_one_line=one_line_never
+core.formatter.keep_if_then_body_block_on_one_line=one_line_never
+core.formatter.keep_imple_if_on_one_line=false
+core.formatter.keep_lambda_body_block_on_one_line=one_line_never
+core.formatter.keep_loop_body_block_on_one_line=one_line_never
+core.formatter.keep_method_body_on_one_line=one_line_never
+core.formatter.keep_simple_do_while_body_on_same_line=false
+core.formatter.keep_simple_for_body_on_same_line=false
+core.formatter.keep_simple_getter_setter_on_one_line=false
+core.formatter.keep_simple_while_body_on_same_line=false
+core.formatter.keep_then_statement_on_same_line=false
+core.formatter.keep_type_declaration_on_one_line=one_line_never
+core.formatter.lineSplit=120
+core.formatter.never_indent_block_comments_on_first_column=false
+core.formatter.never_indent_line_comments_on_first_column=false
+core.formatter.number_of_blank_lines_at_beginning_of_method_body=0
+core.formatter.number_of_empty_lines_to_preserve=1
+core.formatter.parentheses_positions_in_annotation=common_lines
+core.formatter.parentheses_positions_in_catch_clause=common_lines
+core.formatter.parentheses_positions_in_enum_constant_declaration=common_lines
+core.formatter.parentheses_positions_in_for_statment=common_lines
+core.formatter.parentheses_positions_in_if_while_statement=common_lines
+core.formatter.parentheses_positions_in_lambda_declaration=common_lines
+core.formatter.parentheses_positions_in_method_delcaration=common_lines
+core.formatter.parentheses_positions_in_method_invocation=common_lines
+core.formatter.parentheses_positions_in_switch_statement=common_lines
+core.formatter.parentheses_positions_in_try_clause=common_lines
+core.formatter.put_empty_statement_on_new_line=true
+core.formatter.tabulation.char=tab
+core.formatter.tabulation.size=4
+core.formatter.use_on_off_tags=true
+core.formatter.use_tabs_only_for_leading_indentations=false
+core.formatter.wrap_before_additive_operator=true
+core.formatter.wrap_before_assignment_operator=false
+core.formatter.wrap_before_binary_operator=true
+core.formatter.wrap_before_bitwise_operator=true
+core.formatter.wrap_before_conditional_operator=true
+core.formatter.wrap_before_logical_operator=true
+core.formatter.wrap_before_multiplicative_operator=true
+core.formatter.wrap_before_or_operator_multicatch=true
+core.formatter.wrap_before_relational_operator=true
+core.formatter.wrap_before_shift_operator=true
+core.formatter.wrap_before_string_concatenation=true
+core.formatter.wrap_outer_expressions_when_nested=true
diff --git a/pom.xml b/pom.xml
index c52d498a6..6c878d23b 100644
--- a/pom.xml
+++ b/pom.xml
@@ -333,7 +333,7 @@
 			<plugin>
 				<groupId>io.spring.javaformat</groupId>
 				<artifactId>spring-javaformat-maven-plugin</artifactId>
-				<version>0.0.29</version>
+				<version>0.0.38</version>
 				<executions>
 					<execution>
 						<phase>validate</phase>
diff --git a/spring-vault-core/src/main/java/org/springframework/vault/annotation/VaultPropertySourceRegistrar.java b/spring-vault-core/src/main/java/org/springframework/vault/annotation/VaultPropertySourceRegistrar.java
index cf5cbf687..f47c88309 100644
--- a/spring-vault-core/src/main/java/org/springframework/vault/annotation/VaultPropertySourceRegistrar.java
+++ b/spring-vault-core/src/main/java/org/springframework/vault/annotation/VaultPropertySourceRegistrar.java
@@ -76,8 +76,9 @@ public void postProcessBeanFactory(ConfigurableListableBeanFactory beanFactory)
 				beanFactory.getBeansOfType(org.springframework.vault.core.env.VaultPropertySource.class).values(),
 				propertySources);
 
-		registerPropertySources(beanFactory
-				.getBeansOfType(org.springframework.vault.core.env.LeaseAwareVaultPropertySource.class).values(),
+		registerPropertySources(
+				beanFactory.getBeansOfType(org.springframework.vault.core.env.LeaseAwareVaultPropertySource.class)
+					.values(),
 				propertySources);
 	}
 
@@ -102,9 +103,9 @@ public void registerBeanDefinitions(AnnotationMetadata annotationMetadata, BeanD
 
 		if (!registry.isBeanNameInUse("VaultPropertySourceRegistrar")) {
 			registry.registerBeanDefinition("VaultPropertySourceRegistrar", BeanDefinitionBuilder //
-					.rootBeanDefinition(VaultPropertySourceRegistrar.class) //
-					.setRole(BeanDefinition.ROLE_INFRASTRUCTURE) //
-					.getBeanDefinition());
+				.rootBeanDefinition(VaultPropertySourceRegistrar.class) //
+				.setRole(BeanDefinition.ROLE_INFRASTRUCTURE) //
+				.getBeanDefinition());
 		}
 
 		Set<AnnotationAttributes> propertySources = attributesForRepeatable(annotationMetadata,
@@ -163,7 +164,7 @@ private AbstractBeanDefinition createBeanDefinition(String ref, Renewal renewal,
 
 		if (isRenewable(renewal)) {
 			builder = BeanDefinitionBuilder
-					.rootBeanDefinition(org.springframework.vault.core.env.LeaseAwareVaultPropertySource.class);
+				.rootBeanDefinition(org.springframework.vault.core.env.LeaseAwareVaultPropertySource.class);
 
 			RequestedSecret requestedSecret = renewal == Renewal.ROTATE ? RequestedSecret.rotating(propertyPath)
 					: RequestedSecret.renewable(propertyPath);
@@ -174,7 +175,7 @@ private AbstractBeanDefinition createBeanDefinition(String ref, Renewal renewal,
 		}
 		else {
 			builder = BeanDefinitionBuilder
-					.rootBeanDefinition(org.springframework.vault.core.env.VaultPropertySource.class);
+				.rootBeanDefinition(org.springframework.vault.core.env.VaultPropertySource.class);
 
 			builder.addConstructorArgValue(propertyPath);
 			builder.addConstructorArgReference(ref);
diff --git a/spring-vault-core/src/main/java/org/springframework/vault/aot/VaultRuntimeHints.java b/spring-vault-core/src/main/java/org/springframework/vault/aot/VaultRuntimeHints.java
index 082a6a5fb..820981f9c 100644
--- a/spring-vault-core/src/main/java/org/springframework/vault/aot/VaultRuntimeHints.java
+++ b/spring-vault-core/src/main/java/org/springframework/vault/aot/VaultRuntimeHints.java
@@ -69,24 +69,25 @@ public void registerHints(RuntimeHints hints, ClassLoader classLoader) {
 			throw new RuntimeException(e);
 		}
 
-		Stream.of("org.springframework.vault.core.VaultSysTemplate$GetMounts$VaultMountsResponse",
-				"org.springframework.vault.core.VaultVersionedKeyValueTemplate$VersionedResponse",
-				"org.springframework.vault.core.ReactiveVaultTemplate$VaultListResponse",
-				"org.springframework.vault.core.VaultListResponse",
-
-				"org.springframework.vault.core.VaultTransitTemplate$RawTransitKeyImpl",
-				"org.springframework.vault.core.VaultTransitTemplate$VaultTransitKeyImpl",
-
-				"org.springframework.vault.core.VaultSysTemplate$GetMounts",
-				"org.springframework.vault.core.VaultSysTemplate$GetUnsealStatus",
-				"org.springframework.vault.core.VaultSysTemplate$Health",
-				"org.springframework.vault.core.VaultSysTemplate$Seal",
-				"org.springframework.vault.core.VaultSysTemplate$VaultHealthImpl",
-				"org.springframework.vault.core.VaultSysTemplate$VaultInitializationResponseImpl",
-				"org.springframework.vault.core.VaultSysTemplate$VaultUnsealStatusImpl",
-
-				"org.springframework.vault.core.VaultVersionedKeyValueTemplate$VersionedResponse")
-				.forEach(cls -> reflection.registerType(TypeReference.of(cls), dataObjectCategories));
+		Stream
+			.of("org.springframework.vault.core.VaultSysTemplate$GetMounts$VaultMountsResponse",
+					"org.springframework.vault.core.VaultVersionedKeyValueTemplate$VersionedResponse",
+					"org.springframework.vault.core.ReactiveVaultTemplate$VaultListResponse",
+					"org.springframework.vault.core.VaultListResponse",
+
+					"org.springframework.vault.core.VaultTransitTemplate$RawTransitKeyImpl",
+					"org.springframework.vault.core.VaultTransitTemplate$VaultTransitKeyImpl",
+
+					"org.springframework.vault.core.VaultSysTemplate$GetMounts",
+					"org.springframework.vault.core.VaultSysTemplate$GetUnsealStatus",
+					"org.springframework.vault.core.VaultSysTemplate$Health",
+					"org.springframework.vault.core.VaultSysTemplate$Seal",
+					"org.springframework.vault.core.VaultSysTemplate$VaultHealthImpl",
+					"org.springframework.vault.core.VaultSysTemplate$VaultInitializationResponseImpl",
+					"org.springframework.vault.core.VaultSysTemplate$VaultUnsealStatusImpl",
+
+					"org.springframework.vault.core.VaultVersionedKeyValueTemplate$VersionedResponse")
+			.forEach(cls -> reflection.registerType(TypeReference.of(cls), dataObjectCategories));
 
 		reflection.registerTypeIfPresent(classLoader, "com.google.api.client.json.jackson2.JacksonFactory",
 				MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, MemberCategory.INVOKE_PUBLIC_CONSTRUCTORS);
diff --git a/spring-vault-core/src/main/java/org/springframework/vault/authentication/AppIdAuthentication.java b/spring-vault-core/src/main/java/org/springframework/vault/authentication/AppIdAuthentication.java
index edfb40e66..9a7c97f7c 100644
--- a/spring-vault-core/src/main/java/org/springframework/vault/authentication/AppIdAuthentication.java
+++ b/spring-vault-core/src/main/java/org/springframework/vault/authentication/AppIdAuthentication.java
@@ -75,8 +75,8 @@ public static AuthenticationSteps createAuthenticationSteps(AppIdAuthenticationO
 		Assert.notNull(options, "AppIdAuthenticationOptions must not be null");
 
 		return AuthenticationSteps
-				.fromSupplier(() -> getAppIdLogin(options.getAppId(), options.getUserIdMechanism().createUserId())) //
-				.login(AuthenticationUtil.getLoginPath(options.getPath()));
+			.fromSupplier(() -> getAppIdLogin(options.getAppId(), options.getUserIdMechanism().createUserId())) //
+			.login(AuthenticationUtil.getLoginPath(options.getPath()));
 	}
 
 	@Override
@@ -96,7 +96,7 @@ private VaultToken createTokenUsingAppId() {
 
 		try {
 			VaultResponse response = this.restOperations
-					.postForObject(AuthenticationUtil.getLoginPath(this.options.getPath()), login, VaultResponse.class);
+				.postForObject(AuthenticationUtil.getLoginPath(this.options.getPath()), login, VaultResponse.class);
 
 			Assert.state(response != null && response.getAuth() != null, "Auth field must not be null");
 
diff --git a/spring-vault-core/src/main/java/org/springframework/vault/authentication/AppRoleAuthentication.java b/spring-vault-core/src/main/java/org/springframework/vault/authentication/AppRoleAuthentication.java
index 765fb9beb..6956d8d8c 100644
--- a/spring-vault-core/src/main/java/org/springframework/vault/authentication/AppRoleAuthentication.java
+++ b/spring-vault-core/src/main/java/org/springframework/vault/authentication/AppRoleAuthentication.java
@@ -126,13 +126,13 @@ private static Node<String> getRoleIdSteps(AppRoleAuthenticationOptions options,
 			HttpHeaders headers = createHttpHeaders(((Pull) roleId).getInitialToken());
 
 			return AuthenticationSteps
-					.fromHttpRequest(get(getRoleIdIdPath(options)).with(headers).as(VaultResponse.class))
-					.map(vaultResponse -> (String) vaultResponse.getRequiredData().get("role_id"));
+				.fromHttpRequest(get(getRoleIdIdPath(options)).with(headers).as(VaultResponse.class))
+				.map(vaultResponse -> (String) vaultResponse.getRequiredData().get("role_id"));
 		}
 
 		if (roleId instanceof Wrapped) {
 			return unwrapResponse(options.getUnwrappingEndpoints(), ((Wrapped) roleId).getInitialToken())
-					.map(vaultResponse -> (String) vaultResponse.getRequiredData().get("role_id"));
+				.map(vaultResponse -> (String) vaultResponse.getRequiredData().get("role_id"));
 		}
 
 		throw new IllegalArgumentException("Unknown RoleId configuration: " + roleId);
@@ -148,14 +148,14 @@ private static Node<String> getSecretIdSteps(AppRoleAuthenticationOptions option
 			HttpHeaders headers = createHttpHeaders(((Pull) secretId).getInitialToken());
 
 			return AuthenticationSteps
-					.fromHttpRequest(post(getSecretIdPath(options)).with(headers).as(VaultResponse.class))
-					.map(vaultResponse -> (String) vaultResponse.getRequiredData().get("secret_id"));
+				.fromHttpRequest(post(getSecretIdPath(options)).with(headers).as(VaultResponse.class))
+				.map(vaultResponse -> (String) vaultResponse.getRequiredData().get("secret_id"));
 		}
 
 		if (secretId instanceof Wrapped) {
 
 			return unwrapResponse(options.getUnwrappingEndpoints(), ((Wrapped) secretId).getInitialToken())
-					.map(vaultResponse -> (String) vaultResponse.getRequiredData().get("secret_id"));
+				.map(vaultResponse -> (String) vaultResponse.getRequiredData().get("secret_id"));
 		}
 
 		throw new IllegalArgumentException("Unknown SecretId configuration: " + secretId);
@@ -165,9 +165,10 @@ private static Node<String> getSecretIdSteps(AppRoleAuthenticationOptions option
 	private static Node<VaultResponse> unwrapResponse(UnwrappingEndpoints unwrappingEndpoints, VaultToken token) {
 
 		return AuthenticationSteps
-				.fromHttpRequest(method(unwrappingEndpoints.getUnwrapRequestMethod(), unwrappingEndpoints.getPath())
-						.with(createHttpHeaders(token)).as(VaultResponse.class))
-				.map(unwrappingEndpoints::unwrap);
+			.fromHttpRequest(method(unwrappingEndpoints.getUnwrapRequestMethod(), unwrappingEndpoints.getPath())
+				.with(createHttpHeaders(token))
+				.as(VaultResponse.class))
+			.map(unwrappingEndpoints::unwrap);
 	}
 
 	@Override
diff --git a/spring-vault-core/src/main/java/org/springframework/vault/authentication/AuthenticationStepsOperator.java b/spring-vault-core/src/main/java/org/springframework/vault/authentication/AuthenticationStepsOperator.java
index 1e25a2581..d637f5cba 100644
--- a/spring-vault-core/src/main/java/org/springframework/vault/authentication/AuthenticationStepsOperator.java
+++ b/spring-vault-core/src/main/java/org/springframework/vault/authentication/AuthenticationStepsOperator.java
@@ -136,7 +136,7 @@ private Mono<Object> createMono(Iterable<Node<?>> steps) {
 
 			if (o instanceof ZipStep) {
 				state = state.zipWith(doZipStep((ZipStep<Object, Object>) o))
-						.map(it -> Pair.of(it.getT1(), it.getT2()));
+					.map(it -> Pair.of(it.getT1(), it.getT2()));
 			}
 
 			if (o instanceof OnNextStep) {
@@ -166,8 +166,8 @@ private Mono<Object> doHttpRequest(HttpRequestNode<Object> step, Object state) {
 		RequestBodySpec spec;
 		if (definition.getUri() == null) {
 
-			spec = this.webClient.method(definition.getMethod()).uri(definition.getUriTemplate(),
-					definition.getUrlVariables());
+			spec = this.webClient.method(definition.getMethod())
+				.uri(definition.getUriTemplate(), definition.getUrlVariables());
 		}
 		else {
 			spec = this.webClient.method(definition.getMethod()).uri(definition.getUri());
@@ -224,14 +224,13 @@ private Mono<Object> doSupplierStepLater(SupplierStep<Object> supplierStep) {
 		ResourceCredentialSupplier resourceSupplier = (ResourceCredentialSupplier) supplier;
 
 		return DataBufferUtils.join(DataBufferUtils.read(resourceSupplier.getResource(), this.factory, 4096))
-				.map(dataBuffer -> {
-					String result = dataBuffer.toString(ResourceCredentialSupplier.CHARSET);
-					DataBufferUtils.release(dataBuffer);
-					return (Object) result;
-				}).onErrorMap(IOException.class,
-						e -> new VaultException(
-								String.format("Credential retrieval from %s failed", resourceSupplier.getResource()),
-								e));
+			.map(dataBuffer -> {
+				String result = dataBuffer.toString(ResourceCredentialSupplier.CHARSET);
+				DataBufferUtils.release(dataBuffer);
+				return (Object) result;
+			})
+			.onErrorMap(IOException.class, e -> new VaultException(
+					String.format("Credential retrieval from %s failed", resourceSupplier.getResource()), e));
 	}
 
 	enum Undefinded {
diff --git a/spring-vault-core/src/main/java/org/springframework/vault/authentication/AwsEc2Authentication.java b/spring-vault-core/src/main/java/org/springframework/vault/authentication/AwsEc2Authentication.java
index 8b3e2cba1..6e714e276 100644
--- a/spring-vault-core/src/main/java/org/springframework/vault/authentication/AwsEc2Authentication.java
+++ b/spring-vault-core/src/main/java/org/springframework/vault/authentication/AwsEc2Authentication.java
@@ -108,26 +108,27 @@ protected static AuthenticationSteps createAuthenticationSteps(AwsEc2Authenticat
 			AtomicReference<char[]> nonce, Supplier<char[]> nonceSupplier) {
 
 		return AuthenticationSteps
-				.fromHttpRequest(HttpRequestBuilder.get(options.getIdentityDocumentUri().toString()).as(String.class)) //
-				.map(pkcs7 -> pkcs7.replaceAll("\\r", "")) //
-				.map(pkcs7 -> pkcs7.replaceAll("\\n", "")) //
-				.map(pkcs7 -> {
+			.fromHttpRequest(HttpRequestBuilder.get(options.getIdentityDocumentUri().toString()).as(String.class)) //
+			.map(pkcs7 -> pkcs7.replaceAll("\\r", "")) //
+			.map(pkcs7 -> pkcs7.replaceAll("\\n", "")) //
+			.map(pkcs7 -> {
 
-					Map<String, String> login = new HashMap<>();
+				Map<String, String> login = new HashMap<>();
 
-					if (StringUtils.hasText(options.getRole())) {
-						login.put("role", options.getRole());
-					}
+				if (StringUtils.hasText(options.getRole())) {
+					login.put("role", options.getRole());
+				}
 
-					if (Objects.equals(nonce.get(), EMPTY)) {
-						nonce.compareAndSet(EMPTY, nonceSupplier.get());
-					}
+				if (Objects.equals(nonce.get(), EMPTY)) {
+					nonce.compareAndSet(EMPTY, nonceSupplier.get());
+				}
 
-					login.put("nonce", new String(nonce.get()));
-					login.put("pkcs7", pkcs7);
+				login.put("nonce", new String(nonce.get()));
+				login.put("pkcs7", pkcs7);
 
-					return login;
-				}).login(AuthenticationUtil.getLoginPath(options.getPath()));
+				return login;
+			})
+			.login(AuthenticationUtil.getLoginPath(options.getPath()));
 	}
 
 	@Override
@@ -148,7 +149,7 @@ private VaultToken createTokenUsingAwsEc2() {
 		try {
 
 			VaultResponse response = this.vaultRestOperations
-					.postForObject(AuthenticationUtil.getLoginPath(this.options.getPath()), login, VaultResponse.class);
+				.postForObject(AuthenticationUtil.getLoginPath(this.options.getPath()), login, VaultResponse.class);
 
 			Assert.state(response != null && response.getAuth() != null, "Auth field must not be null");
 
diff --git a/spring-vault-core/src/main/java/org/springframework/vault/authentication/AwsEc2AuthenticationOptions.java b/spring-vault-core/src/main/java/org/springframework/vault/authentication/AwsEc2AuthenticationOptions.java
index 5b5b0f892..fffb6a149 100644
--- a/spring-vault-core/src/main/java/org/springframework/vault/authentication/AwsEc2AuthenticationOptions.java
+++ b/spring-vault-core/src/main/java/org/springframework/vault/authentication/AwsEc2AuthenticationOptions.java
@@ -36,7 +36,7 @@
 public class AwsEc2AuthenticationOptions {
 
 	public static final URI DEFAULT_PKCS7_IDENTITY_DOCUMENT_URI = URI
-			.create("http://169.254.169.254/latest/dynamic/instance-identity/pkcs7");
+		.create("http://169.254.169.254/latest/dynamic/instance-identity/pkcs7");
 
 	public static final String DEFAULT_AWS_AUTHENTICATION_PATH = "aws-ec2";
 
diff --git a/spring-vault-core/src/main/java/org/springframework/vault/authentication/AwsIamAuthentication.java b/spring-vault-core/src/main/java/org/springframework/vault/authentication/AwsIamAuthentication.java
index 41310f91d..11625b5cc 100644
--- a/spring-vault-core/src/main/java/org/springframework/vault/authentication/AwsIamAuthentication.java
+++ b/spring-vault-core/src/main/java/org/springframework/vault/authentication/AwsIamAuthentication.java
@@ -125,7 +125,7 @@ protected static AuthenticationSteps createAuthenticationSteps(AwsIamAuthenticat
 			AwsCredentials credentials, Region region) {
 
 		return AuthenticationSteps.fromSupplier(() -> createRequestBody(options, credentials, region)) //
-				.login(AuthenticationUtil.getLoginPath(options.getPath()));
+			.login(AuthenticationUtil.getLoginPath(options.getPath()));
 	}
 
 	@Override
@@ -147,7 +147,7 @@ private VaultToken createTokenUsingAwsIam() {
 		try {
 
 			VaultResponse response = this.vaultRestOperations
-					.postForObject(AuthenticationUtil.getLoginPath(this.options.getPath()), login, VaultResponse.class);
+				.postForObject(AuthenticationUtil.getLoginPath(this.options.getPath()), login, VaultResponse.class);
 
 			Assert.state(response != null && response.getAuth() != null, "Auth field must not be null");
 
@@ -214,13 +214,18 @@ private static String getSignedHeaders(AwsIamAuthenticationOptions options, AwsC
 		Map<String, List<String>> headers = createIamRequestHeaders(options);
 
 		SdkHttpFullRequest.Builder builder = SdkHttpFullRequest.builder()
-				.contentStreamProvider(() -> new ByteArrayInputStream(REQUEST_BODY.getBytes())).headers(headers)
-				.method(SdkHttpMethod.POST).uri(options.getEndpointUri());
+			.contentStreamProvider(() -> new ByteArrayInputStream(REQUEST_BODY.getBytes()))
+			.headers(headers)
+			.method(SdkHttpMethod.POST)
+			.uri(options.getEndpointUri());
 		SdkHttpFullRequest request = builder.build();
 
 		Aws4Signer signer = Aws4Signer.create();
-		Aws4SignerParams signerParams = Aws4SignerParams.builder().awsCredentials(credentials).signingName("sts")
-				.signingRegion(region).build();
+		Aws4SignerParams signerParams = Aws4SignerParams.builder()
+			.awsCredentials(credentials)
+			.signingName("sts")
+			.signingRegion(region)
+			.build();
 		SdkHttpFullRequest signedRequest = signer.sign(request, signerParams);
 
 		Map<String, Object> map = new LinkedHashMap<>();
diff --git a/spring-vault-core/src/main/java/org/springframework/vault/authentication/AzureMsiAuthentication.java b/spring-vault-core/src/main/java/org/springframework/vault/authentication/AzureMsiAuthentication.java
index c2d2544b9..e0641a5ac 100644
--- a/spring-vault-core/src/main/java/org/springframework/vault/authentication/AzureMsiAuthentication.java
+++ b/spring-vault-core/src/main/java/org/springframework/vault/authentication/AzureMsiAuthentication.java
@@ -117,26 +117,27 @@ protected static AuthenticationSteps createAuthenticationSteps(AzureMsiAuthentic
 			@Nullable AzureVmEnvironment environment) {
 
 		Node<String> msiToken = AuthenticationSteps
-				.fromHttpRequest(HttpRequestBuilder.get(options.getIdentityTokenServiceUri()).with(METADATA_HEADERS)
-						.as(Map.class)) //
-				.map(token -> (String) token.get("access_token"));
+			.fromHttpRequest(
+					HttpRequestBuilder.get(options.getIdentityTokenServiceUri()).with(METADATA_HEADERS).as(Map.class)) //
+			.map(token -> (String) token.get("access_token"));
 
 		Node<AzureVmEnvironment> environmentSteps;
 
 		if (environment == null) {
 
 			environmentSteps = AuthenticationSteps
-					.fromHttpRequest(HttpRequestBuilder.get(options.getInstanceMetadataServiceUri())
-							.with(METADATA_HEADERS).as(Map.class)) //
-					.map(AzureMsiAuthentication::toAzureVmEnvironment);
+				.fromHttpRequest(HttpRequestBuilder.get(options.getInstanceMetadataServiceUri())
+					.with(METADATA_HEADERS)
+					.as(Map.class)) //
+				.map(AzureMsiAuthentication::toAzureVmEnvironment);
 		}
 		else {
 			environmentSteps = AuthenticationSteps.fromValue(environment);
 		}
 
 		return environmentSteps.zipWith(msiToken)
-				.map(tuple -> getAzureLogin(options.getRole(), tuple.getLeft(), tuple.getRight())) //
-				.login(AuthenticationUtil.getLoginPath(options.getPath()));
+			.map(tuple -> getAzureLogin(options.getRole(), tuple.getLeft(), tuple.getRight())) //
+			.login(AuthenticationUtil.getLoginPath(options.getPath()));
 	}
 
 	@Override
@@ -156,7 +157,7 @@ private VaultToken createTokenUsingAzureMsiCompute() {
 		try {
 
 			VaultResponse response = this.vaultRestOperations
-					.postForObject(AuthenticationUtil.getLoginPath(this.options.getPath()), login, VaultResponse.class);
+				.postForObject(AuthenticationUtil.getLoginPath(this.options.getPath()), login, VaultResponse.class);
 
 			Assert.state(response != null && response.getAuth() != null, "Auth field must not be null");
 
@@ -187,7 +188,7 @@ private static Map<String, String> getAzureLogin(String role, AzureVmEnvironment
 	private String getAccessToken() {
 
 		ResponseEntity<Map> response = this.azureMetadataRestOperations
-				.exchange(this.options.getIdentityTokenServiceUri(), HttpMethod.GET, METADATA_HEADERS, Map.class);
+			.exchange(this.options.getIdentityTokenServiceUri(), HttpMethod.GET, METADATA_HEADERS, Map.class);
 
 		return (String) response.getBody().get("access_token");
 	}
@@ -202,7 +203,7 @@ private AzureVmEnvironment getVmEnvironment() {
 	private AzureVmEnvironment fetchAzureVmEnvironment() {
 
 		ResponseEntity<Map> response = this.azureMetadataRestOperations
-				.exchange(this.options.getInstanceMetadataServiceUri(), HttpMethod.GET, METADATA_HEADERS, Map.class);
+			.exchange(this.options.getInstanceMetadataServiceUri(), HttpMethod.GET, METADATA_HEADERS, Map.class);
 
 		return toAzureVmEnvironment(response.getBody());
 	}
diff --git a/spring-vault-core/src/main/java/org/springframework/vault/authentication/AzureMsiAuthenticationOptions.java b/spring-vault-core/src/main/java/org/springframework/vault/authentication/AzureMsiAuthenticationOptions.java
index 2e2713138..a52961122 100644
--- a/spring-vault-core/src/main/java/org/springframework/vault/authentication/AzureMsiAuthenticationOptions.java
+++ b/spring-vault-core/src/main/java/org/springframework/vault/authentication/AzureMsiAuthenticationOptions.java
@@ -38,7 +38,7 @@ public class AzureMsiAuthenticationOptions {
 	public static final String DEFAULT_AZURE_AUTHENTICATION_PATH = "azure";
 
 	public static final URI DEFAULT_INSTANCE_METADATA_SERVICE_URI = URI
-			.create("http://169.254.169.254/metadata/instance?api-version=2017-12-01");
+		.create("http://169.254.169.254/metadata/instance?api-version=2017-12-01");
 
 	public static final URI DEFAULT_IDENTITY_TOKEN_SERVICE_URI = URI.create(
 			"http://169.254.169.254/metadata/identity/oauth2/token?resource=https://vault.hashicorp.com&api-version=2018-02-01");
diff --git a/spring-vault-core/src/main/java/org/springframework/vault/authentication/ClientCertificateAuthentication.java b/spring-vault-core/src/main/java/org/springframework/vault/authentication/ClientCertificateAuthentication.java
index c018b275a..3d0ccb07c 100644
--- a/spring-vault-core/src/main/java/org/springframework/vault/authentication/ClientCertificateAuthentication.java
+++ b/spring-vault-core/src/main/java/org/springframework/vault/authentication/ClientCertificateAuthentication.java
@@ -85,7 +85,7 @@ public static AuthenticationSteps createAuthenticationSteps(ClientCertificateAut
 		Assert.notNull(options, "ClientCertificateAuthenticationOptions must not be null");
 
 		return AuthenticationSteps
-				.just(post(AuthenticationUtil.getLoginPath(options.getPath())).as(VaultResponse.class));
+			.just(post(AuthenticationUtil.getLoginPath(options.getPath())).as(VaultResponse.class));
 	}
 
 	@Override
diff --git a/spring-vault-core/src/main/java/org/springframework/vault/authentication/CubbyholeAuthentication.java b/spring-vault-core/src/main/java/org/springframework/vault/authentication/CubbyholeAuthentication.java
index d87a7cf65..a88611aab 100644
--- a/spring-vault-core/src/main/java/org/springframework/vault/authentication/CubbyholeAuthentication.java
+++ b/spring-vault-core/src/main/java/org/springframework/vault/authentication/CubbyholeAuthentication.java
@@ -171,11 +171,11 @@ public static AuthenticationSteps createAuthenticationSteps(CubbyholeAuthenticat
 		HttpEntity<Object> requestEntity = getRequestEntity(options);
 
 		HttpRequest<VaultResponse> initialRequest = method(unwrapMethod, url) //
-				.with(requestEntity) //
-				.as(VaultResponse.class);
+			.with(requestEntity) //
+			.as(VaultResponse.class);
 
 		return AuthenticationSteps.fromHttpRequest(initialRequest) //
-				.login(it -> getToken(options, it, url));
+			.login(it -> getToken(options, it, url));
 	}
 
 	@Override
@@ -283,7 +283,7 @@ private static VaultToken getToken(CubbyholeAuthenticationOptions options, Vault
 		}
 
 		throw new VaultLoginException(String
-				.format("Cannot retrieve Token from Cubbyhole: Response at %s does not contain an unique token", url));
+			.format("Cannot retrieve Token from Cubbyhole: Response at %s does not contain an unique token", url));
 	}
 
 }
diff --git a/spring-vault-core/src/main/java/org/springframework/vault/authentication/GcpComputeAuthentication.java b/spring-vault-core/src/main/java/org/springframework/vault/authentication/GcpComputeAuthentication.java
index 0c6e589d7..28a1d3268 100644
--- a/spring-vault-core/src/main/java/org/springframework/vault/authentication/GcpComputeAuthentication.java
+++ b/spring-vault-core/src/main/java/org/springframework/vault/authentication/GcpComputeAuthentication.java
@@ -104,13 +104,13 @@ public static AuthenticationSteps createAuthenticationSteps(GcpComputeAuthentica
 		String audience = getAudience(options.getRole());
 
 		HttpRequest<String> jwtRequest = get(COMPUTE_METADATA_URL_TEMPLATE, serviceAccount, audience, "full") //
-				.with(getMetadataHttpHeaders()) //
-				.as(String.class);
+			.with(getMetadataHttpHeaders()) //
+			.as(String.class);
 
 		return AuthenticationSteps.fromHttpRequest(jwtRequest)
-				//
-				.map(jwt -> createRequestBody(options.getRole(), jwt))
-				.login(AuthenticationUtil.getLoginPath(options.getPath()));
+			//
+			.map(jwt -> createRequestBody(options.getRole(), jwt))
+			.login(AuthenticationUtil.getLoginPath(options.getPath()));
 	}
 
 	@Override
diff --git a/spring-vault-core/src/main/java/org/springframework/vault/authentication/GcpIamAuthentication.java b/spring-vault-core/src/main/java/org/springframework/vault/authentication/GcpIamAuthentication.java
index 33447cf7d..e5784c01f 100644
--- a/spring-vault-core/src/main/java/org/springframework/vault/authentication/GcpIamAuthentication.java
+++ b/spring-vault-core/src/main/java/org/springframework/vault/authentication/GcpIamAuthentication.java
@@ -123,7 +123,8 @@ protected String signJwt() {
 		Map<String, Object> jwtPayload = getJwtPayload(this.options, serviceAccount);
 
 		Iam iam = new Builder(this.httpTransport, GoogleJsonUtil.JSON_FACTORY, this.credential)
-				.setApplicationName("Spring Vault/" + getClass().getName()).build();
+			.setApplicationName("Spring Vault/" + getClass().getName())
+			.build();
 
 		try {
 
@@ -131,8 +132,9 @@ protected String signJwt() {
 			SignJwtRequest request = new SignJwtRequest();
 			request.setPayload(payload);
 
-			SignJwt signJwt = iam.projects().serviceAccounts()
-					.signJwt(String.format("projects/%s/serviceAccounts/%s", projectId, serviceAccount), request);
+			SignJwt signJwt = iam.projects()
+				.serviceAccounts()
+				.signJwt(String.format("projects/%s/serviceAccounts/%s", projectId, serviceAccount), request);
 
 			SignJwtResponse response = signJwt.execute();
 
diff --git a/spring-vault-core/src/main/java/org/springframework/vault/authentication/GcpIamCredentialsAuthentication.java b/spring-vault-core/src/main/java/org/springframework/vault/authentication/GcpIamCredentialsAuthentication.java
index 8c68cfe7e..a2ca5d1a4 100644
--- a/spring-vault-core/src/main/java/org/springframework/vault/authentication/GcpIamCredentialsAuthentication.java
+++ b/spring-vault-core/src/main/java/org/springframework/vault/authentication/GcpIamCredentialsAuthentication.java
@@ -121,8 +121,9 @@ protected String signJwt() {
 
 		try {
 			IamCredentialsSettings credentialsSettings = IamCredentialsSettings.newBuilder()
-					.setCredentialsProvider(() -> this.credentials)
-					.setTransportChannelProvider(this.transportChannelProvider).build();
+				.setCredentialsProvider(() -> this.credentials)
+				.setTransportChannelProvider(this.transportChannelProvider)
+				.build();
 			try (IamCredentialsClient iamCredentialsClient = IamCredentialsClient.create(credentialsSettings)) {
 				String payload = GoogleJsonUtil.JSON_FACTORY.toString(jwtPayload);
 				ServiceAccountName serviceAccountName = ServiceAccountName.of("-", serviceAccount);
diff --git a/spring-vault-core/src/main/java/org/springframework/vault/authentication/KubernetesAuthentication.java b/spring-vault-core/src/main/java/org/springframework/vault/authentication/KubernetesAuthentication.java
index 96cd85feb..f53fcb931 100644
--- a/spring-vault-core/src/main/java/org/springframework/vault/authentication/KubernetesAuthentication.java
+++ b/spring-vault-core/src/main/java/org/springframework/vault/authentication/KubernetesAuthentication.java
@@ -76,8 +76,8 @@ public static AuthenticationSteps createAuthenticationSteps(KubernetesAuthentica
 		Assert.notNull(options, "KubernetesAuthenticationOptions must not be null");
 
 		return AuthenticationSteps.fromSupplier(options.getJwtSupplier())
-				.map(token -> getKubernetesLogin(options.getRole(), token))
-				.login(AuthenticationUtil.getLoginPath(options.getPath()));
+			.map(token -> getKubernetesLogin(options.getRole(), token))
+			.login(AuthenticationUtil.getLoginPath(options.getPath()));
 	}
 
 	@Override
@@ -87,7 +87,7 @@ public VaultToken login() throws VaultException {
 
 		try {
 			VaultResponse response = this.restOperations
-					.postForObject(AuthenticationUtil.getLoginPath(this.options.getPath()), login, VaultResponse.class);
+				.postForObject(AuthenticationUtil.getLoginPath(this.options.getPath()), login, VaultResponse.class);
 
 			Assert.state(response != null && response.getAuth() != null, "Auth field must not be null");
 
diff --git a/spring-vault-core/src/main/java/org/springframework/vault/authentication/LifecycleAwareSessionManager.java b/spring-vault-core/src/main/java/org/springframework/vault/authentication/LifecycleAwareSessionManager.java
index 93dfcf6ed..63eda248b 100644
--- a/spring-vault-core/src/main/java/org/springframework/vault/authentication/LifecycleAwareSessionManager.java
+++ b/spring-vault-core/src/main/java/org/springframework/vault/authentication/LifecycleAwareSessionManager.java
@@ -281,7 +281,7 @@ public VaultToken getSessionToken() {
 		}
 
 		return getToken().map(TokenWrapper::getToken)
-				.orElseThrow(() -> new IllegalStateException("Cannot obtain VaultToken"));
+			.orElseThrow(() -> new IllegalStateException("Cannot obtain VaultToken"));
 	}
 
 	private void doGetSessionToken() {
diff --git a/spring-vault-core/src/main/java/org/springframework/vault/authentication/MacAddressUserId.java b/spring-vault-core/src/main/java/org/springframework/vault/authentication/MacAddressUserId.java
index 99afe7263..dcf172bce 100644
--- a/spring-vault-core/src/main/java/org/springframework/vault/authentication/MacAddressUserId.java
+++ b/spring-vault-core/src/main/java/org/springframework/vault/authentication/MacAddressUserId.java
@@ -113,9 +113,9 @@ public String createUserId() {
 			}
 
 			return networkInterface.map(MacAddressUserId::getRequiredNetworkAddress) //
-					.map(Sha256::toHexString) //
-					.map(Sha256::toSha256) //
-					.orElseThrow(() -> new IllegalStateException("Cannot determine NetworkInterface"));
+				.map(Sha256::toHexString) //
+				.map(Sha256::toSha256) //
+				.orElseThrow(() -> new IllegalStateException("Cannot determine NetworkInterface"));
 		}
 		catch (IOException e) {
 			throw new IllegalStateException(e);
@@ -135,8 +135,8 @@ private static Optional<NetworkInterface> getNetworkInterface(Number hint, List<
 	private static Optional<NetworkInterface> getNetworkInterface(String hint, List<NetworkInterface> interfaces) {
 
 		return interfaces.stream() //
-				.filter(anInterface -> matchesHint(hint, anInterface)) //
-				.findFirst();
+			.filter(anInterface -> matchesHint(hint, anInterface)) //
+			.findFirst();
 	}
 
 	private static boolean matchesHint(String hint, NetworkInterface networkInterface) {
@@ -148,9 +148,9 @@ private static Optional<NetworkInterface> getNetworkInterfaceWithHardwareAddress
 			List<NetworkInterface> interfaces) {
 
 		return interfaces.stream() //
-				.filter(MacAddressUserId::hasNetworkAddress) //
-				.sorted(Comparator.comparingInt(NetworkInterface::getIndex)) //
-				.findFirst();
+			.filter(MacAddressUserId::hasNetworkAddress) //
+			.sorted(Comparator.comparingInt(NetworkInterface::getIndex)) //
+			.findFirst();
 	}
 
 	private static Optional<byte[]> getNetworkAddress(NetworkInterface it) {
@@ -166,8 +166,8 @@ private static Optional<byte[]> getNetworkAddress(NetworkInterface it) {
 	private static byte[] getRequiredNetworkAddress(NetworkInterface it) {
 
 		return getNetworkAddress(it) //
-				.orElseThrow(() -> new IllegalStateException(
-						String.format("Network interface %s has no hardware address", it.getName())));
+			.orElseThrow(() -> new IllegalStateException(
+					String.format("Network interface %s has no hardware address", it.getName())));
 	}
 
 	private static boolean hasNetworkAddress(NetworkInterface it) {
diff --git a/spring-vault-core/src/main/java/org/springframework/vault/authentication/PcfAuthentication.java b/spring-vault-core/src/main/java/org/springframework/vault/authentication/PcfAuthentication.java
index e1403c00a..fcf2e08d1 100644
--- a/spring-vault-core/src/main/java/org/springframework/vault/authentication/PcfAuthentication.java
+++ b/spring-vault-core/src/main/java/org/springframework/vault/authentication/PcfAuthentication.java
@@ -93,10 +93,10 @@ public static AuthenticationSteps createAuthenticationSteps(PcfAuthenticationOpt
 		AuthenticationSteps.Node<String> cert = AuthenticationSteps.fromSupplier(options.getInstanceCertSupplier());
 		AuthenticationSteps.Node<String> key = AuthenticationSteps.fromSupplier(options.getInstanceKeySupplier());
 
-		return cert
-				.zipWith(key).map(credentials -> getPcfLogin(options.getRole(), options.getClock(),
-						credentials.getLeft(), credentials.getRight()))
-				.login(AuthenticationUtil.getLoginPath(options.getPath()));
+		return cert.zipWith(key)
+			.map(credentials -> getPcfLogin(options.getRole(), options.getClock(), credentials.getLeft(),
+					credentials.getRight()))
+			.login(AuthenticationUtil.getLoginPath(options.getPath()));
 	}
 
 	@Override
@@ -107,7 +107,7 @@ public VaultToken login() throws VaultException {
 
 		try {
 			VaultResponse response = this.restOperations
-					.postForObject(AuthenticationUtil.getLoginPath(this.options.getPath()), login, VaultResponse.class);
+				.postForObject(AuthenticationUtil.getLoginPath(this.options.getPath()), login, VaultResponse.class);
 
 			Assert.state(response != null && response.getAuth() != null, "Auth field must not be null");
 
diff --git a/spring-vault-core/src/main/java/org/springframework/vault/authentication/ReactiveLifecycleAwareSessionManager.java b/spring-vault-core/src/main/java/org/springframework/vault/authentication/ReactiveLifecycleAwareSessionManager.java
index 6ddb4a013..519d536a9 100644
--- a/spring-vault-core/src/main/java/org/springframework/vault/authentication/ReactiveLifecycleAwareSessionManager.java
+++ b/spring-vault-core/src/main/java/org/springframework/vault/authentication/ReactiveLifecycleAwareSessionManager.java
@@ -182,11 +182,14 @@ protected Mono<Void> revoke(VaultToken token) {
 
 		return this.webClient.post().uri("auth/token/revoke-self").headers(httpHeaders -> {
 			httpHeaders.addAll(VaultHttpHeaders.from(token));
-		}).retrieve().bodyToMono(String.class)
-				.doOnSubscribe(ignore -> dispatch(new BeforeLoginTokenRevocationEvent(token)))
-				.doOnNext(ignore -> dispatch(new AfterLoginTokenRevocationEvent(token)))
-				.onErrorResume(WebClientResponseException.class, e -> onRevokeFailed(token, e))
-				.onErrorResume(Exception.class, e -> onRevokeFailed(token, e)).then();
+		})
+			.retrieve()
+			.bodyToMono(String.class)
+			.doOnSubscribe(ignore -> dispatch(new BeforeLoginTokenRevocationEvent(token)))
+			.doOnNext(ignore -> dispatch(new AfterLoginTokenRevocationEvent(token)))
+			.onErrorResume(WebClientResponseException.class, e -> onRevokeFailed(token, e))
+			.onErrorResume(Exception.class, e -> onRevokeFailed(token, e))
+			.then();
 	}
 
 	private Mono<String> onRevokeFailed(VaultToken token, Throwable e) {
@@ -255,35 +258,37 @@ private Mono<TokenWrapper> doRenewToken(TokenWrapper wrapper) {
 
 	private Mono<TokenWrapper> doRenew(TokenWrapper tokenWrapper) {
 
-		Mono<VaultResponse> exchange = this.webClient.post().uri("auth/token/renew-self")
-				.headers(httpHeaders -> httpHeaders.putAll(VaultHttpHeaders.from(tokenWrapper.token))).retrieve()
-				.bodyToMono(VaultResponse.class);
+		Mono<VaultResponse> exchange = this.webClient.post()
+			.uri("auth/token/renew-self")
+			.headers(httpHeaders -> httpHeaders.putAll(VaultHttpHeaders.from(tokenWrapper.token)))
+			.retrieve()
+			.bodyToMono(VaultResponse.class);
 
 		return exchange.doOnSubscribe(ignore -> dispatch(new BeforeLoginTokenRenewedEvent(tokenWrapper.getToken())))
-				.handle((response, sink) -> {
+			.handle((response, sink) -> {
 
-					LoginToken renewed = LoginTokenUtil.from(response.getRequiredAuth());
+				LoginToken renewed = LoginTokenUtil.from(response.getRequiredAuth());
 
-					if (!isExpired(renewed)) {
-						sink.next(new TokenWrapper(renewed, tokenWrapper.revocable));
-						dispatch(new AfterLoginTokenRenewedEvent(renewed));
-						return;
-					}
+				if (!isExpired(renewed)) {
+					sink.next(new TokenWrapper(renewed, tokenWrapper.revocable));
+					dispatch(new AfterLoginTokenRenewedEvent(renewed));
+					return;
+				}
 
-					if (this.logger.isDebugEnabled()) {
+				if (this.logger.isDebugEnabled()) {
 
-						Duration validTtlThreshold = getRefreshTrigger().getValidTtlThreshold(renewed);
-						this.logger.info(
-								String.format("Token TTL (%s) exceeded validity TTL threshold (%s). Dropping token.",
-										renewed.getLeaseDuration(), validTtlThreshold));
-					}
-					else {
-						this.logger.info("Token TTL exceeded validity TTL threshold. Dropping token.");
-					}
+					Duration validTtlThreshold = getRefreshTrigger().getValidTtlThreshold(renewed);
+					this.logger
+						.info(String.format("Token TTL (%s) exceeded validity TTL threshold (%s). Dropping token.",
+								renewed.getLeaseDuration(), validTtlThreshold));
+				}
+				else {
+					this.logger.info("Token TTL exceeded validity TTL threshold. Dropping token.");
+				}
 
-					dropCurrentToken();
-					dispatch(new LoginTokenExpiredEvent(renewed));
-				});
+				dropCurrentToken();
+				dispatch(new LoginTokenExpiredEvent(renewed));
+			});
 	}
 
 	private void dropCurrentToken() {
@@ -302,18 +307,20 @@ public Mono<VaultToken> getVaultToken() throws VaultException {
 
 		if (tokenWrapper == EMPTY) {
 
-			Mono<TokenWrapper> obtainToken = this.clientAuthentication.getVaultToken().flatMap(this::doSelfLookup) //
-					.onErrorMap(it -> {
-						dispatch(new LoginFailedEvent(this.clientAuthentication, it));
-						return it;
-					}).doOnNext(it -> {
+			Mono<TokenWrapper> obtainToken = this.clientAuthentication.getVaultToken()
+				.flatMap(this::doSelfLookup) //
+				.onErrorMap(it -> {
+					dispatch(new LoginFailedEvent(this.clientAuthentication, it));
+					return it;
+				})
+				.doOnNext(it -> {
 
-						if (isTokenRenewable(it.getToken())) {
-							scheduleRenewal(it.getToken());
-						}
+					if (isTokenRenewable(it.getToken())) {
+						scheduleRenewal(it.getToken());
+					}
 
-						dispatch(new AfterLoginEvent(it.getToken()));
-					});
+					dispatch(new AfterLoginEvent(it.getToken()));
+				});
 
 			this.token.compareAndSet(tokenWrapper, obtainToken.cache());
 		}
@@ -345,13 +352,15 @@ private Mono<TokenWrapper> doSelfLookup(VaultToken token) {
 	 */
 	protected boolean isTokenRenewable(VaultToken token) {
 
-		return Optional.of(token).filter(LoginToken.class::isInstance)
-				//
-				.filter(it -> {
+		return Optional.of(token)
+			.filter(LoginToken.class::isInstance)
+			//
+			.filter(it -> {
 
-					LoginToken loginToken = (LoginToken) it;
-					return !loginToken.getLeaseDuration().isZero() && loginToken.isRenewable();
-				}).isPresent();
+				LoginToken loginToken = (LoginToken) it;
+				return !loginToken.getLeaseDuration().isZero() && loginToken.isRenewable();
+			})
+			.isPresent();
 	}
 
 	private void scheduleRenewal(VaultToken token) {
@@ -397,15 +406,19 @@ private static Mono<VaultToken> augmentWithSelfLookup(WebClient webClient, Vault
 
 	private static Mono<Map<String, Object>> lookupSelf(WebClient webClient, VaultToken token) {
 
-		return webClient.get().uri("auth/token/lookup-self")
-				.headers(httpHeaders -> httpHeaders.putAll(VaultHttpHeaders.from(token))).retrieve()
-				.bodyToMono(VaultResponse.class).map(it -> {
-
-					Assert.state(it.getData() != null, "Token response is null");
-					return it.getRequiredData();
-				}).onErrorMap(WebClientResponseException.class, e -> {
-					return new VaultTokenLookupException(format("Token self-lookup", e), e);
-				});
+		return webClient.get()
+			.uri("auth/token/lookup-self")
+			.headers(httpHeaders -> httpHeaders.putAll(VaultHttpHeaders.from(token)))
+			.retrieve()
+			.bodyToMono(VaultResponse.class)
+			.map(it -> {
+
+				Assert.state(it.getData() != null, "Token response is null");
+				return it.getRequiredData();
+			})
+			.onErrorMap(WebClientResponseException.class, e -> {
+				return new VaultTokenLookupException(format("Token self-lookup", e), e);
+			});
 	}
 
 	private static String format(String message, RuntimeException e) {
diff --git a/spring-vault-core/src/main/java/org/springframework/vault/authentication/TokenAuthentication.java b/spring-vault-core/src/main/java/org/springframework/vault/authentication/TokenAuthentication.java
index 22442ffd1..bdf906a22 100644
--- a/spring-vault-core/src/main/java/org/springframework/vault/authentication/TokenAuthentication.java
+++ b/spring-vault-core/src/main/java/org/springframework/vault/authentication/TokenAuthentication.java
@@ -73,10 +73,10 @@ public static AuthenticationSteps createAuthenticationSteps(VaultToken token, bo
 		if (selfLookup) {
 
 			HttpRequest<VaultResponse> httpRequest = get("auth/token/lookup-self").with(VaultHttpHeaders.from(token))
-					.as(VaultResponse.class);
+				.as(VaultResponse.class);
 
 			return AuthenticationSteps.fromHttpRequest(httpRequest)
-					.login(response -> LoginTokenUtil.from(token.toCharArray(), response.getRequiredData()));
+				.login(response -> LoginTokenUtil.from(token.toCharArray(), response.getRequiredData()));
 		}
 
 		return AuthenticationSteps.just(token);
diff --git a/spring-vault-core/src/main/java/org/springframework/vault/authentication/UsernamePasswordAuthentication.java b/spring-vault-core/src/main/java/org/springframework/vault/authentication/UsernamePasswordAuthentication.java
index 669f0051f..0dcd412f9 100644
--- a/spring-vault-core/src/main/java/org/springframework/vault/authentication/UsernamePasswordAuthentication.java
+++ b/spring-vault-core/src/main/java/org/springframework/vault/authentication/UsernamePasswordAuthentication.java
@@ -77,7 +77,7 @@ public static AuthenticationSteps createAuthenticationSteps(UsernamePasswordAuth
 		Map<String, Object> body = createLoginBody(options);
 
 		return AuthenticationSteps.fromSupplier(() -> body)
-				.login(String.format("%s/%s", getLoginPath(options.getPath()), options.getUsername()));
+			.login(String.format("%s/%s", getLoginPath(options.getPath()), options.getUsername()));
 	}
 
 	@Override
diff --git a/spring-vault-core/src/main/java/org/springframework/vault/client/ClientHttpConnectorFactory.java b/spring-vault-core/src/main/java/org/springframework/vault/client/ClientHttpConnectorFactory.java
index 66804e942..559805ce7 100644
--- a/spring-vault-core/src/main/java/org/springframework/vault/client/ClientHttpConnectorFactory.java
+++ b/spring-vault-core/src/main/java/org/springframework/vault/client/ClientHttpConnectorFactory.java
@@ -132,13 +132,16 @@ public static HttpClient createClient(ClientOptions options, SslConfiguration ss
 			if (hasSslConfiguration(sslConfiguration)) {
 
 				Http11SslContextSpec sslContextSpec = Http11SslContextSpec.forClient()
-						.configure(it -> configureSsl(sslConfiguration, it)).get();
+					.configure(it -> configureSsl(sslConfiguration, it))
+					.get();
 
 				client = client.secure(builder -> builder.sslContext(sslContextSpec));
 			}
 
-			client = client.option(ChannelOption.CONNECT_TIMEOUT_MILLIS,
-					Math.toIntExact(options.getConnectionTimeout().toMillis())).proxyWithSystemProperties();
+			client = client
+				.option(ChannelOption.CONNECT_TIMEOUT_MILLIS,
+						Math.toIntExact(options.getConnectionTimeout().toMillis()))
+				.proxyWithSystemProperties();
 
 			return client;
 		}
@@ -149,7 +152,7 @@ private static void configureSsl(SslConfiguration sslConfiguration, SslContextBu
 
 				if (sslConfiguration.getTrustStoreConfiguration().isPresent()) {
 					sslContextBuilder
-							.trustManager(createTrustManagerFactory(sslConfiguration.getTrustStoreConfiguration()));
+						.trustManager(createTrustManagerFactory(sslConfiguration.getTrustStoreConfiguration()));
 				}
 
 				if (sslConfiguration.getKeyStoreConfiguration().isPresent()) {
@@ -227,16 +230,18 @@ public static HttpAsyncClientBuilder createHttpAsyncClientBuilder(ClientOptions
 				}, null);
 
 				PoolingAsyncClientConnectionManager connectionManager = PoolingAsyncClientConnectionManagerBuilder //
-						.create().setTlsStrategy(tlsStrategy) //
-						.build(); //
+					.create()
+					.setTlsStrategy(tlsStrategy) //
+					.build(); //
 				httpClientBuilder.setConnectionManager(connectionManager);
 			}
 
 			RequestConfig requestConfig = RequestConfig.custom()
-					.setConnectTimeout(Timeout.ofMilliseconds(options.getConnectionTimeout().toMillis()))
-					.setResponseTimeout(Timeout.ofMilliseconds(options.getReadTimeout().toMillis()))
-					.setAuthenticationEnabled(true) //
-					.setRedirectsEnabled(true).build();
+				.setConnectTimeout(Timeout.ofMilliseconds(options.getConnectionTimeout().toMillis()))
+				.setResponseTimeout(Timeout.ofMilliseconds(options.getReadTimeout().toMillis()))
+				.setAuthenticationEnabled(true) //
+				.setRedirectsEnabled(true)
+				.build();
 
 			httpClientBuilder.setDefaultRequestConfig(requestConfig);
 
@@ -283,13 +288,13 @@ public static org.eclipse.jetty.client.HttpClient getHttpClient(SslConfiguration
 
 				if (sslConfiguration.getKeyStoreConfiguration().isPresent()) {
 					KeyStore keyStore = ClientHttpRequestFactoryFactory
-							.getKeyStore(sslConfiguration.getKeyStoreConfiguration());
+						.getKeyStore(sslConfiguration.getKeyStoreConfiguration());
 					sslContextFactory.setKeyStore(keyStore);
 				}
 
 				if (sslConfiguration.getTrustStoreConfiguration().isPresent()) {
 					KeyStore keyStore = ClientHttpRequestFactoryFactory
-							.getKeyStore(sslConfiguration.getTrustStoreConfiguration());
+						.getKeyStore(sslConfiguration.getTrustStoreConfiguration());
 					sslContextFactory.setTrustStore(keyStore);
 				}
 
@@ -305,12 +310,12 @@ public static org.eclipse.jetty.client.HttpClient getHttpClient(SslConfiguration
 
 				if (!sslConfiguration.getEnabledProtocols().isEmpty()) {
 					sslContextFactory
-							.setIncludeProtocols(sslConfiguration.getEnabledProtocols().toArray(new String[0]));
+						.setIncludeProtocols(sslConfiguration.getEnabledProtocols().toArray(new String[0]));
 				}
 
 				if (!sslConfiguration.getEnabledCipherSuites().isEmpty()) {
 					sslContextFactory
-							.setIncludeCipherSuites(sslConfiguration.getEnabledCipherSuites().toArray(new String[0]));
+						.setIncludeCipherSuites(sslConfiguration.getEnabledCipherSuites().toArray(new String[0]));
 				}
 
 				ClientConnector connector = new ClientConnector();
@@ -369,8 +374,9 @@ public static java.net.http.HttpClient.Builder getBuilder(ClientOptions options,
 				builder.sslContext(sslContext).sslParameters(parameters);
 			}
 
-			builder.proxy(ProxySelector.getDefault()).followRedirects(java.net.http.HttpClient.Redirect.ALWAYS)
-					.connectTimeout(options.getConnectionTimeout());
+			builder.proxy(ProxySelector.getDefault())
+				.followRedirects(java.net.http.HttpClient.Redirect.ALWAYS)
+				.connectTimeout(options.getConnectionTimeout());
 			return builder;
 		}
 
diff --git a/spring-vault-core/src/main/java/org/springframework/vault/client/ClientHttpRequestFactoryFactory.java b/spring-vault-core/src/main/java/org/springframework/vault/client/ClientHttpRequestFactoryFactory.java
index b6a21fcef..555a9317a 100644
--- a/spring-vault-core/src/main/java/org/springframework/vault/client/ClientHttpRequestFactoryFactory.java
+++ b/spring-vault-core/src/main/java/org/springframework/vault/client/ClientHttpRequestFactoryFactory.java
@@ -206,7 +206,7 @@ static TrustManagerFactory createTrustManagerFactory(KeyStoreConfiguration keySt
 		KeyStore trustStore = getKeyStore(keyStoreConfiguration);
 
 		TrustManagerFactory trustManagerFactory = TrustManagerFactory
-				.getInstance(TrustManagerFactory.getDefaultAlgorithm());
+			.getInstance(TrustManagerFactory.getDefaultAlgorithm());
 		trustManagerFactory.init(trustStore);
 
 		return trustManagerFactory;
@@ -317,17 +317,20 @@ public static HttpClientBuilder getHttpClientBuilder(ClientOptions options, SslC
 				SSLConnectionSocketFactory sslSocketFactory = new SSLConnectionSocketFactory(sslContext,
 						enabledProtocols, enabledCipherSuites, HttpsSupport.getDefaultHostnameVerifier());
 				PoolingHttpClientConnectionManager connectionManager = PoolingHttpClientConnectionManagerBuilder //
-						.create().setSSLSocketFactory(sslSocketFactory) //
-						.setDefaultSocketConfig(SocketConfig.custom() //
-								.setSoTimeout(Timeout.ofMilliseconds(options.getReadTimeout().toMillis())).build()) //
-						.build(); //
+					.create()
+					.setSSLSocketFactory(sslSocketFactory) //
+					.setDefaultSocketConfig(SocketConfig.custom() //
+						.setSoTimeout(Timeout.ofMilliseconds(options.getReadTimeout().toMillis()))
+						.build()) //
+					.build(); //
 				httpClientBuilder.setConnectionManager(connectionManager);
 			}
 
 			RequestConfig requestConfig = RequestConfig.custom()
-					.setConnectTimeout(Timeout.ofMilliseconds(options.getConnectionTimeout().toMillis()))
-					.setAuthenticationEnabled(true) //
-					.setRedirectsEnabled(true).build();
+				.setConnectTimeout(Timeout.ofMilliseconds(options.getConnectionTimeout().toMillis()))
+				.setAuthenticationEnabled(true) //
+				.setRedirectsEnabled(true)
+				.build();
 
 			httpClientBuilder.setDefaultRequestConfig(requestConfig);
 			return httpClientBuilder;
@@ -387,7 +390,7 @@ public static Builder getBuilder(ClientOptions options, SslConfiguration sslConf
 
 				if (!sslConfiguration.getEnabledCipherSuites().isEmpty()) {
 					sslConnectionSpecBuilder
-							.cipherSuites(sslConfiguration.getEnabledCipherSuites().toArray(new String[0]));
+						.cipherSuites(sslConfiguration.getEnabledCipherSuites().toArray(new String[0]));
 				}
 
 				sslConnectionSpec = sslConnectionSpecBuilder.build();
@@ -398,7 +401,7 @@ public static Builder getBuilder(ClientOptions options, SslConfiguration sslConf
 			builder.connectionSpecs(Arrays.asList(sslConnectionSpec, ConnectionSpec.CLEARTEXT));
 
 			builder.connectTimeout(options.getConnectionTimeout().toMillis(), TimeUnit.MILLISECONDS)
-					.readTimeout(options.getReadTimeout().toMillis(), TimeUnit.MILLISECONDS);
+				.readTimeout(options.getReadTimeout().toMillis(), TimeUnit.MILLISECONDS);
 			return builder;
 		}
 
diff --git a/spring-vault-core/src/main/java/org/springframework/vault/client/ReactiveVaultClients.java b/spring-vault-core/src/main/java/org/springframework/vault/client/ReactiveVaultClients.java
index 87d19cf05..89393e7b3 100644
--- a/spring-vault-core/src/main/java/org/springframework/vault/client/ReactiveVaultClients.java
+++ b/spring-vault-core/src/main/java/org/springframework/vault/client/ReactiveVaultClients.java
@@ -129,7 +129,7 @@ static WebClient.Builder createWebClientBuilder(ReactiveVaultEndpointProvider en
 				simpleSource = true;
 
 				UriBuilderFactory uriBuilderFactory = VaultClients
-						.createUriBuilderFactory(((VaultEndpointProviderAdapter) endpointProvider).source);
+					.createUriBuilderFactory(((VaultEndpointProviderAdapter) endpointProvider).source);
 				builder.uriBuilderFactory(uriBuilderFactory);
 			}
 		}
@@ -143,9 +143,13 @@ static WebClient.Builder createWebClientBuilder(ReactiveVaultEndpointProvider en
 
 					return endpointProvider.getVaultEndpoint().flatMap(endpoint -> {
 
-						UriComponents uriComponents = UriComponentsBuilder.fromUri(uri).scheme(endpoint.getScheme())
-								.host(endpoint.getHost()).port(endpoint.getPort()).replacePath(endpoint.getPath())
-								.path(VaultClients.normalizePath(endpoint.getPath(), uri.getPath())).build();
+						UriComponents uriComponents = UriComponentsBuilder.fromUri(uri)
+							.scheme(endpoint.getScheme())
+							.host(endpoint.getHost())
+							.port(endpoint.getPort())
+							.replacePath(endpoint.getPath())
+							.path(VaultClients.normalizePath(endpoint.getPath(), uri.getPath()))
+							.build();
 
 						ClientRequest requestToSend = ClientRequest.from(request).url(uriComponents.toUri()).build();
 
diff --git a/spring-vault-core/src/main/java/org/springframework/vault/client/RestTemplateBuilder.java b/spring-vault-core/src/main/java/org/springframework/vault/client/RestTemplateBuilder.java
index 9a72775e8..919b966ef 100644
--- a/spring-vault-core/src/main/java/org/springframework/vault/client/RestTemplateBuilder.java
+++ b/spring-vault-core/src/main/java/org/springframework/vault/client/RestTemplateBuilder.java
@@ -58,7 +58,7 @@ public class RestTemplateBuilder {
 	private @Nullable VaultEndpointProvider endpointProvider;
 
 	private Supplier<ClientHttpRequestFactory> requestFactory = () -> ClientHttpRequestFactoryFactory
-			.create(new ClientOptions(), SslConfiguration.unconfigured());
+		.create(new ClientOptions(), SslConfiguration.unconfigured());
 
 	private @Nullable ResponseErrorHandler errorHandler;
 
diff --git a/spring-vault-core/src/main/java/org/springframework/vault/client/VaultClients.java b/spring-vault-core/src/main/java/org/springframework/vault/client/VaultClients.java
index de1f4c812..4f00cbf8c 100644
--- a/spring-vault-core/src/main/java/org/springframework/vault/client/VaultClients.java
+++ b/spring-vault-core/src/main/java/org/springframework/vault/client/VaultClients.java
@@ -176,7 +176,8 @@ public UriBuilder uriString(String uriTemplate) {
 
 				String baseUri = toBaseUri(endpoint);
 				UriComponents uriComponents = UriComponentsBuilder
-						.fromUriString(prepareUriTemplate(baseUri, uriTemplate)).build();
+					.fromUriString(prepareUriTemplate(baseUri, uriTemplate))
+					.build();
 
 				return UriComponentsBuilder.fromUriString(baseUri).uriComponents(uriComponents);
 			}
diff --git a/spring-vault-core/src/main/java/org/springframework/vault/client/WebClientBuilder.java b/spring-vault-core/src/main/java/org/springframework/vault/client/WebClientBuilder.java
index 2eb9e562f..fc7bedabc 100644
--- a/spring-vault-core/src/main/java/org/springframework/vault/client/WebClientBuilder.java
+++ b/spring-vault-core/src/main/java/org/springframework/vault/client/WebClientBuilder.java
@@ -194,12 +194,12 @@ public WebClient build() {
 			Map<String, String> defaultHeaders = this.defaultHeaders;
 			builder.filter((request, next) -> {
 
-				return next.exchange(
-						ClientRequest.from(request).headers(headers -> defaultHeaders.forEach((key, value) -> {
-							if (!headers.containsKey(key)) {
-								headers.add(key, value);
-							}
-						})).build());
+				return next
+					.exchange(ClientRequest.from(request).headers(headers -> defaultHeaders.forEach((key, value) -> {
+						if (!headers.containsKey(key)) {
+							headers.add(key, value);
+						}
+					})).build());
 			});
 		}
 
diff --git a/spring-vault-core/src/main/java/org/springframework/vault/config/AbstractReactiveVaultConfiguration.java b/spring-vault-core/src/main/java/org/springframework/vault/config/AbstractReactiveVaultConfiguration.java
index 2b50b3003..9ca4cecfb 100644
--- a/spring-vault-core/src/main/java/org/springframework/vault/config/AbstractReactiveVaultConfiguration.java
+++ b/spring-vault-core/src/main/java/org/springframework/vault/config/AbstractReactiveVaultConfiguration.java
@@ -105,8 +105,9 @@ protected WebClientBuilder webClientBuilder(ReactiveVaultEndpointProvider endpoi
 
 		ObjectProvider<WebClientCustomizer> customizers = getBeanFactory().getBeanProvider(WebClientCustomizer.class);
 
-		WebClientBuilder builder = WebClientBuilder.builder().endpointProvider(endpointProvider)
-				.httpConnector(httpConnector);
+		WebClientBuilder builder = WebClientBuilder.builder()
+			.endpointProvider(endpointProvider)
+			.httpConnector(httpConnector);
 
 		builder.customizers(customizers.stream().toArray(WebClientCustomizer[]::new));
 
diff --git a/spring-vault-core/src/main/java/org/springframework/vault/config/AbstractVaultConfiguration.java b/spring-vault-core/src/main/java/org/springframework/vault/config/AbstractVaultConfiguration.java
index a10256fba..a7196fec5 100644
--- a/spring-vault-core/src/main/java/org/springframework/vault/config/AbstractVaultConfiguration.java
+++ b/spring-vault-core/src/main/java/org/springframework/vault/config/AbstractVaultConfiguration.java
@@ -92,10 +92,11 @@ protected RestTemplateBuilder restTemplateBuilder(VaultEndpointProvider endpoint
 			ClientHttpRequestFactory requestFactory) {
 
 		ObjectProvider<RestTemplateCustomizer> customizers = getBeanFactory()
-				.getBeanProvider(RestTemplateCustomizer.class);
+			.getBeanProvider(RestTemplateCustomizer.class);
 
-		RestTemplateBuilder builder = RestTemplateBuilder.builder().endpointProvider(endpointProvider)
-				.requestFactory(requestFactory);
+		RestTemplateBuilder builder = RestTemplateBuilder.builder()
+			.endpointProvider(endpointProvider)
+			.requestFactory(requestFactory);
 
 		builder.customizers(customizers.stream().toArray(RestTemplateCustomizer[]::new));
 
diff --git a/spring-vault-core/src/main/java/org/springframework/vault/config/EnvironmentVaultConfiguration.java b/spring-vault-core/src/main/java/org/springframework/vault/config/EnvironmentVaultConfiguration.java
index 3d7d44cb5..ea2b1757d 100644
--- a/spring-vault-core/src/main/java/org/springframework/vault/config/EnvironmentVaultConfiguration.java
+++ b/spring-vault-core/src/main/java/org/springframework/vault/config/EnvironmentVaultConfiguration.java
@@ -258,33 +258,33 @@ private KeyStoreConfiguration getKeyStoreConfiguration(String resourceProperty,
 	public ClientAuthentication clientAuthentication() {
 
 		String authentication = getProperty("vault.authentication", AuthenticationMethod.TOKEN.name()).toUpperCase()
-				.replace('-', '_');
+			.replace('-', '_');
 
 		AuthenticationMethod authenticationMethod = AuthenticationMethod.valueOf(authentication);
 
 		switch (authenticationMethod) {
 
-		case TOKEN:
-			return tokenAuthentication();
-		case APPID:
-			return appIdAuthentication();
-		case APPROLE:
-			return appRoleAuthentication();
-		case AWS_EC2:
-			return awsEc2Authentication();
-		case AWS_IAM:
-			return awsIamAuthentication();
-		case AZURE:
-			return azureMsiAuthentication();
-		case CERT:
-			return new ClientCertificateAuthentication(restOperations());
-		case CUBBYHOLE:
-			return cubbyholeAuthentication();
-		case KUBERNETES:
-			return kubeAuthentication();
-		default:
-			throw new IllegalStateException(String.format("Vault authentication method %s is not supported with %s",
-					authenticationMethod, getClass().getSimpleName()));
+			case TOKEN:
+				return tokenAuthentication();
+			case APPID:
+				return appIdAuthentication();
+			case APPROLE:
+				return appRoleAuthentication();
+			case AWS_EC2:
+				return awsEc2Authentication();
+			case AWS_IAM:
+				return awsIamAuthentication();
+			case AZURE:
+				return azureMsiAuthentication();
+			case CERT:
+				return new ClientCertificateAuthentication(restOperations());
+			case CUBBYHOLE:
+				return cubbyholeAuthentication();
+			case KUBERNETES:
+				return kubeAuthentication();
+			default:
+				throw new IllegalStateException(String.format("Vault authentication method %s is not supported with %s",
+						authenticationMethod, getClass().getSimpleName()));
 		}
 	}
 
@@ -310,8 +310,10 @@ protected ClientAuthentication appIdAuthentication() {
 		Assert.hasText(appId, "Vault AppId authentication: AppId (vault.app-id.app-id) must not be empty");
 		Assert.hasText(userId, "Vault AppId authentication: UserId (vault.app-id.user-id) must not be empty");
 
-		AppIdAuthenticationOptionsBuilder builder = AppIdAuthenticationOptions.builder().appId(appId)
-				.userIdMechanism(getAppIdUserIdMechanism(userId)).path(path);
+		AppIdAuthenticationOptionsBuilder builder = AppIdAuthenticationOptions.builder()
+			.appId(appId)
+			.userIdMechanism(getAppIdUserIdMechanism(userId))
+			.path(path);
 
 		return new AppIdAuthentication(builder.build(), restOperations());
 	}
@@ -326,7 +328,8 @@ protected ClientAuthentication appRoleAuthentication() {
 		Assert.hasText(roleId, "Vault AppRole authentication: RoleId (vault.app-role.role-id) must not be empty");
 
 		AppRoleAuthenticationOptionsBuilder builder = AppRoleAuthenticationOptions.builder()
-				.roleId(RoleId.provided(roleId)).path(path);
+			.roleId(RoleId.provided(roleId))
+			.path(path);
 
 		if (StringUtils.hasText(secretId)) {
 			builder = builder.secretId(SecretId.provided(secretId));
@@ -370,7 +373,8 @@ protected ClientAuthentication awsEc2Authentication() {
 		}
 
 		AwsEc2AuthenticationOptionsBuilder builder = AwsEc2AuthenticationOptions.builder()
-				.role(StringUtils.hasText(role) ? role : roleId).path(path);
+			.role(StringUtils.hasText(role) ? role : roleId)
+			.path(path);
 
 		if (StringUtils.hasText(identityDocument)) {
 			builder.identityDocumentUri(URI.create(identityDocument));
@@ -385,8 +389,9 @@ protected ClientAuthentication awsIamAuthentication() {
 		Assert.isTrue(StringUtils.hasText(role),
 				"Vault AWS-IAM authentication: Role (vault.aws-iam.role) must not be empty");
 
-		AwsIamAuthenticationOptionsBuilder builder = AwsIamAuthenticationOptions.builder().role(role)
-				.credentialsProvider(DefaultCredentialsProvider.create());
+		AwsIamAuthenticationOptionsBuilder builder = AwsIamAuthenticationOptions.builder()
+			.role(role)
+			.credentialsProvider(DefaultCredentialsProvider.create());
 
 		return new AwsIamAuthentication(builder.build(), restOperations());
 	}
@@ -402,8 +407,11 @@ protected ClientAuthentication azureMsiAuthentication() {
 				AzureMsiAuthenticationOptions.DEFAULT_IDENTITY_TOKEN_SERVICE_URI);
 		Assert.hasText(role, "Vault Azure MSI authentication: Role (vault.azure-msi.role) must not be empty");
 
-		AzureMsiAuthenticationOptionsBuilder builder = AzureMsiAuthenticationOptions.builder().role(role).path(path)
-				.instanceMetadataUri(metadataServiceUri).identityTokenServiceUri(identityTokenServiceUri);
+		AzureMsiAuthenticationOptionsBuilder builder = AzureMsiAuthenticationOptions.builder()
+			.role(role)
+			.path(path)
+			.instanceMetadataUri(metadataServiceUri)
+			.identityTokenServiceUri(identityTokenServiceUri);
 
 		return new AzureMsiAuthentication(builder.build(), restOperations());
 	}
@@ -413,8 +421,9 @@ protected ClientAuthentication cubbyholeAuthentication() {
 		String token = getProperty("vault.token");
 		Assert.hasText(token, "Vault Cubbyhole authentication: Initial token (vault.token) must not be empty");
 
-		CubbyholeAuthenticationOptionsBuilder builder = CubbyholeAuthenticationOptions.builder().wrapped()
-				.initialToken(VaultToken.of(token));
+		CubbyholeAuthenticationOptionsBuilder builder = CubbyholeAuthenticationOptions.builder()
+			.wrapped()
+			.initialToken(VaultToken.of(token));
 
 		return new CubbyholeAuthentication(builder.build(), restOperations());
 	}
@@ -431,8 +440,10 @@ protected ClientAuthentication kubeAuthentication() {
 
 		KubernetesJwtSupplier jwtSupplier = new KubernetesServiceAccountTokenFile(tokenFile);
 
-		KubernetesAuthenticationOptionsBuilder builder = KubernetesAuthenticationOptions.builder().role(role)
-				.jwtSupplier(jwtSupplier).path(path);
+		KubernetesAuthenticationOptionsBuilder builder = KubernetesAuthenticationOptions.builder()
+			.role(role)
+			.jwtSupplier(jwtSupplier)
+			.path(path);
 
 		return new KubernetesAuthentication(builder.build(), restOperations());
 	}
diff --git a/spring-vault-core/src/main/java/org/springframework/vault/core/ReactiveVaultTemplate.java b/spring-vault-core/src/main/java/org/springframework/vault/core/ReactiveVaultTemplate.java
index ea3ac6c25..ac403e8e1 100644
--- a/spring-vault-core/src/main/java/org/springframework/vault/core/ReactiveVaultTemplate.java
+++ b/spring-vault-core/src/main/java/org/springframework/vault/core/ReactiveVaultTemplate.java
@@ -211,8 +211,11 @@ protected WebClient doCreateSessionWebClient(VaultEndpointProvider endpointProvi
 
 		ExchangeFilterFunction filter = getSessionFilter();
 
-		return WebClientBuilder.builder().httpConnector(connector).endpointProvider(endpointProvider).filter(filter)
-				.build();
+		return WebClientBuilder.builder()
+			.httpConnector(connector)
+			.endpointProvider(endpointProvider)
+			.filter(filter)
+			.build();
 	}
 
 	private ExchangeFilterFunction getSessionFilter() {
@@ -254,7 +257,7 @@ public Flux<String> list(String path) {
 				VaultListResponse.class);
 
 		return read.filter(response -> response.getData() != null && response.getData().containsKey("keys"))
-				.flatMapIterable(response -> (List<String>) response.getRequiredData().get("keys"));
+			.flatMapIterable(response -> (List<String>) response.getRequiredData().get("keys"));
 	}
 
 	@Override
@@ -279,8 +282,9 @@ public Mono<Void> delete(String path) {
 
 		Assert.hasText(path, "Path must not be empty");
 
-		return doWithSession(webClient -> webClient.delete().uri(path)
-				.exchangeToMono(mapResponse(String.class, path, HttpMethod.DELETE))).then();
+		return doWithSession(webClient -> webClient.delete()
+			.uri(path)
+			.exchangeToMono(mapResponse(String.class, path, HttpMethod.DELETE))).then();
 	}
 
 	@Override
@@ -314,7 +318,8 @@ public <V, T extends Publisher<V>> T doWithSession(Function<WebClient, ? extends
 	private <T> Mono<T> doRead(String path, Class<T> responseType) {
 
 		return doWithSession(client -> client.get() //
-				.uri(path).exchangeToMono(mapResponse(responseType, path, HttpMethod.GET)));
+			.uri(path)
+			.exchangeToMono(mapResponse(responseType, path, HttpMethod.GET)));
 	}
 
 	private static <T> Function<ClientResponse, Mono<T>> mapResponse(Class<T> bodyType, String path,
diff --git a/spring-vault-core/src/main/java/org/springframework/vault/core/VaultKeyValueAccessor.java b/spring-vault-core/src/main/java/org/springframework/vault/core/VaultKeyValueAccessor.java
index 232256b11..b00933f37 100644
--- a/spring-vault-core/src/main/java/org/springframework/vault/core/VaultKeyValueAccessor.java
+++ b/spring-vault-core/src/main/java/org/springframework/vault/core/VaultKeyValueAccessor.java
@@ -102,7 +102,7 @@ public void delete(String path) {
 	<I, T> T doRead(String path, Class<I> deserializeAs, BiFunction<VaultResponseSupport<?>, I, T> mappingFunction) {
 
 		ParameterizedTypeReference<VaultResponseSupport<JsonNode>> ref = VaultResponses
-				.getTypeReference(JsonNode.class);
+			.getTypeReference(JsonNode.class);
 
 		VaultResponseSupport<JsonNode> response = doRead(createDataPath(path), ref);
 
@@ -191,7 +191,7 @@ VaultResponse doWrite(String path, Object body) {
 
 			return this.vaultOperations.doWithSession((restOperations) -> {
 				return restOperations.exchange(path, HttpMethod.POST, new HttpEntity<>(body), VaultResponse.class)
-						.getBody();
+					.getBody();
 			});
 		}
 		catch (HttpStatusCodeException e) {
@@ -221,9 +221,10 @@ private static ObjectMapper extractObjectMapper(VaultOperations vaultOperations)
 				RestTemplate template = (RestTemplate) operations;
 
 				Optional<AbstractJackson2HttpMessageConverter> jackson2Converter = template.getMessageConverters()
-						.stream().filter(AbstractJackson2HttpMessageConverter.class::isInstance) //
-						.map(AbstractJackson2HttpMessageConverter.class::cast) //
-						.findFirst();
+					.stream()
+					.filter(AbstractJackson2HttpMessageConverter.class::isInstance) //
+					.map(AbstractJackson2HttpMessageConverter.class::cast) //
+					.findFirst();
 
 				return jackson2Converter.map(AbstractJackson2HttpMessageConverter::getObjectMapper);
 			}
diff --git a/spring-vault-core/src/main/java/org/springframework/vault/core/VaultKeyValueMetadataTemplate.java b/spring-vault-core/src/main/java/org/springframework/vault/core/VaultKeyValueMetadataTemplate.java
index 4c43c7165..cdef7e4aa 100644
--- a/spring-vault-core/src/main/java/org/springframework/vault/core/VaultKeyValueMetadataTemplate.java
+++ b/spring-vault-core/src/main/java/org/springframework/vault/core/VaultKeyValueMetadataTemplate.java
@@ -90,20 +90,23 @@ private static VaultMetadataResponse fromMap(Map<String, Object> metadataRespons
 		Duration duration = DurationParser.parseDuration((String) metadataResponse.get("delete_version_after"));
 
 		return VaultMetadataResponse.builder()
-				.casRequired(Boolean.parseBoolean(String.valueOf(metadataResponse.get("cas_required"))))
-				.createdTime(toInstant((String) metadataResponse.get("created_time")))
-				.currentVersion(Integer.parseInt(String.valueOf(metadataResponse.get("current_version"))))
-				.deleteVersionAfter(duration)
-				.maxVersions(Integer.parseInt(String.valueOf(metadataResponse.get("max_versions"))))
-				.oldestVersion(Integer.parseInt(String.valueOf(metadataResponse.get("oldest_version"))))
-				.updatedTime(toInstant((String) metadataResponse.get("updated_time")))
-				.versions(buildVersions((Map) metadataResponse.get("versions"))).build();
+			.casRequired(Boolean.parseBoolean(String.valueOf(metadataResponse.get("cas_required"))))
+			.createdTime(toInstant((String) metadataResponse.get("created_time")))
+			.currentVersion(Integer.parseInt(String.valueOf(metadataResponse.get("current_version"))))
+			.deleteVersionAfter(duration)
+			.maxVersions(Integer.parseInt(String.valueOf(metadataResponse.get("max_versions"))))
+			.oldestVersion(Integer.parseInt(String.valueOf(metadataResponse.get("oldest_version"))))
+			.updatedTime(toInstant((String) metadataResponse.get("updated_time")))
+			.versions(buildVersions((Map) metadataResponse.get("versions")))
+			.build();
 	}
 
 	private static List<Versioned.Metadata> buildVersions(Map<String, Map<String, Object>> versions) {
 
-		return versions.entrySet().stream().map(entry -> buildVersion(entry.getKey(), entry.getValue()))
-				.collect(Collectors.toList());
+		return versions.entrySet()
+			.stream()
+			.map(entry -> buildVersion(entry.getKey(), entry.getValue()))
+			.collect(Collectors.toList());
 	}
 
 	private static Versioned.Metadata buildVersion(String version, Map<String, Object> versionData) {
@@ -113,8 +116,12 @@ private static Versioned.Metadata buildVersion(String version, Map<String, Objec
 		boolean destroyed = (Boolean) versionData.get("destroyed");
 		Versioned.Version kvVersion = Versioned.Version.from(Integer.parseInt(version));
 
-		return Versioned.Metadata.builder().createdAt(createdTime).deletedAt(deletionTime).destroyed(destroyed)
-				.version(kvVersion).build();
+		return Versioned.Metadata.builder()
+			.createdAt(createdTime)
+			.deletedAt(deletionTime)
+			.destroyed(destroyed)
+			.version(kvVersion)
+			.build();
 	}
 
 	@Nullable
diff --git a/spring-vault-core/src/main/java/org/springframework/vault/core/VaultPkiTemplate.java b/spring-vault-core/src/main/java/org/springframework/vault/core/VaultPkiTemplate.java
index 2c6110d62..d21eadb52 100644
--- a/spring-vault-core/src/main/java/org/springframework/vault/core/VaultPkiTemplate.java
+++ b/spring-vault-core/src/main/java/org/springframework/vault/core/VaultPkiTemplate.java
@@ -162,17 +162,26 @@ private static Map<String, Object> createIssueRequest(VaultCertificateRequest ce
 		PropertyMapper mapper = PropertyMapper.get();
 
 		mapper.from(certificateRequest::getCommonName).to("common_name", request);
-		mapper.from(certificateRequest::getAltNames).whenNotEmpty()
-				.as(i -> StringUtils.collectionToDelimitedString(i, ",")).to("alt_names", request);
-		mapper.from(certificateRequest::getIpSubjectAltNames).whenNotEmpty()
-				.as(i -> StringUtils.collectionToDelimitedString(i, ",")).to("ip_sans", request);
-		mapper.from(certificateRequest::getUriSubjectAltNames).whenNotEmpty()
-				.as(i -> StringUtils.collectionToDelimitedString(i, ",")).to("uri_sans", request);
-		mapper.from(certificateRequest::getOtherSans).whenNotEmpty()
-				.as(i -> StringUtils.collectionToDelimitedString(i, ",")).to("other_sans", request);
+		mapper.from(certificateRequest::getAltNames)
+			.whenNotEmpty()
+			.as(i -> StringUtils.collectionToDelimitedString(i, ","))
+			.to("alt_names", request);
+		mapper.from(certificateRequest::getIpSubjectAltNames)
+			.whenNotEmpty()
+			.as(i -> StringUtils.collectionToDelimitedString(i, ","))
+			.to("ip_sans", request);
+		mapper.from(certificateRequest::getUriSubjectAltNames)
+			.whenNotEmpty()
+			.as(i -> StringUtils.collectionToDelimitedString(i, ","))
+			.to("uri_sans", request);
+		mapper.from(certificateRequest::getOtherSans)
+			.whenNotEmpty()
+			.as(i -> StringUtils.collectionToDelimitedString(i, ","))
+			.to("other_sans", request);
 		mapper.from(certificateRequest::getTtl).whenNonNull().as(i -> i.get(ChronoUnit.SECONDS)).to("ttl", request);
-		mapper.from(certificateRequest::isExcludeCommonNameFromSubjectAltNames).whenTrue().to("exclude_cn_from_sans",
-				request);
+		mapper.from(certificateRequest::isExcludeCommonNameFromSubjectAltNames)
+			.whenTrue()
+			.to("exclude_cn_from_sans", request);
 		mapper.from(certificateRequest::getFormat).whenHasText().to("format", request);
 		mapper.from(certificateRequest::getPrivateKeyFormat).whenHasText().to("private_key_format", request);
 
diff --git a/spring-vault-core/src/main/java/org/springframework/vault/core/VaultSysTemplate.java b/spring-vault-core/src/main/java/org/springframework/vault/core/VaultSysTemplate.java
index 2d45790da..a119aad57 100644
--- a/spring-vault-core/src/main/java/org/springframework/vault/core/VaultSysTemplate.java
+++ b/spring-vault-core/src/main/java/org/springframework/vault/core/VaultSysTemplate.java
@@ -362,8 +362,8 @@ public void set(String name, Object value) {
 				if (map.containsKey("type")) {
 
 					VaultMountBuilder builder = VaultMount.builder() //
-							.type((String) map.get("type")) //
-							.description((String) map.get("description"));// ;
+						.type((String) map.get("type")) //
+						.description((String) map.get("description"));// ;
 
 					if (map.containsKey("config")) {
 						builder.config((Map) map.get("config"));
diff --git a/spring-vault-core/src/main/java/org/springframework/vault/core/VaultTemplate.java b/spring-vault-core/src/main/java/org/springframework/vault/core/VaultTemplate.java
index 8d0a9670e..491e5fa29 100644
--- a/spring-vault-core/src/main/java/org/springframework/vault/core/VaultTemplate.java
+++ b/spring-vault-core/src/main/java/org/springframework/vault/core/VaultTemplate.java
@@ -240,8 +240,11 @@ protected RestTemplate doCreateRestTemplate(VaultEndpointProvider endpointProvid
 	protected RestTemplate doCreateSessionTemplate(VaultEndpointProvider endpointProvider,
 			ClientHttpRequestFactory requestFactory) {
 
-		return RestTemplateBuilder.builder().endpointProvider(endpointProvider).requestFactory(requestFactory)
-				.customizers(restTemplate -> restTemplate.getInterceptors().add(getSessionInterceptor())).build();
+		return RestTemplateBuilder.builder()
+			.endpointProvider(endpointProvider)
+			.requestFactory(requestFactory)
+			.customizers(restTemplate -> restTemplate.getInterceptors().add(getSessionInterceptor()))
+			.build();
 	}
 
 	private ClientHttpRequestInterceptor getSessionInterceptor() {
@@ -284,10 +287,10 @@ public void destroy() throws Exception {
 	public VaultKeyValueOperations opsForKeyValue(String path, KeyValueBackend apiVersion) {
 
 		switch (apiVersion) {
-		case KV_1:
-			return new VaultKeyValue1Template(this, path);
-		case KV_2:
-			return new VaultKeyValue2Template(this, path);
+			case KV_1:
+				return new VaultKeyValue1Template(this, path);
+			case KV_2:
+				return new VaultKeyValue2Template(this, path);
 		}
 
 		throw new UnsupportedOperationException(
diff --git a/spring-vault-core/src/main/java/org/springframework/vault/core/VaultTransformTemplate.java b/spring-vault-core/src/main/java/org/springframework/vault/core/VaultTransformTemplate.java
index 0499f7be2..27230e4d4 100644
--- a/spring-vault-core/src/main/java/org/springframework/vault/core/VaultTransformTemplate.java
+++ b/spring-vault-core/src/main/java/org/springframework/vault/core/VaultTransformTemplate.java
@@ -72,7 +72,8 @@ public String encode(String roleName, String plaintext) {
 		request.put("value", plaintext);
 
 		return (String) this.vaultOperations.write(String.format("%s/encode/%s", this.path, roleName), request)
-				.getRequiredData().get("encoded_value");
+			.getRequiredData()
+			.get("encoded_value");
 	}
 
 	@Override
@@ -88,7 +89,8 @@ public TransformCiphertext encode(String roleName, TransformPlaintext plaintext)
 		applyTransformOptions(plaintext.getContext(), request);
 
 		Map<String, Object> data = this.vaultOperations
-				.write(String.format("%s/encode/%s", this.path, roleName), request).getRequiredData();
+			.write(String.format("%s/encode/%s", this.path, roleName), request)
+			.getRequiredData();
 
 		return toCiphertext(data, plaintext.getContext());
 	}
@@ -143,7 +145,8 @@ public String decode(String roleName, String ciphertext, VaultTransformContext t
 		applyTransformOptions(transformContext, request);
 
 		return (String) this.vaultOperations.write(String.format("%s/decode/%s", this.path, roleName), request)
-				.getRequiredData().get("decoded_value");
+			.getRequiredData()
+			.get("decoded_value");
 	}
 
 	@Override
@@ -258,8 +261,10 @@ private static TransformCiphertext toCiphertext(Map<String, ?> data, VaultTransf
 		VaultTransformContext contextToUse = context;
 		if (data.containsKey("tweak")) {
 			byte[] tweak = Base64Utils.decodeFromString((String) data.get("tweak"));
-			contextToUse = VaultTransformContext.builder().transformation(context.getTransformation()).tweak(tweak)
-					.build();
+			contextToUse = VaultTransformContext.builder()
+				.transformation(context.getTransformation())
+				.tweak(tweak)
+				.build();
 		}
 
 		return contextToUse.isEmpty() ? TransformCiphertext.of(ciphertext)
diff --git a/spring-vault-core/src/main/java/org/springframework/vault/core/VaultTransitTemplate.java b/spring-vault-core/src/main/java/org/springframework/vault/core/VaultTransitTemplate.java
index 57063dc12..e73a6d982 100644
--- a/spring-vault-core/src/main/java/org/springframework/vault/core/VaultTransitTemplate.java
+++ b/spring-vault-core/src/main/java/org/springframework/vault/core/VaultTransitTemplate.java
@@ -122,7 +122,7 @@ public RawTransitKey exportKey(String keyName, TransitKeyType type) {
 		Assert.notNull(type, "Key type must not be null");
 
 		VaultResponseSupport<RawTransitKeyImpl> result = this.vaultOperations
-				.read(String.format("%s/export/%s/%s", this.path, type.getValue(), keyName), RawTransitKeyImpl.class);
+			.read(String.format("%s/export/%s/%s", this.path, type.getValue(), keyName), RawTransitKeyImpl.class);
 
 		return result != null ? result.getRequiredData() : null;
 	}
@@ -134,7 +134,7 @@ public VaultTransitKey getKey(String keyName) {
 		Assert.hasText(keyName, "Key name must not be empty");
 
 		VaultResponseSupport<VaultTransitKeyImpl> result = this.vaultOperations
-				.read(String.format("%s/keys/%s", this.path, keyName), VaultTransitKeyImpl.class);
+			.read(String.format("%s/keys/%s", this.path, keyName), VaultTransitKeyImpl.class);
 
 		if (result != null) {
 			return result.getRequiredData();
@@ -170,7 +170,8 @@ public String encrypt(String keyName, String plaintext) {
 		request.put("plaintext", Base64Utils.encodeToString(plaintext.getBytes()));
 
 		return (String) this.vaultOperations.write(String.format("%s/encrypt/%s", this.path, keyName), request)
-				.getRequiredData().get("ciphertext");
+			.getRequiredData()
+			.get("ciphertext");
 	}
 
 	@Override
@@ -198,7 +199,8 @@ public String encrypt(String keyName, byte[] plaintext, VaultTransitContext tran
 		applyTransitOptions(transitContext, request);
 
 		return (String) this.vaultOperations.write(String.format("%s/encrypt/%s", this.path, keyName), request)
-				.getRequiredData().get("ciphertext");
+			.getRequiredData()
+			.get("ciphertext");
 	}
 
 	@Override
@@ -239,7 +241,9 @@ public String decrypt(String keyName, String ciphertext) {
 		request.put("ciphertext", ciphertext);
 
 		String plaintext = (String) this.vaultOperations
-				.write(String.format("%s/decrypt/%s", this.path, keyName), request).getRequiredData().get("plaintext");
+			.write(String.format("%s/decrypt/%s", this.path, keyName), request)
+			.getRequiredData()
+			.get("plaintext");
 
 		return new String(Base64Utils.decodeFromString(plaintext));
 	}
@@ -269,7 +273,9 @@ public byte[] decrypt(String keyName, String ciphertext, VaultTransitContext tra
 		applyTransitOptions(transitContext, request);
 
 		String plaintext = (String) this.vaultOperations
-				.write(String.format("%s/decrypt/%s", this.path, keyName), request).getRequiredData().get("plaintext");
+			.write(String.format("%s/decrypt/%s", this.path, keyName), request)
+			.getRequiredData()
+			.get("plaintext");
 
 		return Base64Utils.decodeFromString(plaintext);
 	}
@@ -311,7 +317,8 @@ public String rewrap(String keyName, String ciphertext) {
 		request.put("ciphertext", ciphertext);
 
 		return (String) this.vaultOperations.write(String.format("%s/rewrap/%s", this.path, keyName), request)
-				.getRequiredData().get("ciphertext");
+			.getRequiredData()
+			.get("ciphertext");
 	}
 
 	@Override
@@ -328,7 +335,8 @@ public String rewrap(String keyName, String ciphertext, VaultTransitContext tran
 		applyTransitOptions(transitContext, request);
 
 		return (String) this.vaultOperations.write(String.format("%s/rewrap/%s", this.path, keyName), request)
-				.getRequiredData().get("ciphertext");
+			.getRequiredData()
+			.get("ciphertext");
 	}
 
 	@Override
@@ -356,7 +364,8 @@ public Hmac getHmac(String keyName, VaultHmacRequest hmacRequest) {
 		mapper.from(hmacRequest::getKeyVersion).whenNonNull().to("key_version", request);
 
 		String hmac = (String) this.vaultOperations.write(String.format("%s/hmac/%s", this.path, keyName), request)
-				.getRequiredData().get("hmac");
+			.getRequiredData()
+			.get("hmac");
 
 		return Hmac.of(hmac);
 	}
@@ -386,7 +395,8 @@ public Signature sign(String keyName, VaultSignRequest signRequest) {
 		mapper.from(signRequest::getSignatureAlgorithm).whenHasText().to("signature_algorithm", request);
 
 		String signature = (String) this.vaultOperations.write(String.format("%s/sign/%s", this.path, keyName), request)
-				.getRequiredData().get("signature");
+			.getRequiredData()
+			.get("signature");
 
 		return Signature.of(signature);
 	}
@@ -411,16 +421,20 @@ public SignatureValidation verify(String keyName, VaultSignatureVerificationRequ
 		Map<String, Object> request = new LinkedHashMap<>(5);
 		PropertyMapper mapper = PropertyMapper.get();
 
-		mapper.from(verificationRequest.getPlaintext()::getPlaintext).as(Base64Utils::encodeToString).to("input",
-				request);
+		mapper.from(verificationRequest.getPlaintext()::getPlaintext)
+			.as(Base64Utils::encodeToString)
+			.to("input", request);
 		mapper.from(verificationRequest::getHmac).whenNonNull().as(Hmac::getHmac).to("hmac", request);
-		mapper.from(verificationRequest::getSignature).whenNonNull().as(Signature::getSignature).to("signature",
-				request);
+		mapper.from(verificationRequest::getSignature)
+			.whenNonNull()
+			.as(Signature::getSignature)
+			.to("signature", request);
 		mapper.from(verificationRequest::getHashAlgorithm).whenHasText().to("hash_algorithm", request);
 		mapper.from(verificationRequest::getSignatureAlgorithm).whenHasText().to("signature_algorithm", request);
 
 		Map<String, Object> response = this.vaultOperations
-				.write(String.format("%s/verify/%s", this.path, keyName), request).getRequiredData();
+			.write(String.format("%s/verify/%s", this.path, keyName), request)
+			.getRequiredData();
 
 		if (response.containsKey("valid") && Boolean.valueOf("" + response.get("valid"))) {
 			return SignatureValidation.valid();
diff --git a/spring-vault-core/src/main/java/org/springframework/vault/core/VaultVersionedKeyValueTemplate.java b/spring-vault-core/src/main/java/org/springframework/vault/core/VaultVersionedKeyValueTemplate.java
index ad8e684c9..3e429b576 100644
--- a/spring-vault-core/src/main/java/org/springframework/vault/core/VaultVersionedKeyValueTemplate.java
+++ b/spring-vault-core/src/main/java/org/springframework/vault/core/VaultVersionedKeyValueTemplate.java
@@ -208,8 +208,10 @@ public void delete(String path, Version... versionsToDelete) {
 	}
 
 	private static List<Integer> toVersionList(Version[] versionsToDelete) {
-		return Arrays.stream(versionsToDelete).filter(Version::isVersioned).map(Version::getVersion)
-				.collect(Collectors.toList());
+		return Arrays.stream(versionsToDelete)
+			.filter(Version::isVersioned)
+			.map(Version::getVersion)
+			.collect(Collectors.toList());
 	}
 
 	@Override
diff --git a/spring-vault-core/src/main/java/org/springframework/vault/core/VaultWrappingTemplate.java b/spring-vault-core/src/main/java/org/springframework/vault/core/VaultWrappingTemplate.java
index 86ecff796..d46bf3ea4 100644
--- a/spring-vault-core/src/main/java/org/springframework/vault/core/VaultWrappingTemplate.java
+++ b/spring-vault-core/src/main/java/org/springframework/vault/core/VaultWrappingTemplate.java
@@ -92,7 +92,7 @@ public VaultResponse read(VaultToken token) {
 
 		return doUnwrap(token, (restOperations, entity) -> {
 			return restOperations.exchange("sys/wrapping/unwrap", HttpMethod.POST, entity, VaultResponse.class)
-					.getBody();
+				.getBody();
 		});
 	}
 
@@ -156,8 +156,9 @@ public WrappedMetadata wrap(Object body, Duration duration) {
 			HttpHeaders headers = new HttpHeaders();
 			headers.add("X-Vault-Wrap-TTL", Long.toString(duration.getSeconds()));
 
-			return restOperations.exchange("sys/wrapping/wrap", HttpMethod.POST, new HttpEntity<>(body, headers),
-					VaultResponse.class).getBody();
+			return restOperations
+				.exchange("sys/wrapping/wrap", HttpMethod.POST, new HttpEntity<>(body, headers), VaultResponse.class)
+				.getBody();
 		});
 
 		Map<String, String> wrapInfo = response.getWrapInfo();
diff --git a/spring-vault-core/src/main/java/org/springframework/vault/core/lease/SecretLeaseContainer.java b/spring-vault-core/src/main/java/org/springframework/vault/core/lease/SecretLeaseContainer.java
index 7c46bb191..532f95e7f 100644
--- a/spring-vault-core/src/main/java/org/springframework/vault/core/lease/SecretLeaseContainer.java
+++ b/spring-vault-core/src/main/java/org/springframework/vault/core/lease/SecretLeaseContainer.java
@@ -123,7 +123,7 @@
 public class SecretLeaseContainer extends SecretLeaseEventPublisher implements InitializingBean, DisposableBean {
 
 	private static final AtomicIntegerFieldUpdater<SecretLeaseContainer> UPDATER = AtomicIntegerFieldUpdater
-			.newUpdater(SecretLeaseContainer.class, "status");
+		.newUpdater(SecretLeaseContainer.class, "status");
 
 	private static final AtomicInteger poolId = new AtomicInteger();
 
@@ -432,8 +432,8 @@ public void afterPropertiesSet() {
 
 				ThreadPoolTaskScheduler scheduler = new ThreadPoolTaskScheduler();
 				scheduler.setDaemon(true);
-				scheduler.setThreadNamePrefix(
-						String.format("%s-%d-", getClass().getSimpleName(), poolId.incrementAndGet()));
+				scheduler
+					.setThreadNamePrefix(String.format("%s-%d-", getClass().getSimpleName(), poolId.incrementAndGet()));
 				scheduler.afterPropertiesSet();
 
 				this.taskScheduler = scheduler;
@@ -923,7 +923,7 @@ private boolean isLeaseRotateOnly(Lease lease, RequestedSecret requestedSecret)
 	static class OneShotTrigger implements Trigger {
 
 		private static final AtomicIntegerFieldUpdater<OneShotTrigger> UPDATER = AtomicIntegerFieldUpdater
-				.newUpdater(OneShotTrigger.class, "status");
+			.newUpdater(OneShotTrigger.class, "status");
 
 		private static final int STATUS_ARMED = 0;
 
diff --git a/spring-vault-core/src/main/java/org/springframework/vault/repository/core/VaultKeyValueAdapter.java b/spring-vault-core/src/main/java/org/springframework/vault/repository/core/VaultKeyValueAdapter.java
index 507e59ec7..28daf04ac 100644
--- a/spring-vault-core/src/main/java/org/springframework/vault/repository/core/VaultKeyValueAdapter.java
+++ b/spring-vault-core/src/main/java/org/springframework/vault/repository/core/VaultKeyValueAdapter.java
@@ -263,7 +263,7 @@ private VaultKeyValueKeyspaceAccessor getAccessor(String keyspace) {
 			}
 
 			return new VaultKeyValue1KeyspaceAccessor(mountInfo, it, this.vaultOperations
-					.opsForKeyValue(mountInfo.getPath(), VaultKeyValueOperationsSupport.KeyValueBackend.KV_1));
+				.opsForKeyValue(mountInfo.getPath(), VaultKeyValueOperationsSupport.KeyValueBackend.KV_1));
 		});
 
 	}
@@ -402,7 +402,7 @@ SecretDocument put(SecretDocument secretDocument) {
 				Versioned.Metadata metadata;
 				if (secretDocument.getVersion() != null) {
 					metadata = operations.put(createPath(secretDocument.getRequiredId()), Versioned
-							.create(secretDocument.getBody(), Versioned.Version.from(secretDocument.getVersion())));
+						.create(secretDocument.getBody(), Versioned.Version.from(secretDocument.getVersion())));
 				}
 				else {
 					metadata = operations.put(createPath(secretDocument.getRequiredId()), secretDocument.getBody());
diff --git a/spring-vault-core/src/main/java/org/springframework/vault/repository/query/VaultQueryCreator.java b/spring-vault-core/src/main/java/org/springframework/vault/repository/query/VaultQueryCreator.java
index 683d13f02..4f7021f5b 100644
--- a/spring-vault-core/src/main/java/org/springframework/vault/repository/query/VaultQueryCreator.java
+++ b/spring-vault-core/src/main/java/org/springframework/vault/repository/query/VaultQueryCreator.java
@@ -75,7 +75,7 @@ protected VaultQuery and(Part part, VaultQuery base, Iterator<Object> parameters
 	private Predicate<String> createPredicate(Part part, Iterator<Object> parameters) {
 
 		PersistentPropertyPath<VaultPersistentProperty> propertyPath = this.mappingContext
-				.getPersistentPropertyPath(part.getProperty());
+			.getPersistentPropertyPath(part.getProperty());
 
 		if (propertyPath.getLeafProperty() != null && !propertyPath.getLeafProperty().isIdProperty()) {
 			throw new InvalidDataAccessApiUsageException(
@@ -100,47 +100,49 @@ private static Predicate<String> from(Part part, VariableAccessor accessor, Iter
 		Type type = part.getType();
 
 		switch (type) {
-		case AFTER:
-		case GREATER_THAN:
-			return new Criteria<>(accessor.nextString(parameters), (value, it) -> it.compareTo(value) > 0);
-		case GREATER_THAN_EQUAL:
-			return new Criteria<>(accessor.nextString(parameters), (value, it) -> it.compareTo(value) >= 0);
-		case BEFORE:
-		case LESS_THAN:
-			return new Criteria<>(accessor.nextString(parameters), (value, it) -> it.compareTo(value) < 0);
-		case LESS_THAN_EQUAL:
-			return new Criteria<>(accessor.nextString(parameters), (value, it) -> it.compareTo(value) <= 0);
-		case BETWEEN:
-
-			String from = accessor.nextString(parameters);
-			String to = accessor.nextString(parameters);
-
-			return it -> it.compareTo(from) >= 0 && it.compareTo(to) <= 0;
-		case NOT_IN:
-			return new Criteria<>(accessor.nextAsArray(parameters), (value, it) -> Arrays.binarySearch(value, it) < 0);
-		case IN:
-			return new Criteria<>(accessor.nextAsArray(parameters), (value, it) -> Arrays.binarySearch(value, it) >= 0);
-		case STARTING_WITH:
-			return new Criteria<>(accessor.nextString(parameters), (value, it) -> it.startsWith(value));
-		case ENDING_WITH:
-			return new Criteria<>(accessor.nextString(parameters), (value, it) -> it.endsWith(value));
-		case CONTAINING:
-			return new Criteria<>(accessor.nextString(parameters), (value, it) -> it.contains(value));
-		case NOT_CONTAINING:
-			return new Criteria<>(accessor.nextString(parameters), (value, it) -> !it.contains(value));
-		case REGEX:
-			return Pattern.compile((String) parameters.next(), isIgnoreCase(part) ? Pattern.CASE_INSENSITIVE : 0)
+			case AFTER:
+			case GREATER_THAN:
+				return new Criteria<>(accessor.nextString(parameters), (value, it) -> it.compareTo(value) > 0);
+			case GREATER_THAN_EQUAL:
+				return new Criteria<>(accessor.nextString(parameters), (value, it) -> it.compareTo(value) >= 0);
+			case BEFORE:
+			case LESS_THAN:
+				return new Criteria<>(accessor.nextString(parameters), (value, it) -> it.compareTo(value) < 0);
+			case LESS_THAN_EQUAL:
+				return new Criteria<>(accessor.nextString(parameters), (value, it) -> it.compareTo(value) <= 0);
+			case BETWEEN:
+
+				String from = accessor.nextString(parameters);
+				String to = accessor.nextString(parameters);
+
+				return it -> it.compareTo(from) >= 0 && it.compareTo(to) <= 0;
+			case NOT_IN:
+				return new Criteria<>(accessor.nextAsArray(parameters),
+						(value, it) -> Arrays.binarySearch(value, it) < 0);
+			case IN:
+				return new Criteria<>(accessor.nextAsArray(parameters),
+						(value, it) -> Arrays.binarySearch(value, it) >= 0);
+			case STARTING_WITH:
+				return new Criteria<>(accessor.nextString(parameters), (value, it) -> it.startsWith(value));
+			case ENDING_WITH:
+				return new Criteria<>(accessor.nextString(parameters), (value, it) -> it.endsWith(value));
+			case CONTAINING:
+				return new Criteria<>(accessor.nextString(parameters), (value, it) -> it.contains(value));
+			case NOT_CONTAINING:
+				return new Criteria<>(accessor.nextString(parameters), (value, it) -> !it.contains(value));
+			case REGEX:
+				return Pattern.compile((String) parameters.next(), isIgnoreCase(part) ? Pattern.CASE_INSENSITIVE : 0)
 					.asPredicate();
-		case TRUE:
-			return it -> it.equalsIgnoreCase("true");
-		case FALSE:
-			return it -> it.equalsIgnoreCase("false");
-		case SIMPLE_PROPERTY:
-			return new Criteria<>(accessor.nextString(parameters), (value, it) -> it.equals(value));
-		case NEGATING_SIMPLE_PROPERTY:
-			return new Criteria<>(accessor.nextString(parameters), (value, it) -> !it.equals(value));
-		default:
-			throw new IllegalArgumentException("Unsupported keyword!");
+			case TRUE:
+				return it -> it.equalsIgnoreCase("true");
+			case FALSE:
+				return it -> it.equalsIgnoreCase("false");
+			case SIMPLE_PROPERTY:
+				return new Criteria<>(accessor.nextString(parameters), (value, it) -> it.equals(value));
+			case NEGATING_SIMPLE_PROPERTY:
+				return new Criteria<>(accessor.nextString(parameters), (value, it) -> !it.equals(value));
+			default:
+				throw new IllegalArgumentException("Unsupported keyword!");
 		}
 	}
 
diff --git a/spring-vault-core/src/main/java/org/springframework/vault/repository/support/VaultRepositoryFactory.java b/spring-vault-core/src/main/java/org/springframework/vault/repository/support/VaultRepositoryFactory.java
index 01bc4a4fc..dc386cf2b 100644
--- a/spring-vault-core/src/main/java/org/springframework/vault/repository/support/VaultRepositoryFactory.java
+++ b/spring-vault-core/src/main/java/org/springframework/vault/repository/support/VaultRepositoryFactory.java
@@ -71,7 +71,7 @@ protected RepositoryComposition.RepositoryFragments getRepositoryFragments(Repos
 			VaultKeyValueTemplate template = (VaultKeyValueTemplate) operations;
 
 			VaultPersistentEntity<?> entity = (VaultPersistentEntity<?>) this.operations.getMappingContext()
-					.getRequiredPersistentEntity(metadata.getDomainType());
+				.getRequiredPersistentEntity(metadata.getDomainType());
 			EntityInformation<?, String> entityInformation = getEntityInformation(metadata.getDomainType());
 			VaultRevisionRepository<?> repository = new VaultRevisionRepository<>(entityInformation,
 					entity.getKeySpace(), template);
@@ -87,7 +87,7 @@ protected RepositoryComposition.RepositoryFragments getRepositoryFragments(Repos
 	public <T, ID> EntityInformation<T, ID> getEntityInformation(Class<T> domainClass) {
 
 		VaultPersistentEntity<T> entity = (VaultPersistentEntity<T>) this.operations.getMappingContext()
-				.getRequiredPersistentEntity(domainClass);
+			.getRequiredPersistentEntity(domainClass);
 
 		return new MappingVaultEntityInformation<>(entity);
 	}
diff --git a/spring-vault-core/src/main/java/org/springframework/vault/support/CertificateBundle.java b/spring-vault-core/src/main/java/org/springframework/vault/support/CertificateBundle.java
index 382b9034d..4485fa883 100644
--- a/spring-vault-core/src/main/java/org/springframework/vault/support/CertificateBundle.java
+++ b/spring-vault-core/src/main/java/org/springframework/vault/support/CertificateBundle.java
@@ -324,10 +324,10 @@ private static KeySpec getPrivateKey(byte[] privateKey, String keyType)
 			throws GeneralSecurityException, IOException {
 
 		switch (keyType.toLowerCase(Locale.ROOT)) {
-		case "rsa":
-			return KeyFactories.RSA_PRIVATE.getKey(privateKey);
-		case "ec":
-			return KeyFactories.EC.getKey(privateKey);
+			case "rsa":
+				return KeyFactories.RSA_PRIVATE.getKey(privateKey);
+			case "ec":
+				return KeyFactories.EC.getKey(privateKey);
 		}
 
 		throw new IllegalArgumentException(
diff --git a/spring-vault-core/src/main/java/org/springframework/vault/support/DerParser.java b/spring-vault-core/src/main/java/org/springframework/vault/support/DerParser.java
index 49e0b6f17..299a80857 100644
--- a/spring-vault-core/src/main/java/org/springframework/vault/support/DerParser.java
+++ b/spring-vault-core/src/main/java/org/springframework/vault/support/DerParser.java
@@ -318,32 +318,33 @@ String getString() throws IOException {
 
 			switch (this.type) {
 
-			// Not all are ISO-8859-1 but it's the closest thing
-			case NUMERIC_STRING:
-			case PRINTABLE_STRING:
-			case VIDEOTEX_STRING:
-			case IA5_STRING:
-			case GRAPHIC_STRING:
-			case ISO646_STRING:
-			case GENERAL_STRING:
-				encoding = "ISO-8859-1";
-				break;
-
-			case BMP_STRING:
-				encoding = "UTF-16BE";
-				break;
-
-			case UTF8_STRING:
-				encoding = "UTF-8";
-				break;
-
-			case UNIVERSAL_STRING:
-				throw new IllegalStateException("Invalid DER: can't handle UCS-4 string");
-
-			case OID:
-				return getObjectIdentifier(this.value);
-			default:
-				throw new IllegalStateException(String.format("Invalid DER: object (%d) is not a string", this.type));
+				// Not all are ISO-8859-1 but it's the closest thing
+				case NUMERIC_STRING:
+				case PRINTABLE_STRING:
+				case VIDEOTEX_STRING:
+				case IA5_STRING:
+				case GRAPHIC_STRING:
+				case ISO646_STRING:
+				case GENERAL_STRING:
+					encoding = "ISO-8859-1";
+					break;
+
+				case BMP_STRING:
+					encoding = "UTF-16BE";
+					break;
+
+				case UTF8_STRING:
+					encoding = "UTF-8";
+					break;
+
+				case UNIVERSAL_STRING:
+					throw new IllegalStateException("Invalid DER: can't handle UCS-4 string");
+
+				case OID:
+					return getObjectIdentifier(this.value);
+				default:
+					throw new IllegalStateException(
+							String.format("Invalid DER: object (%d) is not a string", this.type));
 			}
 
 			return new String(this.value, encoding);
diff --git a/spring-vault-core/src/main/java/org/springframework/vault/support/DurationParser.java b/spring-vault-core/src/main/java/org/springframework/vault/support/DurationParser.java
index 2c1de19c7..03141919e 100644
--- a/spring-vault-core/src/main/java/org/springframework/vault/support/DurationParser.java
+++ b/spring-vault-core/src/main/java/org/springframework/vault/support/DurationParser.java
@@ -67,30 +67,30 @@ public static Duration parseDuration(String duration) {
 			String typ = matcher.group(2);
 
 			switch (typ) {
-			case "ns":
-				result = result.plus(Duration.ofNanos(num));
-				break;
-			case "us":
-				result = result.plus(Duration.ofNanos(num * 1000));
-				break;
-			case "ms":
-				result = result.plus(Duration.ofMillis(num));
-				break;
-			case "s":
-				result = result.plus(Duration.ofSeconds(num));
-				break;
-			case "m":
-				result = result.plus(Duration.ofMinutes(num));
-				break;
-			case "h":
-				result = result.plus(Duration.ofHours(num));
-				break;
-			case "d":
-				result = result.plus(Duration.ofDays(num));
-				break;
-			case "w":
-				result = result.plus(Duration.ofDays(num * 7));
-				break;
+				case "ns":
+					result = result.plus(Duration.ofNanos(num));
+					break;
+				case "us":
+					result = result.plus(Duration.ofNanos(num * 1000));
+					break;
+				case "ms":
+					result = result.plus(Duration.ofMillis(num));
+					break;
+				case "s":
+					result = result.plus(Duration.ofSeconds(num));
+					break;
+				case "m":
+					result = result.plus(Duration.ofMinutes(num));
+					break;
+				case "h":
+					result = result.plus(Duration.ofHours(num));
+					break;
+				case "d":
+					result = result.plus(Duration.ofDays(num));
+					break;
+				case "w":
+					result = result.plus(Duration.ofDays(num * 7));
+					break;
 			}
 		}
 
diff --git a/spring-vault-core/src/main/java/org/springframework/vault/support/KeystoreUtil.java b/spring-vault-core/src/main/java/org/springframework/vault/support/KeystoreUtil.java
index 26a0e2eea..5dd61e196 100644
--- a/spring-vault-core/src/main/java/org/springframework/vault/support/KeystoreUtil.java
+++ b/spring-vault-core/src/main/java/org/springframework/vault/support/KeystoreUtil.java
@@ -137,8 +137,9 @@ static X509Certificate getCertificate(byte[] source) throws CertificateException
 
 		List<X509Certificate> certificates = getCertificates(CERTIFICATE_FACTORY, source);
 
-		return certificates.stream().findFirst()
-				.orElseThrow(() -> new IllegalArgumentException("No X509Certificate found"));
+		return certificates.stream()
+			.findFirst()
+			.orElseThrow(() -> new IllegalArgumentException("No X509Certificate found"));
 	}
 
 	static List<X509Certificate> getCertificates(byte[] source) throws CertificateException {
diff --git a/spring-vault-core/src/main/java/org/springframework/vault/support/PemObject.java b/spring-vault-core/src/main/java/org/springframework/vault/support/PemObject.java
index 3fe00f9d0..5f824ee21 100644
--- a/spring-vault-core/src/main/java/org/springframework/vault/support/PemObject.java
+++ b/spring-vault-core/src/main/java/org/springframework/vault/support/PemObject.java
@@ -79,8 +79,10 @@ public static boolean isPemEncoded(String content) {
 	 */
 	public static PemObject fromKey(String content) {
 
-		return parse(content).stream().filter(PemObject::isPrivateKey).findFirst()
-				.orElseThrow(() -> new IllegalArgumentException("Could not find a PKCS #8 private key"));
+		return parse(content).stream()
+			.filter(PemObject::isPrivateKey)
+			.findFirst()
+			.orElseThrow(() -> new IllegalArgumentException("Could not find a PKCS #8 private key"));
 	}
 
 	/**
@@ -276,14 +278,12 @@ byte[] getContent() {
 
 	enum PemObjectType {
 
-		CERTIFICATE_REQUEST("CERTIFICATE REQUEST"), NEW_CERTIFICATE_REQUEST("NEW CERTIFICATE REQUEST"), CERTIFICATE(
-				"CERTIFICATE"), TRUSTED_CERTIFICATE("TRUSTED CERTIFICATE"), X509_CERTIFICATE(
-						"X509 CERTIFICATE"), X509_CRL("X509 CRL"), PKCS7("PKCS7"), CMS("CMS"), ATTRIBUTE_CERTIFICATE(
-								"ATTRIBUTE CERTIFICATE"), EC_PARAMETERS(
-										"EC PARAMETERS"), PUBLIC_KEY("PUBLIC KEY"), RSA_PUBLIC_KEY(
-												"RSA PUBLIC KEY"), RSA_PRIVATE_KEY("RSA PRIVATE KEY"), EC_PRIVATE_KEY(
-														"EC PRIVATE KEY"), ENCRYPTED_PRIVATE_KEY(
-																"ENCRYPTED PRIVATE KEY"), PRIVATE_KEY("PRIVATE KEY");
+		CERTIFICATE_REQUEST("CERTIFICATE REQUEST"), NEW_CERTIFICATE_REQUEST("NEW CERTIFICATE REQUEST"),
+		CERTIFICATE("CERTIFICATE"), TRUSTED_CERTIFICATE("TRUSTED CERTIFICATE"), X509_CERTIFICATE("X509 CERTIFICATE"),
+		X509_CRL("X509 CRL"), PKCS7("PKCS7"), CMS("CMS"), ATTRIBUTE_CERTIFICATE("ATTRIBUTE CERTIFICATE"),
+		EC_PARAMETERS("EC PARAMETERS"), PUBLIC_KEY("PUBLIC KEY"), RSA_PUBLIC_KEY("RSA PUBLIC KEY"),
+		RSA_PRIVATE_KEY("RSA PRIVATE KEY"), EC_PRIVATE_KEY("EC PRIVATE KEY"),
+		ENCRYPTED_PRIVATE_KEY("ENCRYPTED PRIVATE KEY"), PRIVATE_KEY("PRIVATE KEY");
 
 		// cache
 		private static final PemObjectType[] constants = values();
diff --git a/spring-vault-core/src/main/java/org/springframework/vault/support/Policy.java b/spring-vault-core/src/main/java/org/springframework/vault/support/Policy.java
index b619e8e62..3f17d4134 100644
--- a/spring-vault-core/src/main/java/org/springframework/vault/support/Policy.java
+++ b/spring-vault-core/src/main/java/org/springframework/vault/support/Policy.java
@@ -481,14 +481,14 @@ public Rule build() {
 
 				List<Capability> capabilities;
 				switch (this.capabilities.size()) {
-				case 0:
-					capabilities = Collections.emptyList();
-					break;
-				case 1:
-					capabilities = Collections.singletonList(this.capabilities.iterator().next());
-					break;
-				default:
-					capabilities = Collections.unmodifiableList(new ArrayList<>(this.capabilities));
+					case 0:
+						capabilities = Collections.emptyList();
+						break;
+					case 1:
+						capabilities = Collections.singletonList(this.capabilities.iterator().next());
+						break;
+					default:
+						capabilities = Collections.unmodifiableList(new ArrayList<>(this.capabilities));
 				}
 
 				return new Rule(this.path, capabilities, this.minWrappingTtl, this.maxWrappingTtl,
diff --git a/spring-vault-core/src/main/java/org/springframework/vault/support/VaultCertificateRequest.java b/spring-vault-core/src/main/java/org/springframework/vault/support/VaultCertificateRequest.java
index 62f381040..fbf8eae4d 100644
--- a/spring-vault-core/src/main/java/org/springframework/vault/support/VaultCertificateRequest.java
+++ b/spring-vault-core/src/main/java/org/springframework/vault/support/VaultCertificateRequest.java
@@ -398,50 +398,51 @@ public VaultCertificateRequest build() {
 
 			List<String> altNames;
 			switch (this.altNames.size()) {
-			case 0:
-				altNames = java.util.Collections.emptyList();
-				break;
-			case 1:
-				altNames = java.util.Collections.singletonList(this.altNames.get(0));
-				break;
-			default:
-				altNames = java.util.Collections.unmodifiableList(new ArrayList<>(this.altNames));
+				case 0:
+					altNames = java.util.Collections.emptyList();
+					break;
+				case 1:
+					altNames = java.util.Collections.singletonList(this.altNames.get(0));
+					break;
+				default:
+					altNames = java.util.Collections.unmodifiableList(new ArrayList<>(this.altNames));
 			}
 
 			List<String> ipSubjectAltNames;
 			switch (this.ipSubjectAltNames.size()) {
-			case 0:
-				ipSubjectAltNames = java.util.Collections.emptyList();
-				break;
-			case 1:
-				ipSubjectAltNames = java.util.Collections.singletonList(this.ipSubjectAltNames.get(0));
-				break;
-			default:
-				ipSubjectAltNames = java.util.Collections.unmodifiableList(new ArrayList<>(this.ipSubjectAltNames));
+				case 0:
+					ipSubjectAltNames = java.util.Collections.emptyList();
+					break;
+				case 1:
+					ipSubjectAltNames = java.util.Collections.singletonList(this.ipSubjectAltNames.get(0));
+					break;
+				default:
+					ipSubjectAltNames = java.util.Collections.unmodifiableList(new ArrayList<>(this.ipSubjectAltNames));
 			}
 
 			List<String> uriSubjectAltNames;
 			switch (this.uriSubjectAltNames.size()) {
-			case 0:
-				uriSubjectAltNames = java.util.Collections.emptyList();
-				break;
-			case 1:
-				uriSubjectAltNames = java.util.Collections.singletonList(this.uriSubjectAltNames.get(0));
-				break;
-			default:
-				uriSubjectAltNames = java.util.Collections.unmodifiableList(new ArrayList<>(this.uriSubjectAltNames));
+				case 0:
+					uriSubjectAltNames = java.util.Collections.emptyList();
+					break;
+				case 1:
+					uriSubjectAltNames = java.util.Collections.singletonList(this.uriSubjectAltNames.get(0));
+					break;
+				default:
+					uriSubjectAltNames = java.util.Collections
+						.unmodifiableList(new ArrayList<>(this.uriSubjectAltNames));
 			}
 
 			List<String> otherSans;
 			switch (this.otherSans.size()) {
-			case 0:
-				otherSans = java.util.Collections.emptyList();
-				break;
-			case 1:
-				otherSans = java.util.Collections.singletonList(this.otherSans.get(0));
-				break;
-			default:
-				otherSans = java.util.Collections.unmodifiableList(new ArrayList<>(this.otherSans));
+				case 0:
+					otherSans = java.util.Collections.emptyList();
+					break;
+				case 1:
+					otherSans = java.util.Collections.singletonList(this.otherSans.get(0));
+					break;
+				default:
+					otherSans = java.util.Collections.unmodifiableList(new ArrayList<>(this.otherSans));
 			}
 
 			return new VaultCertificateRequest(this.commonName, altNames, ipSubjectAltNames, uriSubjectAltNames,
diff --git a/spring-vault-core/src/main/java/org/springframework/vault/support/VaultMetadataRequest.java b/spring-vault-core/src/main/java/org/springframework/vault/support/VaultMetadataRequest.java
index f83d08ccf..471ea6c63 100644
--- a/spring-vault-core/src/main/java/org/springframework/vault/support/VaultMetadataRequest.java
+++ b/spring-vault-core/src/main/java/org/springframework/vault/support/VaultMetadataRequest.java
@@ -45,7 +45,7 @@ private VaultMetadataRequest(int maxVersions, boolean casRequired, @Nullable Dur
 		this.maxVersions = maxVersions;
 		this.casRequired = casRequired;
 		this.deleteVersionAfter = DurationParser
-				.formatDuration(deleteVersionAfter != null ? deleteVersionAfter : Duration.ZERO);
+			.formatDuration(deleteVersionAfter != null ? deleteVersionAfter : Duration.ZERO);
 	}
 
 	public static VaultMetadataRequestBuilder builder() {
diff --git a/spring-vault-core/src/main/java/org/springframework/vault/support/VaultTokenRequest.java b/spring-vault-core/src/main/java/org/springframework/vault/support/VaultTokenRequest.java
index 986515ebd..4154d5bbb 100644
--- a/spring-vault-core/src/main/java/org/springframework/vault/support/VaultTokenRequest.java
+++ b/spring-vault-core/src/main/java/org/springframework/vault/support/VaultTokenRequest.java
@@ -406,23 +406,23 @@ public VaultTokenRequest build() {
 
 			List<String> policies;
 			switch (this.policies.size()) {
-			case 0:
-				policies = Collections.emptyList();
-				break;
-			case 1:
-				policies = Collections.singletonList(this.policies.get(0));
-				break;
-			default:
-				policies = Collections.unmodifiableList(new ArrayList<>(this.policies));
+				case 0:
+					policies = Collections.emptyList();
+					break;
+				case 1:
+					policies = Collections.singletonList(this.policies.get(0));
+					break;
+				default:
+					policies = Collections.unmodifiableList(new ArrayList<>(this.policies));
 
 			}
 			Map<String, String> meta;
 			switch (this.meta.size()) {
-			case 0:
-				meta = Collections.emptyMap();
-				break;
-			default:
-				meta = Collections.unmodifiableMap(new LinkedHashMap<>(this.meta));
+				case 0:
+					meta = Collections.emptyMap();
+					break;
+				default:
+					meta = Collections.unmodifiableMap(new LinkedHashMap<>(this.meta));
 			}
 
 			return new VaultTokenRequest(this.id, policies, meta, this.noParent, this.noDefaultPolicy, this.renewable,
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/annotation/LeaseAwareVaultPropertySourceIntegrationTests.java b/spring-vault-core/src/test/java/org/springframework/vault/annotation/LeaseAwareVaultPropertySourceIntegrationTests.java
index ca389a269..d04b39dab 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/annotation/LeaseAwareVaultPropertySourceIntegrationTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/annotation/LeaseAwareVaultPropertySourceIntegrationTests.java
@@ -89,7 +89,7 @@ void shouldFailIfPropertiesNotFound() {
 		}
 		catch (Exception e) {
 			assertThat(e).hasRootCauseInstanceOf(VaultPropertySourceNotFoundException.class)
-					.hasRootCauseMessage("Vault location [unknown] not resolvable");
+				.hasRootCauseMessage("Vault location [unknown] not resolvable");
 		}
 	}
 
@@ -103,7 +103,7 @@ void shouldFailIfRenewablePropertiesNotFound() {
 		}
 		catch (Exception e) {
 			assertThat(e).hasRootCauseInstanceOf(VaultPropertySourceNotFoundException.class)
-					.hasRootCauseMessage("Vault location [unknown] not resolvable");
+				.hasRootCauseMessage("Vault location [unknown] not resolvable");
 		}
 	}
 
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/authentication/AppIdAuthenticationIntegrationTests.java b/spring-vault-core/src/test/java/org/springframework/vault/authentication/AppIdAuthenticationIntegrationTests.java
index 42e52f20c..7eccf5be6 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/authentication/AppIdAuthenticationIntegrationTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/authentication/AppIdAuthenticationIntegrationTests.java
@@ -36,9 +36,10 @@ class AppIdAuthenticationIntegrationTests extends AppIdAuthenticationIntegration
 	@Test
 	void shouldLoginSuccessfully() {
 
-		AppIdAuthenticationOptions options = AppIdAuthenticationOptions.builder().appId("myapp") //
-				.userIdMechanism(new StaticUserId("static-userid-value")) //
-				.build();
+		AppIdAuthenticationOptions options = AppIdAuthenticationOptions.builder()
+			.appId("myapp") //
+			.userIdMechanism(new StaticUserId("static-userid-value")) //
+			.build();
 
 		RestTemplate restTemplate = TestRestTemplateFactory.create(Settings.createSslConfiguration());
 
@@ -51,14 +52,15 @@ void shouldLoginSuccessfully() {
 	@Test
 	void loginShouldFail() {
 
-		AppIdAuthenticationOptions options = AppIdAuthenticationOptions.builder().appId("wrong") //
-				.userIdMechanism(new StaticUserId("wrong")) //
-				.build();
+		AppIdAuthenticationOptions options = AppIdAuthenticationOptions.builder()
+			.appId("wrong") //
+			.userIdMechanism(new StaticUserId("wrong")) //
+			.build();
 
 		RestTemplate restTemplate = TestRestTemplateFactory.create(Settings.createSslConfiguration());
 
 		assertThatExceptionOfType(VaultException.class)
-				.isThrownBy(() -> new AppIdAuthentication(options, restTemplate).login());
+			.isThrownBy(() -> new AppIdAuthentication(options, restTemplate).login());
 
 	}
 
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/authentication/AppIdAuthenticationOperatorIntegrationTests.java b/spring-vault-core/src/test/java/org/springframework/vault/authentication/AppIdAuthenticationOperatorIntegrationTests.java
index 074c917a8..1ca090aa1 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/authentication/AppIdAuthenticationOperatorIntegrationTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/authentication/AppIdAuthenticationOperatorIntegrationTests.java
@@ -35,33 +35,35 @@ class AppIdAuthenticationOperatorIntegrationTests extends AppIdAuthenticationInt
 	@Test
 	void authenticationStepsShouldLoginSuccessfully() {
 
-		AppIdAuthenticationOptions options = AppIdAuthenticationOptions.builder().appId("myapp") //
-				.userIdMechanism(new StaticUserId("static-userid-value")) //
-				.build();
+		AppIdAuthenticationOptions options = AppIdAuthenticationOptions.builder()
+			.appId("myapp") //
+			.userIdMechanism(new StaticUserId("static-userid-value")) //
+			.build();
 
 		AuthenticationStepsOperator supplier = new AuthenticationStepsOperator(
 				AppIdAuthentication.createAuthenticationSteps(options), this.webClient);
 
 		supplier.getVaultToken() //
-				.as(StepVerifier::create) //
-				.expectNextCount(1) //
-				.verifyComplete();
+			.as(StepVerifier::create) //
+			.expectNextCount(1) //
+			.verifyComplete();
 	}
 
 	@Test
 	void authenticationStepsLoginShouldFail() {
 
-		AppIdAuthenticationOptions options = AppIdAuthenticationOptions.builder().appId("wrong") //
-				.userIdMechanism(new StaticUserId("wrong")) //
-				.build();
+		AppIdAuthenticationOptions options = AppIdAuthenticationOptions.builder()
+			.appId("wrong") //
+			.userIdMechanism(new StaticUserId("wrong")) //
+			.build();
 
 		AuthenticationStepsOperator supplier = new AuthenticationStepsOperator(
 				AppIdAuthentication.createAuthenticationSteps(options), this.webClient);
 
 		supplier.getVaultToken() //
-				.as(StepVerifier::create) //
-				.expectError() //
-				.verify();
+			.as(StepVerifier::create) //
+			.expectError() //
+			.verify();
 	}
 
 }
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/authentication/AppIdAuthenticationStepsIntegrationTests.java b/spring-vault-core/src/test/java/org/springframework/vault/authentication/AppIdAuthenticationStepsIntegrationTests.java
index eb1ab82b8..cf5c8b61c 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/authentication/AppIdAuthenticationStepsIntegrationTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/authentication/AppIdAuthenticationStepsIntegrationTests.java
@@ -37,9 +37,10 @@ class AppIdAuthenticationStepsIntegrationTests extends AppIdAuthenticationIntegr
 	@Test
 	void authenticationStepsShouldLoginSuccessfully() {
 
-		AppIdAuthenticationOptions options = AppIdAuthenticationOptions.builder().appId("myapp") //
-				.userIdMechanism(new StaticUserId("static-userid-value")) //
-				.build();
+		AppIdAuthenticationOptions options = AppIdAuthenticationOptions.builder()
+			.appId("myapp") //
+			.userIdMechanism(new StaticUserId("static-userid-value")) //
+			.build();
 
 		RestTemplate restTemplate = TestRestTemplateFactory.create(Settings.createSslConfiguration());
 
@@ -54,9 +55,10 @@ void authenticationStepsShouldLoginSuccessfully() {
 	@Test
 	void authenticationStepsLoginShouldFail() {
 
-		AppIdAuthenticationOptions options = AppIdAuthenticationOptions.builder().appId("wrong") //
-				.userIdMechanism(new StaticUserId("wrong")) //
-				.build();
+		AppIdAuthenticationOptions options = AppIdAuthenticationOptions.builder()
+			.appId("wrong") //
+			.userIdMechanism(new StaticUserId("wrong")) //
+			.build();
 
 		RestTemplate restTemplate = TestRestTemplateFactory.create(Settings.createSslConfiguration());
 
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/authentication/AppIdAuthenticationUnitTests.java b/spring-vault-core/src/test/java/org/springframework/vault/authentication/AppIdAuthenticationUnitTests.java
index 40676831c..e53e721ab 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/authentication/AppIdAuthenticationUnitTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/authentication/AppIdAuthenticationUnitTests.java
@@ -57,14 +57,17 @@ void before() {
 	@Test
 	void loginShouldObtainTokenWithStaticUserId() {
 
-		AppIdAuthenticationOptions options = AppIdAuthenticationOptions.builder().appId("hello") //
-				.userIdMechanism(new StaticUserId("world")) //
-				.build();
-
-		this.mockRest.expect(requestTo("/auth/app-id/login")).andExpect(method(HttpMethod.POST))
-				.andExpect(jsonPath("$.app_id").value("hello")).andExpect(jsonPath("$.user_id").value("world"))
-				.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON)
-						.body("{" + "\"auth\":{\"client_token\":\"my-token\"}" + "}"));
+		AppIdAuthenticationOptions options = AppIdAuthenticationOptions.builder()
+			.appId("hello") //
+			.userIdMechanism(new StaticUserId("world")) //
+			.build();
+
+		this.mockRest.expect(requestTo("/auth/app-id/login"))
+			.andExpect(method(HttpMethod.POST))
+			.andExpect(jsonPath("$.app_id").value("hello"))
+			.andExpect(jsonPath("$.user_id").value("world"))
+			.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON)
+				.body("{" + "\"auth\":{\"client_token\":\"my-token\"}" + "}"));
 
 		AppIdAuthentication authentication = new AppIdAuthentication(options, this.restTemplate);
 
@@ -76,15 +79,16 @@ void loginShouldObtainTokenWithStaticUserId() {
 	@Test
 	void loginShouldFail() {
 
-		AppIdAuthenticationOptions options = AppIdAuthenticationOptions.builder().appId("hello") //
-				.userIdMechanism(new StaticUserId("world")) //
-				.build();
+		AppIdAuthenticationOptions options = AppIdAuthenticationOptions.builder()
+			.appId("hello") //
+			.userIdMechanism(new StaticUserId("world")) //
+			.build();
 
 		this.mockRest.expect(requestTo("/auth/app-id/login")) //
-				.andRespond(withServerError());
+			.andRespond(withServerError());
 
 		assertThatExceptionOfType(VaultException.class)
-				.isThrownBy(() -> new AppIdAuthentication(options, this.restTemplate).login());
+			.isThrownBy(() -> new AppIdAuthentication(options, this.restTemplate).login());
 	}
 
 }
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/authentication/AppRoleAuthenticationIntegrationTestBase.java b/spring-vault-core/src/test/java/org/springframework/vault/authentication/AppRoleAuthenticationIntegrationTestBase.java
index 986910ab5..8409b8afd 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/authentication/AppRoleAuthenticationIntegrationTestBase.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/authentication/AppRoleAuthenticationIntegrationTestBase.java
@@ -79,7 +79,8 @@ VaultOperations getVaultOperations() {
 
 	String getRoleId(String roleName) {
 		return (String) getVaultOperations().read(String.format("auth/approle/role/%s/role-id", roleName))
-				.getRequiredData().get("role_id");
+			.getRequiredData()
+			.get("role_id");
 	}
 
 	VaultToken generateWrappedSecretIdResponse() {
@@ -88,8 +89,9 @@ VaultToken generateWrappedSecretIdResponse() {
 
 			HttpEntity<String> httpEntity = getWrappingHeaders();
 
-			VaultResponse response = restOperations.exchange("auth/approle/role/with-secret-id/secret-id",
-					HttpMethod.PUT, httpEntity, VaultResponse.class).getBody();
+			VaultResponse response = restOperations
+				.exchange("auth/approle/role/with-secret-id/secret-id", HttpMethod.PUT, httpEntity, VaultResponse.class)
+				.getBody();
 
 			return VaultToken.of(response.getWrapInfo().get("token"));
 		});
@@ -101,8 +103,9 @@ VaultToken generateWrappedRoleIdResponse() {
 
 			HttpEntity<String> httpEntity = getWrappingHeaders();
 
-			VaultResponse response = restOperations.exchange("auth/approle/role/with-secret-id/role-id", HttpMethod.GET,
-					httpEntity, VaultResponse.class).getBody();
+			VaultResponse response = restOperations
+				.exchange("auth/approle/role/with-secret-id/role-id", HttpMethod.GET, httpEntity, VaultResponse.class)
+				.getBody();
 
 			return VaultToken.of(response.getWrapInfo().get("token"));
 		});
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/authentication/AppRoleAuthenticationIntegrationTests.java b/spring-vault-core/src/test/java/org/springframework/vault/authentication/AppRoleAuthenticationIntegrationTests.java
index f4009668c..488b2d342 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/authentication/AppRoleAuthenticationIntegrationTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/authentication/AppRoleAuthenticationIntegrationTests.java
@@ -41,8 +41,9 @@ class AppRoleAuthenticationIntegrationTests extends AppRoleAuthenticationIntegra
 	void shouldAuthenticateWithRoleIdOnly() {
 
 		String roleId = getRoleId("no-secret-id");
-		AppRoleAuthenticationOptions options = AppRoleAuthenticationOptions.builder().roleId(RoleId.provided(roleId))
-				.build();
+		AppRoleAuthenticationOptions options = AppRoleAuthenticationOptions.builder()
+			.roleId(RoleId.provided(roleId))
+			.build();
 		AppRoleAuthentication authentication = new AppRoleAuthentication(options, prepare().getRestTemplate());
 
 		assertThat(authentication.login()).isNotNull();
@@ -51,8 +52,11 @@ void shouldAuthenticateWithRoleIdOnly() {
 	@Test
 	void shouldAuthenticateWithFullPullMode() {
 
-		AppRoleAuthenticationOptions options = AppRoleAuthenticationOptions.builder().appRole("with-secret-id")
-				.roleId(RoleId.pull(Settings.token())).secretId(SecretId.pull(Settings.token())).build();
+		AppRoleAuthenticationOptions options = AppRoleAuthenticationOptions.builder()
+			.appRole("with-secret-id")
+			.roleId(RoleId.pull(Settings.token()))
+			.secretId(SecretId.pull(Settings.token()))
+			.build();
 		AppRoleAuthentication authentication = new AppRoleAuthentication(options, prepare().getRestTemplate());
 
 		assertThat(authentication.login()).isNotNull();
@@ -62,8 +66,10 @@ void shouldAuthenticateWithFullPullMode() {
 	void shouldAuthenticateWithPullMode() {
 
 		AppRoleAuthenticationOptions options = AppRoleAuthenticationOptions.builder()
-				.roleId(RoleId.provided(getRoleId("with-secret-id"))).appRole("with-secret-id")
-				.secretId(SecretId.pull(Settings.token())).build();
+			.roleId(RoleId.provided(getRoleId("with-secret-id")))
+			.appRole("with-secret-id")
+			.secretId(SecretId.pull(Settings.token()))
+			.build();
 		AppRoleAuthentication authentication = new AppRoleAuthentication(options, prepare().getRestTemplate());
 
 		assertThat(authentication.login()).isNotNull();
@@ -74,11 +80,14 @@ void shouldAuthenticatePullModeWithGeneratedSecretId() {
 
 		String roleId = getRoleId("with-secret-id");
 		String secretId = (String) getVaultOperations()
-				.write(String.format("auth/approle/role/%s/secret-id", "with-secret-id"), null).getRequiredData()
-				.get("secret_id");
+			.write(String.format("auth/approle/role/%s/secret-id", "with-secret-id"), null)
+			.getRequiredData()
+			.get("secret_id");
 
-		AppRoleAuthenticationOptions options = AppRoleAuthenticationOptions.builder().roleId(RoleId.provided(roleId))
-				.secretId(SecretId.provided(secretId)).build();
+		AppRoleAuthenticationOptions options = AppRoleAuthenticationOptions.builder()
+			.roleId(RoleId.provided(roleId))
+			.secretId(SecretId.provided(secretId))
+			.build();
 		AppRoleAuthentication authentication = new AppRoleAuthentication(options, prepare().getRestTemplate());
 
 		assertThat(authentication.login()).isNotNull();
@@ -91,8 +100,10 @@ void shouldAuthenticateWithWrappedSecretId() {
 		VaultToken unwrappingToken = generateWrappedSecretIdResponse();
 
 		AppRoleAuthenticationOptions options = AppRoleAuthenticationOptions.builder()
-				.secretId(SecretId.wrapped(unwrappingToken)).roleId(RoleId.provided(roleId))
-				.unwrappingEndpoints(getUnwrappingEndpoints()).build();
+			.secretId(SecretId.wrapped(unwrappingToken))
+			.roleId(RoleId.provided(roleId))
+			.unwrappingEndpoints(getUnwrappingEndpoints())
+			.build();
 
 		AppRoleAuthentication authentication = new AppRoleAuthentication(options, prepare().getRestTemplate());
 
@@ -106,8 +117,10 @@ void shouldAuthenticateWithWrappedRoleIdAndSecretId() {
 		VaultToken roleIdToken = generateWrappedRoleIdResponse();
 
 		AppRoleAuthenticationOptions options = AppRoleAuthenticationOptions.builder()
-				.secretId(SecretId.wrapped(secretIdToken)).roleId(RoleId.wrapped(roleIdToken))
-				.unwrappingEndpoints(getUnwrappingEndpoints()).build();
+			.secretId(SecretId.wrapped(secretIdToken))
+			.roleId(RoleId.wrapped(roleIdToken))
+			.unwrappingEndpoints(getUnwrappingEndpoints())
+			.build();
 
 		AppRoleAuthentication authentication = new AppRoleAuthentication(options, prepare().getRestTemplate());
 
@@ -121,8 +134,10 @@ void shouldAuthenticateWithWrappedSecretIdFailIfUnwrappingTokenExpired() {
 		String unwrappingToken = "incorrect-unwrapping-token";
 
 		AppRoleAuthenticationOptions options = AppRoleAuthenticationOptions.builder()
-				.secretId(SecretId.wrapped(VaultToken.of(unwrappingToken))).roleId(RoleId.provided(roleId))
-				.unwrappingEndpoints(getUnwrappingEndpoints()).build();
+			.secretId(SecretId.wrapped(VaultToken.of(unwrappingToken)))
+			.roleId(RoleId.provided(roleId))
+			.unwrappingEndpoints(getUnwrappingEndpoints())
+			.build();
 
 		AppRoleAuthentication authentication = new AppRoleAuthentication(options, prepare().getRestTemplate());
 
@@ -134,8 +149,9 @@ void shouldAuthenticatePullModeFailsWithoutSecretId() {
 
 		String roleId = getRoleId("with-secret-id");
 
-		AppRoleAuthenticationOptions options = AppRoleAuthenticationOptions.builder().roleId(RoleId.provided(roleId))
-				.build();
+		AppRoleAuthenticationOptions options = AppRoleAuthenticationOptions.builder()
+			.roleId(RoleId.provided(roleId))
+			.build();
 		AppRoleAuthentication authentication = new AppRoleAuthentication(options, prepare().getRestTemplate());
 
 		assertThatExceptionOfType(VaultException.class).isThrownBy(authentication::login);
@@ -146,8 +162,10 @@ void shouldAuthenticatePullModeFailsWithWrongSecretId() {
 
 		String roleId = getRoleId("with-secret-id");
 
-		AppRoleAuthenticationOptions options = AppRoleAuthenticationOptions.builder().roleId(RoleId.provided(roleId))
-				.secretId(SecretId.provided("this-is-a-wrong-secret-id")).build();
+		AppRoleAuthenticationOptions options = AppRoleAuthenticationOptions.builder()
+			.roleId(RoleId.provided(roleId))
+			.secretId(SecretId.provided("this-is-a-wrong-secret-id"))
+			.build();
 		AppRoleAuthentication authentication = new AppRoleAuthentication(options, prepare().getRestTemplate());
 
 		assertThatExceptionOfType(VaultException.class).isThrownBy(authentication::login);
@@ -162,8 +180,10 @@ void shouldAuthenticatePushModeWithProvidedSecretId() {
 		VaultResponse customSecretIdResponse = getVaultOperations().write(
 				"auth/approle/role/with-secret-id/custom-secret-id", Collections.singletonMap("secret_id", secretId));
 
-		AppRoleAuthenticationOptions options = AppRoleAuthenticationOptions.builder().roleId(RoleId.provided(roleId))
-				.secretId(SecretId.provided(secretId)).build();
+		AppRoleAuthenticationOptions options = AppRoleAuthenticationOptions.builder()
+			.roleId(RoleId.provided(roleId))
+			.secretId(SecretId.provided(secretId))
+			.build();
 		AppRoleAuthentication authentication = new AppRoleAuthentication(options, prepare().getRestTemplate());
 
 		assertThat(authentication.login()).isNotNull();
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/authentication/AppRoleAuthenticationStepsIntegrationTests.java b/spring-vault-core/src/test/java/org/springframework/vault/authentication/AppRoleAuthenticationStepsIntegrationTests.java
index 68615612e..5b9086192 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/authentication/AppRoleAuthenticationStepsIntegrationTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/authentication/AppRoleAuthenticationStepsIntegrationTests.java
@@ -42,8 +42,9 @@ class AppRoleAuthenticationStepsIntegrationTests extends AppRoleAuthenticationIn
 	void shouldAuthenticateWithRoleIdOnly() {
 
 		String roleId = getRoleId("no-secret-id");
-		AppRoleAuthenticationOptions options = AppRoleAuthenticationOptions.builder().roleId(RoleId.provided(roleId))
-				.build();
+		AppRoleAuthenticationOptions options = AppRoleAuthenticationOptions.builder()
+			.roleId(RoleId.provided(roleId))
+			.build();
 
 		AuthenticationStepsExecutor executor = new AuthenticationStepsExecutor(
 				AppRoleAuthentication.createAuthenticationSteps(options), prepare().getRestTemplate());
@@ -58,8 +59,10 @@ void authenticationStepsShouldAuthenticateWithWrappedSecretId() {
 		VaultToken unwrappingToken = generateWrappedSecretIdResponse();
 
 		AppRoleAuthenticationOptions options = AppRoleAuthenticationOptions.builder()
-				.secretId(SecretId.wrapped(unwrappingToken)).roleId(RoleId.provided(roleId))
-				.unwrappingEndpoints(getUnwrappingEndpoints()).build();
+			.secretId(SecretId.wrapped(unwrappingToken))
+			.roleId(RoleId.provided(roleId))
+			.unwrappingEndpoints(getUnwrappingEndpoints())
+			.build();
 
 		AuthenticationStepsExecutor executor = new AuthenticationStepsExecutor(
 				AppRoleAuthentication.createAuthenticationSteps(options), prepare().getRestTemplate());
@@ -71,14 +74,17 @@ void authenticationStepsShouldAuthenticateWithWrappedSecretId() {
 	void authenticationStepsShouldAuthenticateWithWrappedRoleId() {
 
 		String secretId = (String) getVaultOperations()
-				.write(String.format("auth/approle/role/%s/secret-id", "with-secret-id"), null).getRequiredData()
-				.get("secret_id");
+			.write(String.format("auth/approle/role/%s/secret-id", "with-secret-id"), null)
+			.getRequiredData()
+			.get("secret_id");
 
 		VaultToken roleIdToken = generateWrappedRoleIdResponse();
 
 		AppRoleAuthenticationOptions options = AppRoleAuthenticationOptions.builder()
-				.secretId(SecretId.provided(secretId)).roleId(RoleId.wrapped(roleIdToken))
-				.unwrappingEndpoints(getUnwrappingEndpoints()).build();
+			.secretId(SecretId.provided(secretId))
+			.roleId(RoleId.wrapped(roleIdToken))
+			.unwrappingEndpoints(getUnwrappingEndpoints())
+			.build();
 
 		AuthenticationStepsExecutor executor = new AuthenticationStepsExecutor(
 				AppRoleAuthentication.createAuthenticationSteps(options), prepare().getRestTemplate());
@@ -89,8 +95,11 @@ void authenticationStepsShouldAuthenticateWithWrappedRoleId() {
 	@Test
 	void shouldAuthenticateWithFullPullMode() {
 
-		AppRoleAuthenticationOptions options = AppRoleAuthenticationOptions.builder().appRole("with-secret-id")
-				.roleId(RoleId.pull(Settings.token())).secretId(SecretId.pull(Settings.token())).build();
+		AppRoleAuthenticationOptions options = AppRoleAuthenticationOptions.builder()
+			.appRole("with-secret-id")
+			.roleId(RoleId.pull(Settings.token()))
+			.secretId(SecretId.pull(Settings.token()))
+			.build();
 
 		AuthenticationStepsExecutor executor = new AuthenticationStepsExecutor(
 				AppRoleAuthentication.createAuthenticationSteps(options), prepare().getRestTemplate());
@@ -103,8 +112,11 @@ void authenticationStepsShouldAuthenticateWithPullSecretId() {
 
 		String roleId = getRoleId("with-secret-id");
 
-		AppRoleAuthenticationOptions options = AppRoleAuthenticationOptions.builder().appRole("with-secret-id")
-				.secretId(SecretId.pull(Settings.token())).roleId(RoleId.provided(roleId)).build();
+		AppRoleAuthenticationOptions options = AppRoleAuthenticationOptions.builder()
+			.appRole("with-secret-id")
+			.secretId(SecretId.pull(Settings.token()))
+			.roleId(RoleId.provided(roleId))
+			.build();
 
 		AuthenticationStepsExecutor executor = new AuthenticationStepsExecutor(
 				AppRoleAuthentication.createAuthenticationSteps(options), prepare().getRestTemplate());
@@ -116,12 +128,15 @@ void authenticationStepsShouldAuthenticateWithPullSecretId() {
 	void authenticationStepsShouldAuthenticateWithPullRoleId() {
 
 		String secretId = (String) getVaultOperations()
-				.write(String.format("auth/approle/role/%s/secret-id", "with-secret-id"), null).getRequiredData()
-				.get("secret_id");
+			.write(String.format("auth/approle/role/%s/secret-id", "with-secret-id"), null)
+			.getRequiredData()
+			.get("secret_id");
 
 		AppRoleAuthenticationOptions options = AppRoleAuthenticationOptions.builder()
-				.secretId(SecretId.provided(secretId)).appRole("with-secret-id").roleId(RoleId.pull(Settings.token()))
-				.build();
+			.secretId(SecretId.provided(secretId))
+			.appRole("with-secret-id")
+			.roleId(RoleId.pull(Settings.token()))
+			.build();
 
 		AuthenticationStepsExecutor executor = new AuthenticationStepsExecutor(
 				AppRoleAuthentication.createAuthenticationSteps(options), prepare().getRestTemplate());
@@ -134,8 +149,10 @@ void authenticationStepsShouldAuthenticatePullModeFailsWithWrongSecretId() {
 
 		String roleId = getRoleId("with-secret-id");
 
-		AppRoleAuthenticationOptions options = AppRoleAuthenticationOptions.builder().roleId(RoleId.provided(roleId))
-				.secretId(SecretId.provided("this-is-a-wrong-secret-id")).build();
+		AppRoleAuthenticationOptions options = AppRoleAuthenticationOptions.builder()
+			.roleId(RoleId.provided(roleId))
+			.secretId(SecretId.provided("this-is-a-wrong-secret-id"))
+			.build();
 
 		AuthenticationStepsExecutor executor = new AuthenticationStepsExecutor(
 				AppRoleAuthentication.createAuthenticationSteps(options), prepare().getRestTemplate());
@@ -152,8 +169,10 @@ void authenticationStepsShouldAuthenticatePushModeWithProvidedSecretId() {
 		VaultResponse customSecretIdResponse = getVaultOperations().write(
 				"auth/approle/role/with-secret-id/custom-secret-id", Collections.singletonMap("secret_id", secretId));
 
-		AppRoleAuthenticationOptions options = AppRoleAuthenticationOptions.builder().roleId(RoleId.provided(roleId))
-				.secretId(SecretId.provided(secretId)).build();
+		AppRoleAuthenticationOptions options = AppRoleAuthenticationOptions.builder()
+			.roleId(RoleId.provided(roleId))
+			.secretId(SecretId.provided(secretId))
+			.build();
 
 		AuthenticationStepsExecutor executor = new AuthenticationStepsExecutor(
 				AppRoleAuthentication.createAuthenticationSteps(options), prepare().getRestTemplate());
@@ -169,8 +188,11 @@ void authenticationStepsShouldAuthenticatePushMode() {
 
 		String roleId = getRoleId("with-secret-id");
 
-		AppRoleAuthenticationOptions options = AppRoleAuthenticationOptions.builder().roleId(RoleId.provided(roleId))
-				.appRole("with-secret-id").secretId(SecretId.pull(Settings.token())).build();
+		AppRoleAuthenticationOptions options = AppRoleAuthenticationOptions.builder()
+			.roleId(RoleId.provided(roleId))
+			.appRole("with-secret-id")
+			.secretId(SecretId.pull(Settings.token()))
+			.build();
 
 		AuthenticationStepsExecutor executor = new AuthenticationStepsExecutor(
 				AppRoleAuthentication.createAuthenticationSteps(options), prepare().getRestTemplate());
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/authentication/AppRoleAuthenticationUnitTests.java b/spring-vault-core/src/test/java/org/springframework/vault/authentication/AppRoleAuthenticationUnitTests.java
index 8089f1d5a..d38889c64 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/authentication/AppRoleAuthenticationUnitTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/authentication/AppRoleAuthenticationUnitTests.java
@@ -70,14 +70,17 @@ void before() {
 	@Test
 	void loginShouldObtainToken() {
 
-		AppRoleAuthenticationOptions options = AppRoleAuthenticationOptions.builder().roleId(RoleId.provided("hello")) //
-				.secretId(SecretId.provided("world")) //
-				.build();
+		AppRoleAuthenticationOptions options = AppRoleAuthenticationOptions.builder()
+			.roleId(RoleId.provided("hello")) //
+			.secretId(SecretId.provided("world")) //
+			.build();
 
-		this.mockRest.expect(requestTo("/auth/approle/login")).andExpect(method(HttpMethod.POST))
-				.andExpect(jsonPath("$.role_id").value("hello")).andExpect(jsonPath("$.secret_id").value("world"))
-				.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON)
-						.body("{" + "\"auth\":{\"client_token\":\"my-token\"}" + "}"));
+		this.mockRest.expect(requestTo("/auth/approle/login"))
+			.andExpect(method(HttpMethod.POST))
+			.andExpect(jsonPath("$.role_id").value("hello"))
+			.andExpect(jsonPath("$.secret_id").value("world"))
+			.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON)
+				.body("{" + "\"auth\":{\"client_token\":\"my-token\"}" + "}"));
 
 		AppRoleAuthentication sut = new AppRoleAuthentication(options, this.restTemplate);
 
@@ -90,22 +93,30 @@ void loginShouldObtainToken() {
 	@Test
 	void loginShouldPullRoleIdAndSecretId() {
 
-		AppRoleAuthenticationOptions options = AppRoleAuthenticationOptions.builder().appRole("app_role")
-				.roleId(RoleId.pull(VaultToken.of("initial_token")))
-				.secretId(SecretId.pull(VaultToken.of("initial_token"))).build();
-
-		this.mockRest.expect(requestTo("/auth/approle/role/app_role/role-id")).andExpect(method(HttpMethod.GET))
-				.andExpect(header("X-Vault-token", "initial_token")).andRespond(withSuccess()
-						.contentType(MediaType.APPLICATION_JSON).body("{\"data\": {\"role_id\": \"hello\"}}"));
-
-		this.mockRest.expect(requestTo("/auth/approle/role/app_role/secret-id")).andExpect(method(HttpMethod.POST))
-				.andExpect(header("X-Vault-token", "initial_token")).andRespond(withSuccess()
-						.contentType(MediaType.APPLICATION_JSON).body("{\"data\": {\"secret_id\": \"world\"}}"));
-
-		this.mockRest.expect(requestTo("/auth/approle/login")).andExpect(method(HttpMethod.POST))
-				.andExpect(jsonPath("$.role_id").value("hello")).andExpect(jsonPath("$.secret_id").value("world"))
-				.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON)
-						.body("{" + "\"auth\":{\"client_token\":\"my-token\"}" + "}"));
+		AppRoleAuthenticationOptions options = AppRoleAuthenticationOptions.builder()
+			.appRole("app_role")
+			.roleId(RoleId.pull(VaultToken.of("initial_token")))
+			.secretId(SecretId.pull(VaultToken.of("initial_token")))
+			.build();
+
+		this.mockRest.expect(requestTo("/auth/approle/role/app_role/role-id"))
+			.andExpect(method(HttpMethod.GET))
+			.andExpect(header("X-Vault-token", "initial_token"))
+			.andRespond(
+					withSuccess().contentType(MediaType.APPLICATION_JSON).body("{\"data\": {\"role_id\": \"hello\"}}"));
+
+		this.mockRest.expect(requestTo("/auth/approle/role/app_role/secret-id"))
+			.andExpect(method(HttpMethod.POST))
+			.andExpect(header("X-Vault-token", "initial_token"))
+			.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON)
+				.body("{\"data\": {\"secret_id\": \"world\"}}"));
+
+		this.mockRest.expect(requestTo("/auth/approle/login"))
+			.andExpect(method(HttpMethod.POST))
+			.andExpect(jsonPath("$.role_id").value("hello"))
+			.andExpect(jsonPath("$.secret_id").value("world"))
+			.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON)
+				.body("{" + "\"auth\":{\"client_token\":\"my-token\"}" + "}"));
 
 		AppRoleAuthentication sut = new AppRoleAuthentication(options, this.restTemplate);
 
@@ -123,20 +134,23 @@ void optionsShouldRequireTokenOrRoleIdIfNothingIsSet() {
 	@Test
 	void optionsShouldRequireTokenOrRoleIdIfAppRoleIdIsSet() {
 		assertThatIllegalArgumentException()
-				.isThrownBy(() -> AppRoleAuthenticationOptions.builder().appRole("app_role").build());
+			.isThrownBy(() -> AppRoleAuthenticationOptions.builder().appRole("app_role").build());
 	}
 
 	@Test
 	void loginShouldObtainTokenWithoutSecretId() {
 
-		AppRoleAuthenticationOptions options = AppRoleAuthenticationOptions.builder().roleId(RoleId.provided("hello")) //
-				.build();
+		AppRoleAuthenticationOptions options = AppRoleAuthenticationOptions.builder()
+			.roleId(RoleId.provided("hello")) //
+			.build();
 
-		this.mockRest.expect(requestTo("/auth/approle/login")).andExpect(method(HttpMethod.POST))
-				.andExpect(jsonPath("$.role_id").value("hello")).andExpect(jsonPath("$.secret_id").doesNotExist())
-				.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON).body(
-						"{" + "\"auth\":{\"client_token\":\"my-token\", \"lease_duration\": 10, \"renewable\": true}"
-								+ "}"));
+		this.mockRest.expect(requestTo("/auth/approle/login"))
+			.andExpect(method(HttpMethod.POST))
+			.andExpect(jsonPath("$.role_id").value("hello"))
+			.andExpect(jsonPath("$.secret_id").doesNotExist())
+			.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON)
+				.body("{" + "\"auth\":{\"client_token\":\"my-token\", \"lease_duration\": 10, \"renewable\": true}"
+						+ "}"));
 
 		AppRoleAuthentication sut = new AppRoleAuthentication(options, this.restTemplate);
 
@@ -151,22 +165,25 @@ void loginShouldObtainTokenWithoutSecretId() {
 	@Test
 	void loginShouldFail() {
 
-		AppRoleAuthenticationOptions options = AppRoleAuthenticationOptions.builder().roleId(RoleId.provided("hello")) //
-				.build();
+		AppRoleAuthenticationOptions options = AppRoleAuthenticationOptions.builder()
+			.roleId(RoleId.provided("hello")) //
+			.build();
 
 		this.mockRest.expect(requestTo("/auth/approle/login")) //
-				.andRespond(withServerError());
+			.andRespond(withServerError());
 
 		assertThatExceptionOfType(VaultException.class)
-				.isThrownBy(() -> new AppRoleAuthentication(options, this.restTemplate).login());
+			.isThrownBy(() -> new AppRoleAuthentication(options, this.restTemplate).login());
 	}
 
 	@Test
 	void loginShouldUnwrapCubbyholeSecretIdResponse() throws Exception {
 
 		AppRoleAuthenticationOptions options = AppRoleAuthenticationOptions.builder()
-				.roleId(RoleId.provided("my_role_id")).secretId(SecretId.wrapped(VaultToken.of("unwrapping_token")))
-				.unwrappingEndpoints(UnwrappingEndpoints.Cubbyhole).build();
+			.roleId(RoleId.provided("my_role_id"))
+			.secretId(SecretId.wrapped(VaultToken.of("unwrapping_token")))
+			.unwrappingEndpoints(UnwrappingEndpoints.Cubbyhole)
+			.build();
 
 		String wrappedResponse = "{" + "  \"request_id\": \"aad6a19b-a42b-b750-cafb-51087662f53e\","
 				+ "  \"lease_id\": \"\"," + "  \"renewable\": false," + "  \"lease_duration\": 0," + "  \"data\": {"
@@ -174,18 +191,20 @@ void loginShouldUnwrapCubbyholeSecretIdResponse() throws Exception {
 				+ "  }," + "  \"wrap_info\": null," + "  \"warnings\": null," + "  \"auth\": null" + "}";
 
 		// Expect a first request to unwrap the response
-		this.mockRest.expect(requestTo("/cubbyhole/response")).andExpect(header("X-Vault-Token", "unwrapping_token"))
-				.andExpect(method(HttpMethod.GET))
-				.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON).body(
-						"{\"data\":{\"response\":" + this.OBJECT_MAPPER.writeValueAsString(wrappedResponse) + "} }"));
+		this.mockRest.expect(requestTo("/cubbyhole/response"))
+			.andExpect(header("X-Vault-Token", "unwrapping_token"))
+			.andExpect(method(HttpMethod.GET))
+			.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON)
+				.body("{\"data\":{\"response\":" + this.OBJECT_MAPPER.writeValueAsString(wrappedResponse) + "} }"));
 
 		// Also expect a second request to retrieve a token
-		this.mockRest.expect(requestTo("/auth/approle/login")).andExpect(method(HttpMethod.POST))
-				.andExpect(jsonPath("$.role_id").value("my_role_id"))
-				.andExpect(jsonPath("$.secret_id").value("my_secret_id"))
-				.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON).body(
-						"{" + "\"auth\":{\"client_token\":\"my-token\", \"lease_duration\": 10, \"renewable\": true}"
-								+ "}"));
+		this.mockRest.expect(requestTo("/auth/approle/login"))
+			.andExpect(method(HttpMethod.POST))
+			.andExpect(jsonPath("$.role_id").value("my_role_id"))
+			.andExpect(jsonPath("$.secret_id").value("my_secret_id"))
+			.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON)
+				.body("{" + "\"auth\":{\"client_token\":\"my-token\", \"lease_duration\": 10, \"renewable\": true}"
+						+ "}"));
 
 		AppRoleAuthentication auth = new AppRoleAuthentication(options, this.restTemplate);
 
@@ -201,8 +220,9 @@ void loginShouldUnwrapCubbyholeSecretIdResponse() throws Exception {
 	void loginShouldUnwrapSecretIdResponse() throws Exception {
 
 		AppRoleAuthenticationOptions options = AppRoleAuthenticationOptions.builder()
-				.roleId(RoleId.provided("my_role_id")).secretId(SecretId.wrapped(VaultToken.of("unwrapping_token")))
-				.build();
+			.roleId(RoleId.provided("my_role_id"))
+			.secretId(SecretId.wrapped(VaultToken.of("unwrapping_token")))
+			.build();
 
 		String wrappedResponse = "{" + "  \"request_id\": \"aad6a19b-a42b-b750-cafb-51087662f53e\","
 				+ "  \"lease_id\": \"\"," + "  \"renewable\": false," + "  \"lease_duration\": 0," + "  \"data\": {"
@@ -210,17 +230,19 @@ void loginShouldUnwrapSecretIdResponse() throws Exception {
 				+ "  }," + "  \"wrap_info\": null," + "  \"warnings\": null," + "  \"auth\": null" + "}";
 
 		// Expect a first request to unwrap the response
-		this.mockRest.expect(requestTo("/sys/wrapping/unwrap")).andExpect(header("X-Vault-Token", "unwrapping_token"))
-				.andExpect(method(HttpMethod.POST))
-				.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON).body(wrappedResponse));
+		this.mockRest.expect(requestTo("/sys/wrapping/unwrap"))
+			.andExpect(header("X-Vault-Token", "unwrapping_token"))
+			.andExpect(method(HttpMethod.POST))
+			.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON).body(wrappedResponse));
 
 		// Also expect a second request to retrieve a token
-		this.mockRest.expect(requestTo("/auth/approle/login")).andExpect(method(HttpMethod.POST))
-				.andExpect(jsonPath("$.role_id").value("my_role_id"))
-				.andExpect(jsonPath("$.secret_id").value("my_secret_id"))
-				.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON).body(
-						"{" + "\"auth\":{\"client_token\":\"my-token\", \"lease_duration\": 10, \"renewable\": true}"
-								+ "}"));
+		this.mockRest.expect(requestTo("/auth/approle/login"))
+			.andExpect(method(HttpMethod.POST))
+			.andExpect(jsonPath("$.role_id").value("my_role_id"))
+			.andExpect(jsonPath("$.secret_id").value("my_secret_id"))
+			.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON)
+				.body("{" + "\"auth\":{\"client_token\":\"my-token\", \"lease_duration\": 10, \"renewable\": true}"
+						+ "}"));
 
 		AppRoleAuthentication auth = new AppRoleAuthentication(options, this.restTemplate);
 
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/authentication/AuthenticationStepsExecutorUnitTests.java b/spring-vault-core/src/test/java/org/springframework/vault/authentication/AuthenticationStepsExecutorUnitTests.java
index e0d605fc3..7710a9b32 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/authentication/AuthenticationStepsExecutorUnitTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/authentication/AuthenticationStepsExecutorUnitTests.java
@@ -85,8 +85,8 @@ void supplierOfStringShouldLoginWithMap() {
 	void fileResourceCredentialSupplierShouldBeLoaded() {
 
 		AuthenticationSteps steps = AuthenticationSteps
-				.fromSupplier(new ResourceCredentialSupplier(new ClassPathResource("kube-jwt-token")))
-				.login(VaultToken::of);
+			.fromSupplier(new ResourceCredentialSupplier(new ClassPathResource("kube-jwt-token")))
+			.login(VaultToken::of);
 
 		assertThat(login(steps).getToken()).startsWith("eyJhbGciOiJSUz");
 	}
@@ -95,8 +95,8 @@ void fileResourceCredentialSupplierShouldBeLoaded() {
 	void inputStreamResourceCredentialSupplierShouldBeLoaded() {
 
 		AuthenticationSteps steps = AuthenticationSteps
-				.fromSupplier(new ResourceCredentialSupplier(new ByteArrayResource("eyJhbGciOiJSUz".getBytes())))
-				.login(VaultToken::of);
+			.fromSupplier(new ResourceCredentialSupplier(new ByteArrayResource("eyJhbGciOiJSUz".getBytes())))
+			.login(VaultToken::of);
 
 		assertThat(login(steps).getToken()).startsWith("eyJhbGciOiJSUz");
 	}
@@ -104,13 +104,14 @@ void inputStreamResourceCredentialSupplierShouldBeLoaded() {
 	@Test
 	void justLoginRequestShouldLogin() {
 
-		this.mockRest.expect(requestTo("/auth/cert/login")).andExpect(method(HttpMethod.POST))
-				.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON).body(
-						"{" + "\"auth\":{\"client_token\":\"my-token\", \"renewable\": true, \"lease_duration\": 10}"
-								+ "}"));
+		this.mockRest.expect(requestTo("/auth/cert/login"))
+			.andExpect(method(HttpMethod.POST))
+			.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON)
+				.body("{" + "\"auth\":{\"client_token\":\"my-token\", \"renewable\": true, \"lease_duration\": 10}"
+						+ "}"));
 
 		AuthenticationSteps steps = AuthenticationSteps
-				.just(post("/auth/{path}/login", "cert").as(VaultResponse.class));
+			.just(post("/auth/{path}/login", "cert").as(VaultResponse.class));
 
 		assertThat(login(steps)).isEqualTo(VaultToken.of("my-token"));
 	}
@@ -118,33 +119,38 @@ void justLoginRequestShouldLogin() {
 	@Test
 	void justLoginShouldFail() {
 
-		this.mockRest.expect(requestTo("/auth/cert/login")).andExpect(method(HttpMethod.POST))
-				.andRespond(withBadRequest().body("foo"));
+		this.mockRest.expect(requestTo("/auth/cert/login"))
+			.andExpect(method(HttpMethod.POST))
+			.andRespond(withBadRequest().body("foo"));
 
 		AuthenticationSteps steps = AuthenticationSteps
-				.just(post("/auth/{path}/login", "cert").as(VaultResponse.class));
+			.just(post("/auth/{path}/login", "cert").as(VaultResponse.class));
 
-		assertThatExceptionOfType(VaultException.class).isThrownBy(() -> login(steps)).withMessageContaining(
-				"HTTP request POST /auth/{path}/login AS class org.springframework.vault.support.VaultResponse "
-						+ "in state null failed with Status 400 and body foo");
+		assertThatExceptionOfType(VaultException.class).isThrownBy(() -> login(steps))
+			.withMessageContaining(
+					"HTTP request POST /auth/{path}/login AS class org.springframework.vault.support.VaultResponse "
+							+ "in state null failed with Status 400 and body foo");
 	}
 
 	@Test
 	void initialRequestWithMapShouldLogin() {
 
-		this.mockRest.expect(requestTo("somewhere/else")).andExpect(method(HttpMethod.GET))
-				.andRespond(withSuccess().contentType(MediaType.TEXT_PLAIN).body("foo"));
+		this.mockRest.expect(requestTo("somewhere/else"))
+			.andExpect(method(HttpMethod.GET))
+			.andRespond(withSuccess().contentType(MediaType.TEXT_PLAIN).body("foo"));
 
-		this.mockRest.expect(requestTo("/auth/cert/login")).andExpect(method(HttpMethod.POST))
-				.andExpect(content().string("foo-token"))
-				.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON).body(
-						"{" + "\"auth\":{\"client_token\":\"foo-token\", \"renewable\": true, \"lease_duration\": 10}"
-								+ "}"));
+		this.mockRest.expect(requestTo("/auth/cert/login"))
+			.andExpect(method(HttpMethod.POST))
+			.andExpect(content().string("foo-token"))
+			.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON)
+				.body("{" + "\"auth\":{\"client_token\":\"foo-token\", \"renewable\": true, \"lease_duration\": 10}"
+						+ "}"));
 
 		AuthenticationSteps steps = AuthenticationSteps
-				.fromHttpRequest(get(URI.create("somewhere/else")).as(String.class)).onNext(System.out::println) //
-				.map(s -> s.concat("-token")) //
-				.login("/auth/cert/login");
+			.fromHttpRequest(get(URI.create("somewhere/else")).as(String.class))
+			.onNext(System.out::println) //
+			.map(s -> s.concat("-token")) //
+			.login("/auth/cert/login");
 
 		assertThat(login(steps)).isEqualTo(VaultToken.of("foo-token"));
 	}
@@ -153,21 +159,22 @@ void initialRequestWithMapShouldLogin() {
 	void requestWithHeadersShouldLogin() {
 
 		this.mockRest.expect(requestTo("somewhere/else")) //
-				.andExpect(header("foo", "bar")) //
-				.andExpect(method(HttpMethod.GET)) //
-				.andRespond(withSuccess().contentType(MediaType.TEXT_PLAIN).body("foo"));
+			.andExpect(header("foo", "bar")) //
+			.andExpect(method(HttpMethod.GET)) //
+			.andRespond(withSuccess().contentType(MediaType.TEXT_PLAIN).body("foo"));
 
-		this.mockRest.expect(requestTo("/auth/cert/login")).andExpect(content().string("foo"))
-				.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON).body(
-						"{" + "\"auth\":{\"client_token\":\"foo-token\", \"renewable\": true, \"lease_duration\": 10}"
-								+ "}"));
+		this.mockRest.expect(requestTo("/auth/cert/login"))
+			.andExpect(content().string("foo"))
+			.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON)
+				.body("{" + "\"auth\":{\"client_token\":\"foo-token\", \"renewable\": true, \"lease_duration\": 10}"
+						+ "}"));
 
 		HttpHeaders headers = new HttpHeaders();
 		headers.add("foo", "bar");
 
 		AuthenticationSteps steps = AuthenticationSteps
-				.fromHttpRequest(get(URI.create("somewhere/else")).with(headers).as(String.class)) //
-				.login("/auth/cert/login");
+			.fromHttpRequest(get(URI.create("somewhere/else")).with(headers).as(String.class)) //
+			.login("/auth/cert/login");
 
 		assertThat(login(steps)).isEqualTo(VaultToken.of("foo-token"));
 	}
@@ -175,20 +182,22 @@ void requestWithHeadersShouldLogin() {
 	@Test
 	void zipWithShouldRequestTwoItems() {
 
-		this.mockRest.expect(requestTo("/auth/login/left")).andExpect(method(HttpMethod.POST)).andRespond(
-				withSuccess().contentType(MediaType.APPLICATION_JSON).body("{" + "\"request_id\": \"left\"}"));
+		this.mockRest.expect(requestTo("/auth/login/left"))
+			.andExpect(method(HttpMethod.POST))
+			.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON).body("{" + "\"request_id\": \"left\"}"));
 
-		this.mockRest.expect(requestTo("/auth/login/right")).andExpect(method(HttpMethod.POST)).andRespond(
-				withSuccess().contentType(MediaType.APPLICATION_JSON).body("{" + "\"request_id\": \"right\"}"));
+		this.mockRest.expect(requestTo("/auth/login/right"))
+			.andExpect(method(HttpMethod.POST))
+			.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON).body("{" + "\"request_id\": \"right\"}"));
 
 		Node<VaultResponse> left = AuthenticationSteps
-				.fromHttpRequest(post("/auth/login/left").as(VaultResponse.class));
+			.fromHttpRequest(post("/auth/login/left").as(VaultResponse.class));
 
 		Node<VaultResponse> right = AuthenticationSteps
-				.fromHttpRequest(post("/auth/login/right").as(VaultResponse.class));
+			.fromHttpRequest(post("/auth/login/right").as(VaultResponse.class));
 
 		AuthenticationSteps steps = left.zipWith(right)
-				.login(it -> VaultToken.of(it.getLeft().getRequestId() + "-" + it.getRight().getRequestId()));
+			.login(it -> VaultToken.of(it.getLeft().getRequestId() + "-" + it.getRight().getRequestId()));
 
 		assertThat(login(steps)).isEqualTo(VaultToken.of("left-right"));
 	}
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/authentication/AuthenticationStepsOperatorUnitTests.java b/spring-vault-core/src/test/java/org/springframework/vault/authentication/AuthenticationStepsOperatorUnitTests.java
index 8f5a04af9..955359b3d 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/authentication/AuthenticationStepsOperatorUnitTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/authentication/AuthenticationStepsOperatorUnitTests.java
@@ -53,8 +53,8 @@ void justTokenShouldLogin() {
 		AuthenticationSteps steps = AuthenticationSteps.just(VaultToken.of("my-token"));
 
 		login(steps).as(StepVerifier::create) //
-				.expectNext(VaultToken.of("my-token")) //
-				.verifyComplete();
+			.expectNext(VaultToken.of("my-token")) //
+			.verifyComplete();
 	}
 
 	@Test
@@ -63,49 +63,52 @@ void supplierOfStringShouldLoginWithMap() {
 		AuthenticationSteps steps = AuthenticationSteps.fromSupplier(() -> "my-token").login(VaultToken::of);
 
 		login(steps).as(StepVerifier::create) //
-				.expectNext(VaultToken.of("my-token")) //
-				.verifyComplete();
+			.expectNext(VaultToken.of("my-token")) //
+			.verifyComplete();
 	}
 
 	@Test
 	void fileResourceCredentialSupplierShouldBeLoaded() {
 
 		AuthenticationSteps steps = AuthenticationSteps
-				.fromSupplier(new ResourceCredentialSupplier(new ClassPathResource("kube-jwt-token")))
-				.login(VaultToken::of);
+			.fromSupplier(new ResourceCredentialSupplier(new ClassPathResource("kube-jwt-token")))
+			.login(VaultToken::of);
 
 		login(steps).as(StepVerifier::create) //
-				.consumeNextWith(actual -> {
-					assertThat(actual.getToken()).startsWith("eyJhbGciOiJSUz");
-				}).verifyComplete();
+			.consumeNextWith(actual -> {
+				assertThat(actual.getToken()).startsWith("eyJhbGciOiJSUz");
+			})
+			.verifyComplete();
 	}
 
 	@Test
 	void absentFileResourceCredentialSupplierShouldFail() {
 
 		AuthenticationSteps steps = AuthenticationSteps
-				.fromSupplier(new ResourceCredentialSupplier(new ByteArrayResource("eyJhbGciOiJSUz".getBytes()) {
-					@Override
-					public InputStream getInputStream() throws IOException {
-						throw new IOException("Oops!");
-					}
-				})).login(VaultToken::of);
+			.fromSupplier(new ResourceCredentialSupplier(new ByteArrayResource("eyJhbGciOiJSUz".getBytes()) {
+				@Override
+				public InputStream getInputStream() throws IOException {
+					throw new IOException("Oops!");
+				}
+			}))
+			.login(VaultToken::of);
 
 		login(steps).as(StepVerifier::create) //
-				.verifyError(VaultException.class);
+			.verifyError(VaultException.class);
 	}
 
 	@Test
 	void inputStreamResourceCredentialSupplierShouldBeLoaded() {
 
 		AuthenticationSteps steps = AuthenticationSteps
-				.fromSupplier(new ResourceCredentialSupplier(new ByteArrayResource("eyJhbGciOiJSUz".getBytes())))
-				.login(VaultToken::of);
+			.fromSupplier(new ResourceCredentialSupplier(new ByteArrayResource("eyJhbGciOiJSUz".getBytes())))
+			.login(VaultToken::of);
 
 		login(steps).as(StepVerifier::create) //
-				.consumeNextWith(actual -> {
-					assertThat(actual.getToken()).startsWith("eyJhbGciOiJSUz");
-				}).verifyComplete();
+			.consumeNextWith(actual -> {
+				assertThat(actual.getToken()).startsWith("eyJhbGciOiJSUz");
+			})
+			.verifyComplete();
 	}
 
 	@Test
@@ -114,9 +117,10 @@ void anyCredentialSupplierShouldBeLoaded() {
 		AuthenticationSteps steps = AuthenticationSteps.fromSupplier(() -> "eyJhbGciOiJSUz").login(VaultToken::of);
 
 		login(steps).as(StepVerifier::create) //
-				.consumeNextWith(actual -> {
-					assertThat(actual.getToken()).startsWith("eyJhbGciOiJSUz");
-				}).verifyComplete();
+			.consumeNextWith(actual -> {
+				assertThat(actual.getToken()).startsWith("eyJhbGciOiJSUz");
+			})
+			.verifyComplete();
 	}
 
 	@Test
@@ -132,11 +136,11 @@ void justLoginRequestShouldLogin() {
 		WebClient webClient = WebClient.builder().clientConnector(connector).build();
 
 		AuthenticationSteps steps = AuthenticationSteps
-				.just(post("/auth/{path}/login", "cert").as(VaultResponse.class));
+			.just(post("/auth/{path}/login", "cert").as(VaultResponse.class));
 
 		login(steps, webClient).as(StepVerifier::create) //
-				.expectNext(VaultToken.of("my-token")) //
-				.verifyComplete();
+			.expectNext(VaultToken.of("my-token")) //
+			.verifyComplete();
 	}
 
 	@Test
@@ -149,11 +153,11 @@ void justLoginShouldFail() {
 		WebClient webClient = WebClient.builder().clientConnector(connector).build();
 
 		AuthenticationSteps steps = AuthenticationSteps
-				.just(post("/auth/{path}/login", "cert").as(VaultResponse.class));
+			.just(post("/auth/{path}/login", "cert").as(VaultResponse.class));
 
 		login(steps, webClient).as(StepVerifier::create) //
-				.expectError() //
-				.verify();
+			.expectError() //
+			.verify();
 	}
 
 	@Test
@@ -181,17 +185,17 @@ void zipWithShouldRequestTwoItems() {
 		WebClient webClient = WebClient.builder().clientConnector(connector).build();
 
 		Node<VaultResponse> left = AuthenticationSteps
-				.fromHttpRequest(post("/auth/login/left").as(VaultResponse.class));
+			.fromHttpRequest(post("/auth/login/left").as(VaultResponse.class));
 
 		Node<VaultResponse> right = AuthenticationSteps
-				.fromHttpRequest(post("/auth/login/right").as(VaultResponse.class));
+			.fromHttpRequest(post("/auth/login/right").as(VaultResponse.class));
 
 		AuthenticationSteps steps = left.zipWith(right)
-				.login(it -> VaultToken.of(it.getLeft().getRequestId() + "-" + it.getRight().getRequestId()));
+			.login(it -> VaultToken.of(it.getLeft().getRequestId() + "-" + it.getRight().getRequestId()));
 
 		login(steps, webClient).as(StepVerifier::create) //
-				.expectNext(VaultToken.of("left-right")) //
-				.verifyComplete();
+			.expectNext(VaultToken.of("left-right")) //
+			.verifyComplete();
 	}
 
 	private Mono<VaultToken> login(AuthenticationSteps steps) {
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/authentication/AwsEc2AuthenticationUnitTests.java b/spring-vault-core/src/test/java/org/springframework/vault/authentication/AwsEc2AuthenticationUnitTests.java
index 7424de647..8247462c8 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/authentication/AwsEc2AuthenticationUnitTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/authentication/AwsEc2AuthenticationUnitTests.java
@@ -64,8 +64,8 @@ void before() {
 	void shouldObtainIdentityDocument() {
 
 		this.mockRest.expect(requestTo("http://169.254.169.254/latest/dynamic/instance-identity/pkcs7")) //
-				.andExpect(method(HttpMethod.GET)) //
-				.andRespond(withSuccess().body("Hello, world"));
+			.andExpect(method(HttpMethod.GET)) //
+			.andRespond(withSuccess().body("Hello, world"));
 
 		AwsEc2Authentication authentication = new AwsEc2Authentication(this.restTemplate);
 
@@ -76,8 +76,8 @@ void shouldObtainIdentityDocument() {
 	void shouldCleanUpIdentityResponse() {
 
 		this.mockRest.expect(requestTo("http://169.254.169.254/latest/dynamic/instance-identity/pkcs7")) //
-				.andExpect(method(HttpMethod.GET)) //
-				.andRespond(withSuccess().body("Hello, \r\r\n\nworld"));
+			.andExpect(method(HttpMethod.GET)) //
+			.andRespond(withSuccess().body("Hello, \r\r\n\nworld"));
 
 		AwsEc2Authentication authentication = new AwsEc2Authentication(this.restTemplate);
 
@@ -90,15 +90,16 @@ void shouldContainRole() {
 		AwsEc2AuthenticationOptions options = AwsEc2AuthenticationOptions.builder().role("ami").build();
 
 		this.mockRest.expect(requestTo("http://169.254.169.254/latest/dynamic/instance-identity/pkcs7")) //
-				.andExpect(method(HttpMethod.GET)) //
-				.andRespond(withSuccess().body("Hello, world"));
+			.andExpect(method(HttpMethod.GET)) //
+			.andRespond(withSuccess().body("Hello, world"));
 
 		AwsEc2Authentication authentication = new AwsEc2Authentication(options, this.restTemplate, this.restTemplate);
 
 		assertThat(authentication.getEc2Login()) //
-				.containsEntry("pkcs7", "Hello, world") //
-				.containsEntry("role", "ami") //
-				.containsKey("nonce").hasSize(3);
+			.containsEntry("pkcs7", "Hello, world") //
+			.containsEntry("role", "ami") //
+			.containsKey("nonce")
+			.hasSize(3);
 	}
 
 	@Test
@@ -109,13 +110,15 @@ void shouldLogin() {
 		AwsEc2AuthenticationOptions authenticationOptions = AwsEc2AuthenticationOptions.builder().nonce(nonce).build();
 
 		this.mockRest.expect(requestTo("http://169.254.169.254/latest/dynamic/instance-identity/pkcs7")) //
-				.andExpect(method(HttpMethod.GET)) //
-				.andRespond(withSuccess().body("value"));
+			.andExpect(method(HttpMethod.GET)) //
+			.andRespond(withSuccess().body("value"));
 
-		this.mockRest.expect(requestTo("/auth/aws-ec2/login")).andExpect(method(HttpMethod.POST))
-				.andExpect(jsonPath("$.pkcs7").value("value")).andExpect(jsonPath("$.nonce").value("foo"))
-				.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON)
-						.body("{" + "\"auth\":{\"client_token\":\"my-token\", \"lease_duration\":20}" + "}"));
+		this.mockRest.expect(requestTo("/auth/aws-ec2/login"))
+			.andExpect(method(HttpMethod.POST))
+			.andExpect(jsonPath("$.pkcs7").value("value"))
+			.andExpect(jsonPath("$.nonce").value("foo"))
+			.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON)
+				.body("{" + "\"auth\":{\"client_token\":\"my-token\", \"lease_duration\":20}" + "}"));
 
 		AwsEc2Authentication authentication = new AwsEc2Authentication(authenticationOptions, this.restTemplate,
 				this.restTemplate);
@@ -136,13 +139,15 @@ void authenticationChainShouldLogin() {
 		AwsEc2AuthenticationOptions options = AwsEc2AuthenticationOptions.builder().nonce(nonce).build();
 
 		this.mockRest.expect(requestTo("http://169.254.169.254/latest/dynamic/instance-identity/pkcs7")) //
-				.andExpect(method(HttpMethod.GET)) //
-				.andRespond(withSuccess().body("value"));
+			.andExpect(method(HttpMethod.GET)) //
+			.andRespond(withSuccess().body("value"));
 
-		this.mockRest.expect(requestTo("/auth/aws-ec2/login")).andExpect(method(HttpMethod.POST))
-				.andExpect(jsonPath("$.pkcs7").value("value")).andExpect(jsonPath("$.nonce").value("foo"))
-				.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON)
-						.body("{" + "\"auth\":{\"client_token\":\"my-token\", \"lease_duration\":20}" + "}"));
+		this.mockRest.expect(requestTo("/auth/aws-ec2/login"))
+			.andExpect(method(HttpMethod.POST))
+			.andExpect(jsonPath("$.pkcs7").value("value"))
+			.andExpect(jsonPath("$.nonce").value("foo"))
+			.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON)
+				.body("{" + "\"auth\":{\"client_token\":\"my-token\", \"lease_duration\":20}" + "}"));
 
 		AuthenticationStepsExecutor executor = new AuthenticationStepsExecutor(
 				AwsEc2Authentication.createAuthenticationSteps(options), this.restTemplate);
@@ -158,17 +163,17 @@ void authenticationChainShouldLogin() {
 	void loginShouldFailWhileObtainingIdentityDocument() {
 
 		this.mockRest.expect(requestTo("http://169.254.169.254/latest/dynamic/instance-identity/pkcs7")) //
-				.andRespond(withServerError());
+			.andRespond(withServerError());
 
 		assertThatExceptionOfType(VaultException.class)
-				.isThrownBy(() -> new AwsEc2Authentication(this.restTemplate).login());
+			.isThrownBy(() -> new AwsEc2Authentication(this.restTemplate).login());
 	}
 
 	@Test
 	void loginShouldFail() {
 
 		this.mockRest.expect(requestTo("/auth/aws-ec2/login")) //
-				.andRespond(withServerError());
+			.andRespond(withServerError());
 
 		assertThatExceptionOfType(VaultException.class).isThrownBy(() -> new AwsEc2Authentication(this.restTemplate) {
 			@Override
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/authentication/AwsIamAuthenticationUnitTests.java b/spring-vault-core/src/test/java/org/springframework/vault/authentication/AwsIamAuthenticationUnitTests.java
index 3ae5e4c4a..7028f5a0d 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/authentication/AwsIamAuthenticationUnitTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/authentication/AwsIamAuthenticationUnitTests.java
@@ -57,16 +57,22 @@ void before() {
 	@Test
 	void shouldAuthenticate() {
 
-		this.mockRest.expect(requestTo("/auth/aws/login")).andExpect(method(HttpMethod.POST))
-				.andExpect(jsonPath("$.iam_http_request_method").value("POST"))
-				.andExpect(jsonPath("$.iam_request_url").exists()).andExpect(jsonPath("$.iam_request_body").exists())
-				.andExpect(jsonPath("$.iam_request_headers").exists()).andExpect(jsonPath("$.role").value("foo-role"))
-				.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON).body(
-						"{" + "\"auth\":{\"client_token\":\"my-token\", \"renewable\": true, \"lease_duration\": 10}"
-								+ "}"));
-
-		AwsIamAuthenticationOptions options = AwsIamAuthenticationOptions.builder().role("foo-role")
-				.regionProvider(() -> Region.US_WEST_1).credentials(AwsBasicCredentials.create("foo", "bar")).build();
+		this.mockRest.expect(requestTo("/auth/aws/login"))
+			.andExpect(method(HttpMethod.POST))
+			.andExpect(jsonPath("$.iam_http_request_method").value("POST"))
+			.andExpect(jsonPath("$.iam_request_url").exists())
+			.andExpect(jsonPath("$.iam_request_body").exists())
+			.andExpect(jsonPath("$.iam_request_headers").exists())
+			.andExpect(jsonPath("$.role").value("foo-role"))
+			.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON)
+				.body("{" + "\"auth\":{\"client_token\":\"my-token\", \"renewable\": true, \"lease_duration\": 10}"
+						+ "}"));
+
+		AwsIamAuthenticationOptions options = AwsIamAuthenticationOptions.builder()
+			.role("foo-role")
+			.regionProvider(() -> Region.US_WEST_1)
+			.credentials(AwsBasicCredentials.create("foo", "bar"))
+			.build();
 		AwsIamAuthentication sut = new AwsIamAuthentication(options, this.restTemplate);
 
 		VaultToken login = sut.login();
@@ -80,16 +86,22 @@ void shouldAuthenticate() {
 	@Test
 	void shouldUsingAuthenticationSteps() {
 
-		this.mockRest.expect(requestTo("/auth/aws/login")).andExpect(method(HttpMethod.POST))
-				.andExpect(jsonPath("$.iam_http_request_method").value("POST"))
-				.andExpect(jsonPath("$.iam_request_url").exists()).andExpect(jsonPath("$.iam_request_body").exists())
-				.andExpect(jsonPath("$.iam_request_headers").exists()).andExpect(jsonPath("$.role").value("foo-role"))
-				.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON).body(
-						"{" + "\"auth\":{\"client_token\":\"my-token\", \"renewable\": true, \"lease_duration\": 10}"
-								+ "}"));
-
-		AwsIamAuthenticationOptions options = AwsIamAuthenticationOptions.builder().role("foo-role")
-				.region(Region.US_WEST_1).credentials(AwsBasicCredentials.create("foo", "bar")).build();
+		this.mockRest.expect(requestTo("/auth/aws/login"))
+			.andExpect(method(HttpMethod.POST))
+			.andExpect(jsonPath("$.iam_http_request_method").value("POST"))
+			.andExpect(jsonPath("$.iam_request_url").exists())
+			.andExpect(jsonPath("$.iam_request_body").exists())
+			.andExpect(jsonPath("$.iam_request_headers").exists())
+			.andExpect(jsonPath("$.role").value("foo-role"))
+			.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON)
+				.body("{" + "\"auth\":{\"client_token\":\"my-token\", \"renewable\": true, \"lease_duration\": 10}"
+						+ "}"));
+
+		AwsIamAuthenticationOptions options = AwsIamAuthenticationOptions.builder()
+			.role("foo-role")
+			.region(Region.US_WEST_1)
+			.credentials(AwsBasicCredentials.create("foo", "bar"))
+			.build();
 
 		AuthenticationSteps steps = AwsIamAuthentication.createAuthenticationSteps(options);
 		AuthenticationStepsExecutor executor = new AuthenticationStepsExecutor(steps, this.restTemplate);
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/authentication/AzureMsiAuthenticationUnitTests.java b/spring-vault-core/src/test/java/org/springframework/vault/authentication/AzureMsiAuthenticationUnitTests.java
index 77f3feaf5..c0a80f9ef 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/authentication/AzureMsiAuthenticationUnitTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/authentication/AzureMsiAuthenticationUnitTests.java
@@ -54,8 +54,9 @@ void before() {
 	@Test
 	void loginShouldObtainTokenAndFetchMetadata() {
 
-		AzureMsiAuthenticationOptions options = AzureMsiAuthenticationOptions.builder().role("dev-role") //
-				.build();
+		AzureMsiAuthenticationOptions options = AzureMsiAuthenticationOptions.builder()
+			.role("dev-role") //
+			.build();
 
 		expectVmMetadataRequest();
 		expectIdentityTokenRequest();
@@ -71,8 +72,10 @@ void loginShouldObtainTokenAndFetchMetadata() {
 	@Test
 	void loginShouldObtainToken() {
 
-		AzureMsiAuthenticationOptions options = AzureMsiAuthenticationOptions.builder().role("dev-role")
-				.vmEnvironment(new AzureVmEnvironment("foobar-subscription", "vault", "vault-client")).build();
+		AzureMsiAuthenticationOptions options = AzureMsiAuthenticationOptions.builder()
+			.role("dev-role")
+			.vmEnvironment(new AzureVmEnvironment("foobar-subscription", "vault", "vault-client"))
+			.build();
 
 		expectIdentityTokenRequest();
 		expectVmLoginRequest();
@@ -87,8 +90,9 @@ void loginShouldObtainToken() {
 	@Test
 	void loginWithStepsShouldObtainTokenAndFetchMetadata() {
 
-		AzureMsiAuthenticationOptions options = AzureMsiAuthenticationOptions.builder().role("dev-role") //
-				.build();
+		AzureMsiAuthenticationOptions options = AzureMsiAuthenticationOptions.builder()
+			.role("dev-role") //
+			.build();
 
 		expectVmMetadataRequest();
 		expectIdentityTokenRequest();
@@ -105,8 +109,10 @@ void loginWithStepsShouldObtainTokenAndFetchMetadata() {
 	@Test
 	void loginWithStepsShouldObtainToken() {
 
-		AzureMsiAuthenticationOptions options = AzureMsiAuthenticationOptions.builder().role("dev-role")
-				.vmEnvironment(new AzureVmEnvironment("foobar-subscription", "vault", "vault-client")).build();
+		AzureMsiAuthenticationOptions options = AzureMsiAuthenticationOptions.builder()
+			.role("dev-role")
+			.vmEnvironment(new AzureVmEnvironment("foobar-subscription", "vault", "vault-client"))
+			.build();
 
 		expectIdentityTokenRequest();
 		expectVmLoginRequest();
@@ -122,8 +128,9 @@ void loginWithStepsShouldObtainToken() {
 	@Test
 	void loginFromScaleSetShouldObtainToken() {
 
-		AzureMsiAuthenticationOptions options = AzureMsiAuthenticationOptions.builder().role("dev-role") //
-				.build();
+		AzureMsiAuthenticationOptions options = AzureMsiAuthenticationOptions.builder()
+			.role("dev-role") //
+			.build();
 
 		expectVmssMetadataRequest();
 		expectIdentityTokenRequest();
@@ -139,53 +146,62 @@ void loginFromScaleSetShouldObtainToken() {
 	private void expectVmMetadataRequest() {
 
 		this.mockRest.expect(requestTo(AzureMsiAuthenticationOptions.DEFAULT_INSTANCE_METADATA_SERVICE_URI))
-				.andExpect(method(HttpMethod.GET)).andExpect(header("Metadata", "true"))
-				.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON)
-						.body("{\n" + "  \"compute\": {\n" + "   \"name\": \"vault-client\",\n"
-								+ "   \"vmScaleSetName\": \"\",\n" + "   \"resourceGroupName\": \"vault\",\n"
-								+ "   \"subscriptionId\": \"foobar-subscription\"\n" + "  }\n" + "}"));
+			.andExpect(method(HttpMethod.GET))
+			.andExpect(header("Metadata", "true"))
+			.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON)
+				.body("{\n" + "  \"compute\": {\n" + "   \"name\": \"vault-client\",\n"
+						+ "   \"vmScaleSetName\": \"\",\n" + "   \"resourceGroupName\": \"vault\",\n"
+						+ "   \"subscriptionId\": \"foobar-subscription\"\n" + "  }\n" + "}"));
 	}
 
 	private void expectVmssMetadataRequest() {
 
 		this.mockRest.expect(requestTo(AzureMsiAuthenticationOptions.DEFAULT_INSTANCE_METADATA_SERVICE_URI))
-				.andExpect(method(HttpMethod.GET)).andExpect(header("Metadata", "true"))
-				.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON)
-						.body("{\n" + "  \"compute\": {\n" + "   \"name\": \"vault-client-scale-set_0\",\n"
-								+ "   \"vmScaleSetName\": \"vault-client-scale-set\",\n"
-								+ "   \"resourceGroupName\": \"vault\",\n"
-								+ "   \"subscriptionId\": \"foobar-subscription\"\n" + "  }\n" + "}"));
+			.andExpect(method(HttpMethod.GET))
+			.andExpect(header("Metadata", "true"))
+			.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON)
+				.body("{\n" + "  \"compute\": {\n" + "   \"name\": \"vault-client-scale-set_0\",\n"
+						+ "   \"vmScaleSetName\": \"vault-client-scale-set\",\n"
+						+ "   \"resourceGroupName\": \"vault\",\n" + "   \"subscriptionId\": \"foobar-subscription\"\n"
+						+ "  }\n" + "}"));
 	}
 
 	private void expectIdentityTokenRequest() {
 
 		this.mockRest.expect(requestTo(AzureMsiAuthenticationOptions.DEFAULT_IDENTITY_TOKEN_SERVICE_URI))
-				.andExpect(method(HttpMethod.GET)).andExpect(header("Metadata", "true")).andRespond(withSuccess()
-						.contentType(MediaType.APPLICATION_JSON).body("{\"access_token\": \"my-token\" }"));
+			.andExpect(method(HttpMethod.GET))
+			.andExpect(header("Metadata", "true"))
+			.andRespond(
+					withSuccess().contentType(MediaType.APPLICATION_JSON).body("{\"access_token\": \"my-token\" }"));
 
 	}
 
 	private void expectVmLoginRequest() {
 
-		this.mockRest.expect(requestTo("/auth/azure/login")).andExpect(method(HttpMethod.POST))
-				.andExpect(jsonPath("$.role").value("dev-role")).andExpect(jsonPath("$.jwt").value("my-token"))
-				.andExpect(jsonPath("$.subscription_id").value("foobar-subscription"))
-				.andExpect(jsonPath("$.resource_group_name").value("vault"))
-				.andExpect(jsonPath("$.vm_name").value("vault-client")).andExpect(jsonPath("$.vmss_name").value(""))
-				.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON)
-						.body("{" + "\"auth\":{\"client_token\":\"my-token\"}" + "}"));
+		this.mockRest.expect(requestTo("/auth/azure/login"))
+			.andExpect(method(HttpMethod.POST))
+			.andExpect(jsonPath("$.role").value("dev-role"))
+			.andExpect(jsonPath("$.jwt").value("my-token"))
+			.andExpect(jsonPath("$.subscription_id").value("foobar-subscription"))
+			.andExpect(jsonPath("$.resource_group_name").value("vault"))
+			.andExpect(jsonPath("$.vm_name").value("vault-client"))
+			.andExpect(jsonPath("$.vmss_name").value(""))
+			.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON)
+				.body("{" + "\"auth\":{\"client_token\":\"my-token\"}" + "}"));
 	}
 
 	private void expectVmssLoginRequest() {
 
-		this.mockRest.expect(requestTo("/auth/azure/login")).andExpect(method(HttpMethod.POST))
-				.andExpect(jsonPath("$.role").value("dev-role")).andExpect(jsonPath("$.jwt").value("my-token"))
-				.andExpect(jsonPath("$.subscription_id").value("foobar-subscription"))
-				.andExpect(jsonPath("$.resource_group_name").value("vault"))
-				.andExpect(jsonPath("$.vm_name").value("vault-client-scale-set_0"))
-				.andExpect(jsonPath("$.vmss_name").value("vault-client-scale-set"))
-				.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON)
-						.body("{" + "\"auth\":{\"client_token\":\"my-token\"}" + "}"));
+		this.mockRest.expect(requestTo("/auth/azure/login"))
+			.andExpect(method(HttpMethod.POST))
+			.andExpect(jsonPath("$.role").value("dev-role"))
+			.andExpect(jsonPath("$.jwt").value("my-token"))
+			.andExpect(jsonPath("$.subscription_id").value("foobar-subscription"))
+			.andExpect(jsonPath("$.resource_group_name").value("vault"))
+			.andExpect(jsonPath("$.vm_name").value("vault-client-scale-set_0"))
+			.andExpect(jsonPath("$.vmss_name").value("vault-client-scale-set"))
+			.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON)
+				.body("{" + "\"auth\":{\"client_token\":\"my-token\"}" + "}"));
 	}
 
 }
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/authentication/ClientCertificateAuthenticationIntegrationTestBase.java b/spring-vault-core/src/test/java/org/springframework/vault/authentication/ClientCertificateAuthenticationIntegrationTestBase.java
index 7c11335bb..19659c94c 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/authentication/ClientCertificateAuthenticationIntegrationTestBase.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/authentication/ClientCertificateAuthenticationIntegrationTestBase.java
@@ -40,9 +40,11 @@
  */
 public abstract class ClientCertificateAuthenticationIntegrationTestBase extends IntegrationTestSupport {
 
-	static final Policy POLICY = Policy
-			.of(Policy.Rule.builder().path("/*").capabilities(Policy.BuiltinCapabilities.READ,
-					Policy.BuiltinCapabilities.CREATE, Policy.BuiltinCapabilities.UPDATE).build());
+	static final Policy POLICY = Policy.of(Policy.Rule.builder()
+		.path("/*")
+		.capabilities(Policy.BuiltinCapabilities.READ, Policy.BuiltinCapabilities.CREATE,
+				Policy.BuiltinCapabilities.UPDATE)
+		.build());
 
 	@BeforeEach
 	public void before() {
@@ -76,7 +78,7 @@ static SslConfiguration prepareCertAuthenticationMethod(SslConfiguration.KeyConf
 		SslConfiguration original = createSslConfiguration();
 
 		return new SslConfiguration(KeyStoreConfiguration
-				.of(new FileSystemResource(new File(findWorkDir(), "client-cert.jks")), "changeit".toCharArray()),
+			.of(new FileSystemResource(new File(findWorkDir(), "client-cert.jks")), "changeit".toCharArray()),
 				keyConfiguration, original.getTrustStoreConfiguration());
 	}
 
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/authentication/ClientCertificateAuthenticationIntegrationTests.java b/spring-vault-core/src/test/java/org/springframework/vault/authentication/ClientCertificateAuthenticationIntegrationTests.java
index 389f5a59d..62a22e284 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/authentication/ClientCertificateAuthenticationIntegrationTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/authentication/ClientCertificateAuthenticationIntegrationTests.java
@@ -98,7 +98,7 @@ void loginShouldFail() {
 				clientHttpRequestFactory);
 
 		assertThatExceptionOfType(NestedRuntimeException.class)
-				.isThrownBy(() -> new ClientCertificateAuthentication(restTemplate).login());
+			.isThrownBy(() -> new ClientCertificateAuthentication(restTemplate).login());
 	}
 
 }
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/authentication/ClientCertificateAuthenticationOperatorIntegrationTests.java b/spring-vault-core/src/test/java/org/springframework/vault/authentication/ClientCertificateAuthenticationOperatorIntegrationTests.java
index ede18530b..acbb2b07a 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/authentication/ClientCertificateAuthenticationOperatorIntegrationTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/authentication/ClientCertificateAuthenticationOperatorIntegrationTests.java
@@ -42,9 +42,9 @@ void authenticationStepsShouldLoginSuccessfully() {
 				ClientCertificateAuthentication.createAuthenticationSteps(), webClient);
 
 		operator.getVaultToken() //
-				.as(StepVerifier::create) //
-				.expectNextCount(1) //
-				.verifyComplete();
+			.as(StepVerifier::create) //
+			.expectNextCount(1) //
+			.verifyComplete();
 	}
 
 	@Test
@@ -57,9 +57,9 @@ void shouldSelectKey() {
 				ClientCertificateAuthentication.createAuthenticationSteps(), webClient);
 
 		operator.getVaultToken() //
-				.as(StepVerifier::create) //
-				.expectNextCount(1) //
-				.verifyComplete();
+			.as(StepVerifier::create) //
+			.expectNextCount(1) //
+			.verifyComplete();
 	}
 
 	@Test
@@ -72,14 +72,14 @@ void shouldSelectInvalidKey() {
 				ClientCertificateAuthentication.createAuthenticationSteps(), webClient);
 
 		operator.getVaultToken() //
-				.as(StepVerifier::create) //
-				.verifyError(VaultLoginException.class);
+			.as(StepVerifier::create) //
+			.verifyError(VaultLoginException.class);
 	}
 
 	@Test
 	void shouldProvideInvalidKeyPassword() {
-		assertThatIllegalStateException().isThrownBy(() -> TestWebClientFactory.create(
-				prepareCertAuthenticationMethod(SslConfiguration.KeyConfiguration.of("wrong".toCharArray(), "1"))));
+		assertThatIllegalStateException().isThrownBy(() -> TestWebClientFactory
+			.create(prepareCertAuthenticationMethod(SslConfiguration.KeyConfiguration.of("wrong".toCharArray(), "1"))));
 	}
 
 }
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/authentication/ClientCertificateAuthenticationStepsIntegrationTests.java b/spring-vault-core/src/test/java/org/springframework/vault/authentication/ClientCertificateAuthenticationStepsIntegrationTests.java
index 7b4982532..e86f7e224 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/authentication/ClientCertificateAuthenticationStepsIntegrationTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/authentication/ClientCertificateAuthenticationStepsIntegrationTests.java
@@ -66,7 +66,8 @@ void authenticationStepsLoginShouldFail() {
 
 		assertThatExceptionOfType(NestedRuntimeException.class).isThrownBy(
 				() -> new AuthenticationStepsExecutor(ClientCertificateAuthentication.createAuthenticationSteps(),
-						restTemplate).login());
+						restTemplate)
+					.login());
 	}
 
 }
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/authentication/ClientCertificateAuthenticationUnitTests.java b/spring-vault-core/src/test/java/org/springframework/vault/authentication/ClientCertificateAuthenticationUnitTests.java
index 8f43a5a3d..e8b64fc28 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/authentication/ClientCertificateAuthenticationUnitTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/authentication/ClientCertificateAuthenticationUnitTests.java
@@ -59,13 +59,15 @@ void before() {
 	@Test
 	void loginShouldObtainToken() {
 
-		this.mockRest.expect(requestTo("/auth/my/path/login")).andExpect(method(HttpMethod.POST))
-				.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON).body(
-						"{" + "\"auth\":{\"client_token\":\"my-token\", \"renewable\": true, \"lease_duration\": 10}"
-								+ "}"));
+		this.mockRest.expect(requestTo("/auth/my/path/login"))
+			.andExpect(method(HttpMethod.POST))
+			.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON)
+				.body("{" + "\"auth\":{\"client_token\":\"my-token\", \"renewable\": true, \"lease_duration\": 10}"
+						+ "}"));
 
 		ClientCertificateAuthenticationOptions options = ClientCertificateAuthenticationOptions.builder()
-				.path("my/path").build();
+			.path("my/path")
+			.build();
 
 		ClientCertificateAuthentication sut = new ClientCertificateAuthentication(options, this.restTemplate);
 
@@ -81,10 +83,10 @@ void loginShouldObtainToken() {
 	void loginShouldFail() {
 
 		this.mockRest.expect(requestTo("/auth/cert/login")) //
-				.andRespond(withServerError());
+			.andRespond(withServerError());
 
 		assertThatExceptionOfType(VaultException.class)
-				.isThrownBy(() -> new ClientCertificateAuthentication(this.restTemplate).login());
+			.isThrownBy(() -> new ClientCertificateAuthentication(this.restTemplate).login());
 	}
 
 }
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/authentication/ClientCertificateNamespaceIntegrationTests.java b/spring-vault-core/src/test/java/org/springframework/vault/authentication/ClientCertificateNamespaceIntegrationTests.java
index 21dfd4d86..9b8c0a205 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/authentication/ClientCertificateNamespaceIntegrationTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/authentication/ClientCertificateNamespaceIntegrationTests.java
@@ -62,9 +62,11 @@
  */
 class ClientCertificateNamespaceIntegrationTests extends IntegrationTestSupport {
 
-	static final Policy POLICY = Policy
-			.of(Policy.Rule.builder().path("/*").capabilities(Policy.BuiltinCapabilities.READ,
-					Policy.BuiltinCapabilities.CREATE, Policy.BuiltinCapabilities.UPDATE).build());
+	static final Policy POLICY = Policy.of(Policy.Rule.builder()
+		.path("/*")
+		.capabilities(Policy.BuiltinCapabilities.READ, Policy.BuiltinCapabilities.CREATE,
+				Policy.BuiltinCapabilities.UPDATE)
+		.build());
 
 	@BeforeEach
 	void before() {
@@ -80,10 +82,11 @@ void before() {
 		}
 
 		RestTemplateBuilder devRestTemplate = RestTemplateBuilder.builder()
-				.requestFactory(
-						ClientHttpRequestFactoryFactory.create(new ClientOptions(), Settings.createSslConfiguration()))
-				.endpoint(TestRestTemplateFactory.TEST_VAULT_ENDPOINT).customizers(restTemplate -> restTemplate
-						.getInterceptors().add(VaultClients.createNamespaceInterceptor("dev")));
+			.requestFactory(
+					ClientHttpRequestFactoryFactory.create(new ClientOptions(), Settings.createSslConfiguration()))
+			.endpoint(TestRestTemplateFactory.TEST_VAULT_ENDPOINT)
+			.customizers(
+					restTemplate -> restTemplate.getInterceptors().add(VaultClients.createNamespaceInterceptor("dev")));
 
 		VaultTemplate dev = new VaultTemplate(devRestTemplate,
 				new SimpleSessionManager(new TokenAuthentication(Settings.token())));
@@ -130,8 +133,9 @@ void shouldAuthenticateWithNamespace() {
 				ClientCertificateAuthenticationIntegrationTestBase.prepareCertAuthenticationMethod());
 
 		RestTemplateBuilder builder = RestTemplateBuilder.builder()
-				.endpoint(TestRestTemplateFactory.TEST_VAULT_ENDPOINT).requestFactory(clientHttpRequestFactory)
-				.defaultHeader(VaultHttpHeaders.VAULT_NAMESPACE, "dev");
+			.endpoint(TestRestTemplateFactory.TEST_VAULT_ENDPOINT)
+			.requestFactory(clientHttpRequestFactory)
+			.defaultHeader(VaultHttpHeaders.VAULT_NAMESPACE, "dev");
 
 		RestTemplate forAuthentication = builder.build();
 
@@ -150,8 +154,10 @@ void shouldAuthenticateReactiveWithNamespace() {
 		ClientHttpConnector connector = ClientHttpConnectorFactory.create(new ClientOptions(),
 				ClientCertificateAuthenticationIntegrationTestBase.prepareCertAuthenticationMethod());
 
-		WebClientBuilder builder = WebClientBuilder.builder().endpoint(TestRestTemplateFactory.TEST_VAULT_ENDPOINT)
-				.httpConnector(connector).defaultHeader(VaultHttpHeaders.VAULT_NAMESPACE, "dev");
+		WebClientBuilder builder = WebClientBuilder.builder()
+			.endpoint(TestRestTemplateFactory.TEST_VAULT_ENDPOINT)
+			.httpConnector(connector)
+			.defaultHeader(VaultHttpHeaders.VAULT_NAMESPACE, "dev");
 
 		WebClient forAuthentication = builder.build();
 
@@ -161,8 +167,9 @@ void shouldAuthenticateReactiveWithNamespace() {
 
 		ReactiveVaultTemplate dev = new ReactiveVaultTemplate(builder, operator);
 
-		dev.write("dev-secrets/my-secret", Collections.singletonMap("key", "dev")).as(StepVerifier::create)
-				.verifyComplete();
+		dev.write("dev-secrets/my-secret", Collections.singletonMap("key", "dev"))
+			.as(StepVerifier::create)
+			.verifyComplete();
 
 		dev.read("dev-secrets/my-secret").as(StepVerifier::create).consumeNextWith(actual -> {
 
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/authentication/CubbyholeAuthenticationIntegrationTests.java b/spring-vault-core/src/test/java/org/springframework/vault/authentication/CubbyholeAuthenticationIntegrationTests.java
index 1e2a1636b..a3ad99f02 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/authentication/CubbyholeAuthenticationIntegrationTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/authentication/CubbyholeAuthenticationIntegrationTests.java
@@ -43,8 +43,10 @@ void shouldCreateWrappedToken() {
 		String initialToken = wrapInfo.get("token");
 
 		CubbyholeAuthenticationOptions options = CubbyholeAuthenticationOptions.builder()
-				.unwrappingEndpoints(getUnwrappingEndpoints()).initialToken(VaultToken.of(initialToken)).wrapped()
-				.build();
+			.unwrappingEndpoints(getUnwrappingEndpoints())
+			.initialToken(VaultToken.of(initialToken))
+			.wrapped()
+			.build();
 		RestTemplate restTemplate = TestRestTemplateFactory.create(Settings.createSslConfiguration());
 
 		CubbyholeAuthentication authentication = new CubbyholeAuthentication(options, restTemplate);
@@ -56,7 +58,10 @@ void shouldCreateWrappedToken() {
 	void loginShouldFail() {
 
 		CubbyholeAuthenticationOptions options = CubbyholeAuthenticationOptions.builder()
-				.unwrappingEndpoints(getUnwrappingEndpoints()).initialToken(VaultToken.of("Hello")).wrapped().build();
+			.unwrappingEndpoints(getUnwrappingEndpoints())
+			.initialToken(VaultToken.of("Hello"))
+			.wrapped()
+			.build();
 
 		RestTemplate restTemplate = TestRestTemplateFactory.create(Settings.createSslConfiguration());
 		CubbyholeAuthentication authentication = new CubbyholeAuthentication(options, restTemplate);
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/authentication/CubbyholeAuthenticationOperatorIntegrationTests.java b/spring-vault-core/src/test/java/org/springframework/vault/authentication/CubbyholeAuthenticationOperatorIntegrationTests.java
index 0ff778b00..7559421ae 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/authentication/CubbyholeAuthenticationOperatorIntegrationTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/authentication/CubbyholeAuthenticationOperatorIntegrationTests.java
@@ -45,20 +45,22 @@ void authenticationStepsShouldCreateWrappedToken() {
 		String initialToken = wrapInfo.get("token");
 
 		CubbyholeAuthenticationOptions options = CubbyholeAuthenticationOptions.builder()
-				.unwrappingEndpoints(getUnwrappingEndpoints()).initialToken(VaultToken.of(initialToken)).wrapped()
-				.build();
+			.unwrappingEndpoints(getUnwrappingEndpoints())
+			.initialToken(VaultToken.of(initialToken))
+			.wrapped()
+			.build();
 
 		AuthenticationStepsOperator operator = new AuthenticationStepsOperator(
 				CubbyholeAuthentication.createAuthenticationSteps(options), this.webClient);
 
 		operator.getVaultToken() //
-				.as(StepVerifier::create)
-				//
-				.consumeNextWith(actual -> {
+			.as(StepVerifier::create)
+			//
+			.consumeNextWith(actual -> {
 
-					assertThat(actual).isNotEqualTo(Settings.token().getToken()).isNotNull();
-				}) //
-				.verifyComplete();
+				assertThat(actual).isNotEqualTo(Settings.token().getToken()).isNotNull();
+			}) //
+			.verifyComplete();
 	}
 
 }
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/authentication/CubbyholeAuthenticationStepsIntegrationTests.java b/spring-vault-core/src/test/java/org/springframework/vault/authentication/CubbyholeAuthenticationStepsIntegrationTests.java
index 432965bab..0d6be40eb 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/authentication/CubbyholeAuthenticationStepsIntegrationTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/authentication/CubbyholeAuthenticationStepsIntegrationTests.java
@@ -42,8 +42,10 @@ void authenticationStepsShouldCreateWrappedToken() {
 		String initialToken = wrapInfo.get("token");
 
 		CubbyholeAuthenticationOptions options = CubbyholeAuthenticationOptions.builder()
-				.unwrappingEndpoints(getUnwrappingEndpoints()).initialToken(VaultToken.of(initialToken)).wrapped()
-				.build();
+			.unwrappingEndpoints(getUnwrappingEndpoints())
+			.initialToken(VaultToken.of(initialToken))
+			.wrapped()
+			.build();
 		RestTemplate restTemplate = TestRestTemplateFactory.create(Settings.createSslConfiguration());
 
 		AuthenticationStepsExecutor executor = new AuthenticationStepsExecutor(
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/authentication/CubbyholeAuthenticationUnitTests.java b/spring-vault-core/src/test/java/org/springframework/vault/authentication/CubbyholeAuthenticationUnitTests.java
index eb18b8225..ff61c1a85 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/authentication/CubbyholeAuthenticationUnitTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/authentication/CubbyholeAuthenticationUnitTests.java
@@ -68,14 +68,17 @@ void shouldLoginUsingCubbyholeLogin() throws Exception {
 				+ "\"auth\":{\"client_token\":\"5e6332cf-f003-6369-8cba-5bce2330f6cc\"," + "\"lease_duration\":0,"
 				+ "\"accessor\":\"46b6aebb-187f-932a-26d7-4f3d86a68319\"} }";
 
-		this.mockRest.expect(requestTo("/cubbyhole/response")).andExpect(method(HttpMethod.GET))
-				.andExpect(header(VaultHttpHeaders.VAULT_TOKEN, "hello"))
-				.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON).body(
-						"{\"data\":{\"response\":" + this.OBJECT_MAPPER.writeValueAsString(wrappedResponse) + "} }"));
+		this.mockRest.expect(requestTo("/cubbyhole/response"))
+			.andExpect(method(HttpMethod.GET))
+			.andExpect(header(VaultHttpHeaders.VAULT_TOKEN, "hello"))
+			.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON)
+				.body("{\"data\":{\"response\":" + this.OBJECT_MAPPER.writeValueAsString(wrappedResponse) + "} }"));
 
 		CubbyholeAuthenticationOptions options = CubbyholeAuthenticationOptions.builder()
-				.initialToken(VaultToken.of("hello")).unwrappingEndpoints(UnwrappingEndpoints.Cubbyhole).wrapped()
-				.build();
+			.initialToken(VaultToken.of("hello"))
+			.unwrappingEndpoints(UnwrappingEndpoints.Cubbyhole)
+			.wrapped()
+			.build();
 
 		CubbyholeAuthentication authentication = new CubbyholeAuthentication(options, this.restTemplate);
 
@@ -96,13 +99,16 @@ void shouldLoginUsingWrappedLogin() {
 				+ "\"auth\":{\"client_token\":\"5e6332cf-f003-6369-8cba-5bce2330f6cc\"," + "\"lease_duration\":0,"
 				+ "\"accessor\":\"46b6aebb-187f-932a-26d7-4f3d86a68319\"} }";
 
-		this.mockRest.expect(requestTo("/sys/wrapping/unwrap")).andExpect(method(HttpMethod.POST))
-				.andExpect(header(VaultHttpHeaders.VAULT_TOKEN, "hello"))
-				.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON).body(wrappedResponse));
+		this.mockRest.expect(requestTo("/sys/wrapping/unwrap"))
+			.andExpect(method(HttpMethod.POST))
+			.andExpect(header(VaultHttpHeaders.VAULT_TOKEN, "hello"))
+			.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON).body(wrappedResponse));
 
 		CubbyholeAuthenticationOptions options = CubbyholeAuthenticationOptions.builder()
-				.initialToken(VaultToken.of("hello")).unwrappingEndpoints(UnwrappingEndpoints.SysWrapping).wrapped()
-				.build();
+			.initialToken(VaultToken.of("hello"))
+			.unwrappingEndpoints(UnwrappingEndpoints.SysWrapping)
+			.wrapped()
+			.build();
 
 		CubbyholeAuthentication authentication = new CubbyholeAuthentication(options, this.restTemplate);
 
@@ -123,17 +129,22 @@ void shouldLoginUsingWrappedLoginWithSelfLookup() {
 				+ "\"auth\":{\"client_token\":\"5e6332cf-f003-6369-8cba-5bce2330f6cc\"," + "\"lease_duration\":10,"
 				+ "\"accessor\":\"46b6aebb-187f-932a-26d7-4f3d86a68319\"} }";
 
-		this.mockRest.expect(requestTo("/sys/wrapping/unwrap")).andExpect(method(HttpMethod.POST))
-				.andExpect(header(VaultHttpHeaders.VAULT_TOKEN, "hello"))
-				.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON).body(wrappedResponse));
+		this.mockRest.expect(requestTo("/sys/wrapping/unwrap"))
+			.andExpect(method(HttpMethod.POST))
+			.andExpect(header(VaultHttpHeaders.VAULT_TOKEN, "hello"))
+			.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON).body(wrappedResponse));
 
-		this.mockRest.expect(requestTo("/auth/token/lookup-self")).andExpect(method(HttpMethod.GET))
-				.andExpect(header(VaultHttpHeaders.VAULT_TOKEN, "5e6332cf-f003-6369-8cba-5bce2330f6cc"))
-				.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON).body("{\"data\": {\n"
-						+ "    \"creation_ttl\": 600,\n" + "    \"renewable\": false,\n" + "    \"ttl\": 456} }"));
+		this.mockRest.expect(requestTo("/auth/token/lookup-self"))
+			.andExpect(method(HttpMethod.GET))
+			.andExpect(header(VaultHttpHeaders.VAULT_TOKEN, "5e6332cf-f003-6369-8cba-5bce2330f6cc"))
+			.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON)
+				.body("{\"data\": {\n" + "    \"creation_ttl\": 600,\n" + "    \"renewable\": false,\n"
+						+ "    \"ttl\": 456} }"));
 
 		CubbyholeAuthenticationOptions options = CubbyholeAuthenticationOptions.builder()
-				.initialToken(VaultToken.of("hello")).wrapped().build();
+			.initialToken(VaultToken.of("hello"))
+			.wrapped()
+			.build();
 
 		CubbyholeAuthentication authentication = new CubbyholeAuthentication(options, this.restTemplate);
 
@@ -150,13 +161,17 @@ void shouldLoginUsingWrappedLoginWithSelfLookup() {
 	@Test
 	void shouldLoginUsingStoredLogin() {
 
-		this.mockRest.expect(requestTo("/cubbyhole/token")).andExpect(method(HttpMethod.GET))
-				.andExpect(header(VaultHttpHeaders.VAULT_TOKEN, "hello"))
-				.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON)
-						.body("{\"data\":{\"mytoken\":\"058222ef-9ab9-ff39-f087-9d5bee64e46d\"} }"));
+		this.mockRest.expect(requestTo("/cubbyhole/token"))
+			.andExpect(method(HttpMethod.GET))
+			.andExpect(header(VaultHttpHeaders.VAULT_TOKEN, "hello"))
+			.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON)
+				.body("{\"data\":{\"mytoken\":\"058222ef-9ab9-ff39-f087-9d5bee64e46d\"} }"));
 
 		CubbyholeAuthenticationOptions options = CubbyholeAuthenticationOptions.builder()
-				.initialToken(VaultToken.of("hello")).path("cubbyhole/token").selfLookup(false).build();
+			.initialToken(VaultToken.of("hello"))
+			.path("cubbyhole/token")
+			.selfLookup(false)
+			.build();
 
 		CubbyholeAuthentication authentication = new CubbyholeAuthentication(options, this.restTemplate);
 
@@ -169,18 +184,23 @@ void shouldLoginUsingStoredLogin() {
 	@Test
 	void shouldRetrieveRenewabilityUsingStoredLogin() {
 
-		this.mockRest.expect(requestTo("/cubbyhole/token")).andExpect(method(HttpMethod.GET))
-				.andExpect(header(VaultHttpHeaders.VAULT_TOKEN, "hello"))
-				.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON)
-						.body("{\"data\":{\"mytoken\":\"058222ef-9ab9-ff39-f087-9d5bee64e46d\"} }"));
+		this.mockRest.expect(requestTo("/cubbyhole/token"))
+			.andExpect(method(HttpMethod.GET))
+			.andExpect(header(VaultHttpHeaders.VAULT_TOKEN, "hello"))
+			.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON)
+				.body("{\"data\":{\"mytoken\":\"058222ef-9ab9-ff39-f087-9d5bee64e46d\"} }"));
 
-		this.mockRest.expect(requestTo("/auth/token/lookup-self")).andExpect(method(HttpMethod.GET))
-				.andExpect(header(VaultHttpHeaders.VAULT_TOKEN, "058222ef-9ab9-ff39-f087-9d5bee64e46d"))
-				.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON).body("{\"data\": {\n"
-						+ "    \"creation_ttl\": 600,\n" + "    \"renewable\": true,\n" + "    \"ttl\": 456} }"));
+		this.mockRest.expect(requestTo("/auth/token/lookup-self"))
+			.andExpect(method(HttpMethod.GET))
+			.andExpect(header(VaultHttpHeaders.VAULT_TOKEN, "058222ef-9ab9-ff39-f087-9d5bee64e46d"))
+			.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON)
+				.body("{\"data\": {\n" + "    \"creation_ttl\": 600,\n" + "    \"renewable\": true,\n"
+						+ "    \"ttl\": 456} }"));
 
 		CubbyholeAuthenticationOptions options = CubbyholeAuthenticationOptions.builder()
-				.initialToken(VaultToken.of("hello")).path("cubbyhole/token").build();
+			.initialToken(VaultToken.of("hello"))
+			.path("cubbyhole/token")
+			.build();
 
 		CubbyholeAuthentication authentication = new CubbyholeAuthentication(options, this.restTemplate);
 
@@ -197,12 +217,15 @@ void shouldRetrieveRenewabilityUsingStoredLogin() {
 	@Test
 	void shouldFailUsingStoredLoginNoData() {
 
-		this.mockRest.expect(requestTo("/cubbyhole/token")).andExpect(method(HttpMethod.GET))
-				.andExpect(header(VaultHttpHeaders.VAULT_TOKEN, "hello"))
-				.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON).body("{\"data\":{} }"));
+		this.mockRest.expect(requestTo("/cubbyhole/token"))
+			.andExpect(method(HttpMethod.GET))
+			.andExpect(header(VaultHttpHeaders.VAULT_TOKEN, "hello"))
+			.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON).body("{\"data\":{} }"));
 
 		CubbyholeAuthenticationOptions options = CubbyholeAuthenticationOptions.builder()
-				.initialToken(VaultToken.of("hello")).path("cubbyhole/token").build();
+			.initialToken(VaultToken.of("hello"))
+			.path("cubbyhole/token")
+			.build();
 
 		CubbyholeAuthentication authentication = new CubbyholeAuthentication(options, this.restTemplate);
 
@@ -218,12 +241,16 @@ void shouldFailUsingStoredLoginNoData() {
 	@Test
 	void shouldFailUsingStoredMultipleEntries() {
 
-		this.mockRest.expect(requestTo("/cubbyhole/token")).andExpect(method(HttpMethod.GET))
-				.andExpect(header(VaultHttpHeaders.VAULT_TOKEN, "hello")).andRespond(withSuccess()
-						.contentType(MediaType.APPLICATION_JSON).body("{\"data\":{\"key1\":1, \"key2\":2} }"));
+		this.mockRest.expect(requestTo("/cubbyhole/token"))
+			.andExpect(method(HttpMethod.GET))
+			.andExpect(header(VaultHttpHeaders.VAULT_TOKEN, "hello"))
+			.andRespond(
+					withSuccess().contentType(MediaType.APPLICATION_JSON).body("{\"data\":{\"key1\":1, \"key2\":2} }"));
 
 		CubbyholeAuthenticationOptions options = CubbyholeAuthenticationOptions.builder()
-				.initialToken(VaultToken.of("hello")).path("cubbyhole/token").build();
+			.initialToken(VaultToken.of("hello"))
+			.path("cubbyhole/token")
+			.build();
 
 		CubbyholeAuthentication authentication = new CubbyholeAuthentication(options, this.restTemplate);
 
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/authentication/GcpComputeAuthenticationUnitTests.java b/spring-vault-core/src/test/java/org/springframework/vault/authentication/GcpComputeAuthenticationUnitTests.java
index ec9b72910..62a77a091 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/authentication/GcpComputeAuthenticationUnitTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/authentication/GcpComputeAuthenticationUnitTests.java
@@ -56,14 +56,16 @@ private void setupMocks() {
 
 		this.mockRest.expect(requestTo(
 				"http://metadata/computeMetadata/v1/instance/service-accounts/default/identity?audience=https://localhost:8200/vault/dev-role&format=full"))
-				.andExpect(method(HttpMethod.GET))
-				.andRespond(withSuccess().contentType(MediaType.TEXT_PLAIN).body("my-jwt"));
-
-		this.mockRest.expect(requestTo("/auth/gcp/login")).andExpect(method(HttpMethod.POST))
-				.andExpect(jsonPath("$.role").value("dev-role")).andExpect(jsonPath("$.jwt").value("my-jwt"))
-				.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON).body(
-						"{" + "\"auth\":{\"client_token\":\"my-token\", \"renewable\": true, \"lease_duration\": 10}"
-								+ "}"));
+			.andExpect(method(HttpMethod.GET))
+			.andRespond(withSuccess().contentType(MediaType.TEXT_PLAIN).body("my-jwt"));
+
+		this.mockRest.expect(requestTo("/auth/gcp/login"))
+			.andExpect(method(HttpMethod.POST))
+			.andExpect(jsonPath("$.role").value("dev-role"))
+			.andExpect(jsonPath("$.jwt").value("my-jwt"))
+			.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON)
+				.body("{" + "\"auth\":{\"client_token\":\"my-token\", \"renewable\": true, \"lease_duration\": 10}"
+						+ "}"));
 	}
 
 	@Test
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/authentication/GcpIamAuthenticationOptionsBuilderUnitTests.java b/spring-vault-core/src/test/java/org/springframework/vault/authentication/GcpIamAuthenticationOptionsBuilderUnitTests.java
index 85e611e9b..45ceb89cd 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/authentication/GcpIamAuthenticationOptionsBuilderUnitTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/authentication/GcpIamAuthenticationOptionsBuilderUnitTests.java
@@ -35,8 +35,10 @@ void shouldDefaultToCredentialServiceAccountId() {
 
 		GoogleCredential credential = createGoogleCredential();
 
-		GcpIamAuthenticationOptions options = GcpIamAuthenticationOptions.builder().credential(credential).role("foo")
-				.build();
+		GcpIamAuthenticationOptions options = GcpIamAuthenticationOptions.builder()
+			.credential(credential)
+			.role("foo")
+			.build();
 
 		assertThat(options.getServiceAccountIdAccessor().getServiceAccountId(credential)).isEqualTo("hello@world");
 	}
@@ -46,8 +48,11 @@ void shouldAllowServiceAccountIdOverride() {
 
 		GoogleCredential credential = createGoogleCredential();
 
-		GcpIamAuthenticationOptions options = GcpIamAuthenticationOptions.builder().credential(credential)
-				.serviceAccountId("override@foo.com").role("foo").build();
+		GcpIamAuthenticationOptions options = GcpIamAuthenticationOptions.builder()
+			.credential(credential)
+			.serviceAccountId("override@foo.com")
+			.role("foo")
+			.build();
 
 		assertThat(options.getServiceAccountIdAccessor().getServiceAccountId(credential)).isEqualTo("override@foo.com");
 	}
@@ -57,9 +62,11 @@ void shouldAllowServiceAccountIdProviderOverride() {
 
 		GoogleCredential credential = createGoogleCredential();
 
-		GcpIamAuthenticationOptions options = GcpIamAuthenticationOptions.builder().credential(credential)
-				.serviceAccountIdAccessor((GoogleCredential googleCredential) -> "override@foo.com").role("foo")
-				.build();
+		GcpIamAuthenticationOptions options = GcpIamAuthenticationOptions.builder()
+			.credential(credential)
+			.serviceAccountIdAccessor((GoogleCredential googleCredential) -> "override@foo.com")
+			.role("foo")
+			.build();
 
 		assertThat(options.getServiceAccountIdAccessor().getServiceAccountId(credential)).isEqualTo("override@foo.com");
 	}
@@ -69,8 +76,10 @@ void shouldDefaultToCredentialProjectId() {
 
 		GoogleCredential credential = createGoogleCredential();
 
-		GcpIamAuthenticationOptions options = GcpIamAuthenticationOptions.builder().credential(credential).role("foo")
-				.build();
+		GcpIamAuthenticationOptions options = GcpIamAuthenticationOptions.builder()
+			.credential(credential)
+			.role("foo")
+			.build();
 
 		assertThat(options.getProjectIdAccessor().getProjectId(credential)).isEqualTo("project-id");
 	}
@@ -80,8 +89,11 @@ void shouldAllowProjectIdOverride() {
 
 		GoogleCredential credential = createGoogleCredential();
 
-		GcpIamAuthenticationOptions options = GcpIamAuthenticationOptions.builder().credential(credential)
-				.projectId("my-project").role("foo").build();
+		GcpIamAuthenticationOptions options = GcpIamAuthenticationOptions.builder()
+			.credential(credential)
+			.projectId("my-project")
+			.role("foo")
+			.build();
 
 		assertThat(options.getProjectIdAccessor().getProjectId(credential)).isEqualTo("my-project");
 	}
@@ -91,8 +103,11 @@ void shouldAllowProjectIdProviderOverride() {
 
 		GoogleCredential credential = createGoogleCredential();
 
-		GcpIamAuthenticationOptions options = GcpIamAuthenticationOptions.builder().credential(credential)
-				.projectIdAccessor((GoogleCredential googleCredential) -> "my-project").role("foo").build();
+		GcpIamAuthenticationOptions options = GcpIamAuthenticationOptions.builder()
+			.credential(credential)
+			.projectIdAccessor((GoogleCredential googleCredential) -> "my-project")
+			.role("foo")
+			.build();
 
 		assertThat(options.getProjectIdAccessor().getProjectId(credential)).isEqualTo("my-project");
 	}
@@ -100,8 +115,10 @@ void shouldAllowProjectIdProviderOverride() {
 	private static GoogleCredential createGoogleCredential() {
 
 		GoogleCredential credential = new GoogleCredential.Builder().setServiceAccountId("hello@world")
-				.setServiceAccountProjectId("project-id").setServiceAccountPrivateKey(mock(PrivateKey.class))
-				.setServiceAccountPrivateKeyId("key-id").build();
+			.setServiceAccountProjectId("project-id")
+			.setServiceAccountPrivateKey(mock(PrivateKey.class))
+			.setServiceAccountPrivateKeyId("key-id")
+			.build();
 
 		credential.setAccessToken("foobar");
 
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/authentication/GcpIamAuthenticationUnitTests.java b/spring-vault-core/src/test/java/org/springframework/vault/authentication/GcpIamAuthenticationUnitTests.java
index d49f9b37f..fd2e8cbee 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/authentication/GcpIamAuthenticationUnitTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/authentication/GcpIamAuthenticationUnitTests.java
@@ -68,25 +68,31 @@ void before() {
 	@Test
 	void shouldLogin() throws NoSuchAlgorithmException {
 
-		this.mockRest.expect(requestTo("/auth/gcp/login")).andExpect(method(HttpMethod.POST))
-				.andExpect(jsonPath("$.role").value("dev-role")).andExpect(jsonPath("$.jwt").value("my-jwt"))
-				.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON).body(
-						"{" + "\"auth\":{\"client_token\":\"my-token\", \"renewable\": true, \"lease_duration\": 10}"
-								+ "}"));
+		this.mockRest.expect(requestTo("/auth/gcp/login"))
+			.andExpect(method(HttpMethod.POST))
+			.andExpect(jsonPath("$.role").value("dev-role"))
+			.andExpect(jsonPath("$.jwt").value("my-jwt"))
+			.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON)
+				.body("{" + "\"auth\":{\"client_token\":\"my-token\", \"renewable\": true, \"lease_duration\": 10}"
+						+ "}"));
 
 		KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");
 		keyGen.initialize(1024);
 		KeyPair key = keyGen.generateKeyPair();
 
 		GoogleCredential credential = new MockGoogleCredential.Builder().setServiceAccountId("hello@world")
-				.setServiceAccountProjectId("foobar").setServiceAccountPrivateKey(key.getPrivate())
-				.setServiceAccountPrivateKeyId("key-id").setJsonFactory(new GsonFactory())
-				.setTransport(new MockHttpTransport.Builder().setLowLevelHttpResponse(createMockHttpResponse()).build())
-				.build();
+			.setServiceAccountProjectId("foobar")
+			.setServiceAccountPrivateKey(key.getPrivate())
+			.setServiceAccountPrivateKeyId("key-id")
+			.setJsonFactory(new GsonFactory())
+			.setTransport(new MockHttpTransport.Builder().setLowLevelHttpResponse(createMockHttpResponse()).build())
+			.build();
 		credential.setAccessToken("foobar");
 
-		GcpIamAuthenticationOptions options = GcpIamAuthenticationOptions.builder().role("dev-role")
-				.credential(credential).build();
+		GcpIamAuthenticationOptions options = GcpIamAuthenticationOptions.builder()
+			.role("dev-role")
+			.credential(credential)
+			.build();
 		GcpIamAuthentication authentication = new GcpIamAuthentication(options, this.restTemplate,
 				new MockHttpTransport.Builder().setLowLevelHttpResponse(createMockHttpResponse()).build());
 
@@ -112,12 +118,16 @@ void shouldCreateNewGcpIamObjectInstance() throws GeneralSecurityException, IOEx
 
 		PrivateKey privateKeyMock = mock(PrivateKey.class);
 		GoogleCredential credential = new Builder().setServiceAccountId("hello@world")
-				.setServiceAccountProjectId("foobar").setServiceAccountPrivateKey(privateKeyMock)
-				.setServiceAccountPrivateKeyId("key-id").build();
+			.setServiceAccountProjectId("foobar")
+			.setServiceAccountPrivateKey(privateKeyMock)
+			.setServiceAccountPrivateKeyId("key-id")
+			.build();
 		credential.setAccessToken("foobar");
 
-		GcpIamAuthenticationOptions options = GcpIamAuthenticationOptions.builder().role("dev-role")
-				.credential(credential).build();
+		GcpIamAuthenticationOptions options = GcpIamAuthenticationOptions.builder()
+			.role("dev-role")
+			.credential(credential)
+			.build();
 
 		new GcpIamAuthentication(options, this.restTemplate);
 	}
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/authentication/GcpIamCredentialsAuthenticationOptionsBuilderUnitTests.java b/spring-vault-core/src/test/java/org/springframework/vault/authentication/GcpIamCredentialsAuthenticationOptionsBuilderUnitTests.java
index 4e29c1920..d3a58a2fc 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/authentication/GcpIamCredentialsAuthenticationOptionsBuilderUnitTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/authentication/GcpIamCredentialsAuthenticationOptionsBuilderUnitTests.java
@@ -40,7 +40,9 @@ void shouldDefaultToCredentialServiceAccountId() {
 		ServiceAccountCredentials credentials = createServiceAccountCredentials();
 
 		GcpIamCredentialsAuthenticationOptions options = GcpIamCredentialsAuthenticationOptions.builder()
-				.credentials(credentials).role("foo").build();
+			.credentials(credentials)
+			.role("foo")
+			.build();
 
 		assertThat(options.getServiceAccountIdAccessor().getServiceAccountId(credentials)).isEqualTo("hello@world");
 	}
@@ -51,7 +53,10 @@ void shouldAllowServiceAccountIdOverride() {
 		ServiceAccountCredentials credential = createServiceAccountCredentials();
 
 		GcpIamCredentialsAuthenticationOptions options = GcpIamCredentialsAuthenticationOptions.builder()
-				.credentials(credential).serviceAccountId("override@foo.com").role("foo").build();
+			.credentials(credential)
+			.serviceAccountId("override@foo.com")
+			.role("foo")
+			.build();
 
 		assertThat(options.getServiceAccountIdAccessor().getServiceAccountId(credential)).isEqualTo("override@foo.com");
 	}
@@ -62,17 +67,22 @@ void shouldAllowServiceAccountIdProviderOverride() {
 		ServiceAccountCredentials credential = createServiceAccountCredentials();
 
 		GcpIamCredentialsAuthenticationOptions options = GcpIamCredentialsAuthenticationOptions.builder()
-				.credentials(credential)
-				.serviceAccountIdAccessor((GoogleCredentials googleCredential) -> "override@foo.com").role("foo")
-				.build();
+			.credentials(credential)
+			.serviceAccountIdAccessor((GoogleCredentials googleCredential) -> "override@foo.com")
+			.role("foo")
+			.build();
 
 		assertThat(options.getServiceAccountIdAccessor().getServiceAccountId(credential)).isEqualTo("override@foo.com");
 	}
 
 	private static ServiceAccountCredentials createServiceAccountCredentials() {
-		return (ServiceAccountCredentials) ServiceAccountCredentials.newBuilder().setClientEmail("hello@world")
-				.setProjectId("project-id").setPrivateKey(mock(PrivateKey.class)).setPrivateKeyId("key-id")
-				.setAccessToken(new AccessToken("foobar", new Date())).build();
+		return (ServiceAccountCredentials) ServiceAccountCredentials.newBuilder()
+			.setClientEmail("hello@world")
+			.setProjectId("project-id")
+			.setPrivateKey(mock(PrivateKey.class))
+			.setPrivateKeyId("key-id")
+			.setAccessToken(new AccessToken("foobar", new Date()))
+			.build();
 	}
 
 }
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/authentication/GcpIamCredentialsAuthenticationUnitTests.java b/spring-vault-core/src/test/java/org/springframework/vault/authentication/GcpIamCredentialsAuthenticationUnitTests.java
index ed17ae2f9..59c5e11ac 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/authentication/GcpIamCredentialsAuthenticationUnitTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/authentication/GcpIamCredentialsAuthenticationUnitTests.java
@@ -83,19 +83,20 @@ void before() throws IOException {
 		this.restTemplate = restTemplate;
 
 		String serverName = InProcessServerBuilder.generateName();
-		this.server = InProcessServerBuilder.forName(serverName).directExecutor()
-				.addService(ServerServiceDefinition.builder("google.iam.credentials.v1.IAMCredentials")
-						.addMethod(
-								MethodDescriptor
-										.newBuilder(ProtoLiteUtils.marshaller(SignJwtRequest.getDefaultInstance()),
-												ProtoLiteUtils.marshaller(SignJwtResponse.getDefaultInstance()))
-										.setType(MethodDescriptor.MethodType.UNARY)
-										.setFullMethodName("google.iam.credentials.v1.IAMCredentials/SignJwt").build(),
-								asyncUnaryCall((request, responseObserver) -> {
-									this.serverCall.invoke(request, responseObserver);
-								}))
-						.build())
-				.build().start();
+		this.server = InProcessServerBuilder.forName(serverName)
+			.directExecutor()
+			.addService(ServerServiceDefinition.builder("google.iam.credentials.v1.IAMCredentials")
+				.addMethod(MethodDescriptor
+					.newBuilder(ProtoLiteUtils.marshaller(SignJwtRequest.getDefaultInstance()),
+							ProtoLiteUtils.marshaller(SignJwtResponse.getDefaultInstance()))
+					.setType(MethodDescriptor.MethodType.UNARY)
+					.setFullMethodName("google.iam.credentials.v1.IAMCredentials/SignJwt")
+					.build(), asyncUnaryCall((request, responseObserver) -> {
+						this.serverCall.invoke(request, responseObserver);
+					}))
+				.build())
+			.build()
+			.start();
 		this.managedChannel = InProcessChannelBuilder.forName(serverName).directExecutor().build();
 	}
 
@@ -107,26 +108,35 @@ void after() {
 	@Test
 	void shouldLogin() {
 		this.serverCall = ((request, responseObserver) -> {
-			SignJwtResponse signJwtResponse = SignJwtResponse.newBuilder().setSignedJwt("my-jwt").setKeyId("key-id")
-					.build();
+			SignJwtResponse signJwtResponse = SignJwtResponse.newBuilder()
+				.setSignedJwt("my-jwt")
+				.setKeyId("key-id")
+				.build();
 			responseObserver.onNext(signJwtResponse);
 			responseObserver.onCompleted();
 		});
 
-		this.mockRest.expect(requestTo("/auth/gcp/login")).andExpect(method(HttpMethod.POST))
-				.andExpect(jsonPath("$.role").value("dev-role")).andExpect(jsonPath("$.jwt").value("my-jwt"))
-				.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON).body(
-						"{" + "\"auth\":{\"client_token\":\"my-token\", \"renewable\": true, \"lease_duration\": 10}"
-								+ "}"));
+		this.mockRest.expect(requestTo("/auth/gcp/login"))
+			.andExpect(method(HttpMethod.POST))
+			.andExpect(jsonPath("$.role").value("dev-role"))
+			.andExpect(jsonPath("$.jwt").value("my-jwt"))
+			.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON)
+				.body("{" + "\"auth\":{\"client_token\":\"my-token\", \"renewable\": true, \"lease_duration\": 10}"
+						+ "}"));
 
 		PrivateKey privateKeyMock = mock(PrivateKey.class);
 		ServiceAccountCredentials credential = (ServiceAccountCredentials) ServiceAccountCredentials.newBuilder()
-				.setClientEmail("hello@world").setProjectId("foobar").setPrivateKey(privateKeyMock)
-				.setPrivateKeyId("key-id")
-				.setAccessToken(new AccessToken("foobar", Date.from(Instant.now().plus(1, ChronoUnit.DAYS)))).build();
+			.setClientEmail("hello@world")
+			.setProjectId("foobar")
+			.setPrivateKey(privateKeyMock)
+			.setPrivateKeyId("key-id")
+			.setAccessToken(new AccessToken("foobar", Date.from(Instant.now().plus(1, ChronoUnit.DAYS))))
+			.build();
 
 		GcpIamCredentialsAuthenticationOptions options = GcpIamCredentialsAuthenticationOptions.builder()
-				.role("dev-role").credentials(credential).build();
+			.role("dev-role")
+			.credentials(credential)
+			.build();
 		GcpIamCredentialsAuthentication authentication = new GcpIamCredentialsAuthentication(options, this.restTemplate,
 				FixedTransportChannelProvider.create(GrpcTransportChannel.create(managedChannel)));
 
@@ -145,12 +155,17 @@ void shouldCreateNewGcpIamObjectInstance() {
 
 		PrivateKey privateKeyMock = mock(PrivateKey.class);
 		ServiceAccountCredentials credential = (ServiceAccountCredentials) ServiceAccountCredentials.newBuilder()
-				.setClientEmail("hello@world").setProjectId("foobar").setPrivateKey(privateKeyMock)
-				.setPrivateKeyId("key-id")
-				.setAccessToken(new AccessToken("foobar", Date.from(Instant.now().plus(1, ChronoUnit.DAYS)))).build();
+			.setClientEmail("hello@world")
+			.setProjectId("foobar")
+			.setPrivateKey(privateKeyMock)
+			.setPrivateKeyId("key-id")
+			.setAccessToken(new AccessToken("foobar", Date.from(Instant.now().plus(1, ChronoUnit.DAYS))))
+			.build();
 
 		GcpIamCredentialsAuthenticationOptions options = GcpIamCredentialsAuthenticationOptions.builder()
-				.role("dev-role").credentials(credential).build();
+			.role("dev-role")
+			.credentials(credential)
+			.build();
 
 		new GcpIamCredentialsAuthentication(options, this.restTemplate);
 	}
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/authentication/KubernetesAuthenticationIntegrationTests.java b/spring-vault-core/src/test/java/org/springframework/vault/authentication/KubernetesAuthenticationIntegrationTests.java
index 84bb9863f..5697bb0e6 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/authentication/KubernetesAuthenticationIntegrationTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/authentication/KubernetesAuthenticationIntegrationTests.java
@@ -42,8 +42,10 @@ void shouldLoginSuccessfully() {
 
 		File tokenFile = new File(findWorkDir(), "minikube/hello-minikube-token");
 
-		KubernetesAuthenticationOptions options = KubernetesAuthenticationOptions.builder().role("my-role")
-				.jwtSupplier(new KubernetesServiceAccountTokenFile(tokenFile)).build();
+		KubernetesAuthenticationOptions options = KubernetesAuthenticationOptions.builder()
+			.role("my-role")
+			.jwtSupplier(new KubernetesServiceAccountTokenFile(tokenFile))
+			.build();
 
 		RestTemplate restTemplate = TestRestTemplateFactory.create(Settings.createSslConfiguration());
 
@@ -58,13 +60,15 @@ void loginShouldFailBadRole() {
 
 		File tokenFile = new File(findWorkDir(), "minikube/hello-minikube-token");
 
-		KubernetesAuthenticationOptions options = KubernetesAuthenticationOptions.builder().role("wrong")
-				.jwtSupplier(new KubernetesServiceAccountTokenFile(tokenFile)).build();
+		KubernetesAuthenticationOptions options = KubernetesAuthenticationOptions.builder()
+			.role("wrong")
+			.jwtSupplier(new KubernetesServiceAccountTokenFile(tokenFile))
+			.build();
 
 		RestTemplate restTemplate = TestRestTemplateFactory.create(Settings.createSslConfiguration());
 
 		assertThatExceptionOfType(VaultException.class)
-				.isThrownBy(() -> new KubernetesAuthentication(options, restTemplate).login());
+			.isThrownBy(() -> new KubernetesAuthentication(options, restTemplate).login());
 	}
 
 	@Test
@@ -72,13 +76,15 @@ void loginShouldFailBadToken() {
 
 		ClassPathResource tokenResource = new ClassPathResource("kube-jwt-token");
 
-		KubernetesAuthenticationOptions options = KubernetesAuthenticationOptions.builder().role("my-role")
-				.jwtSupplier(new KubernetesServiceAccountTokenFile(tokenResource)).build();
+		KubernetesAuthenticationOptions options = KubernetesAuthenticationOptions.builder()
+			.role("my-role")
+			.jwtSupplier(new KubernetesServiceAccountTokenFile(tokenResource))
+			.build();
 
 		RestTemplate restTemplate = TestRestTemplateFactory.create(Settings.createSslConfiguration());
 
 		assertThatExceptionOfType(VaultException.class)
-				.isThrownBy(() -> new KubernetesAuthentication(options, restTemplate).login());
+			.isThrownBy(() -> new KubernetesAuthentication(options, restTemplate).login());
 	}
 
 }
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/authentication/KubernetesAuthenticationStepsIntegrationTests.java b/spring-vault-core/src/test/java/org/springframework/vault/authentication/KubernetesAuthenticationStepsIntegrationTests.java
index 88d810358..8fad62760 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/authentication/KubernetesAuthenticationStepsIntegrationTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/authentication/KubernetesAuthenticationStepsIntegrationTests.java
@@ -40,8 +40,10 @@ void shouldLoginSuccessfully() {
 
 		File tokenFile = new File(findWorkDir(), "minikube/hello-minikube-token");
 
-		KubernetesAuthenticationOptions options = KubernetesAuthenticationOptions.builder().role("my-role")
-				.jwtSupplier(new KubernetesServiceAccountTokenFile(tokenFile)).build();
+		KubernetesAuthenticationOptions options = KubernetesAuthenticationOptions.builder()
+			.role("my-role")
+			.jwtSupplier(new KubernetesServiceAccountTokenFile(tokenFile))
+			.build();
 
 		RestTemplate restTemplate = TestRestTemplateFactory.create(Settings.createSslConfiguration());
 
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/authentication/KubernetesAuthenticationUnitTests.java b/spring-vault-core/src/test/java/org/springframework/vault/authentication/KubernetesAuthenticationUnitTests.java
index a67e15183..4131e25c0 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/authentication/KubernetesAuthenticationUnitTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/authentication/KubernetesAuthenticationUnitTests.java
@@ -60,13 +60,17 @@ void before() {
 	@Test
 	void loginShouldObtainTokenWithStaticJwtSupplier() {
 
-		KubernetesAuthenticationOptions options = KubernetesAuthenticationOptions.builder().role("hello") //
-				.jwtSupplier(() -> "my-jwt-token").build();
-
-		this.mockRest.expect(requestTo("/auth/kubernetes/login")).andExpect(method(HttpMethod.POST))
-				.andExpect(jsonPath("$.role").value("hello")).andExpect(jsonPath("$.jwt").value("my-jwt-token"))
-				.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON)
-						.body("{" + "\"auth\":{\"client_token\":\"my-token\"}" + "}"));
+		KubernetesAuthenticationOptions options = KubernetesAuthenticationOptions.builder()
+			.role("hello") //
+			.jwtSupplier(() -> "my-jwt-token")
+			.build();
+
+		this.mockRest.expect(requestTo("/auth/kubernetes/login"))
+			.andExpect(method(HttpMethod.POST))
+			.andExpect(jsonPath("$.role").value("hello"))
+			.andExpect(jsonPath("$.jwt").value("my-jwt-token"))
+			.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON)
+				.body("{" + "\"auth\":{\"client_token\":\"my-token\"}" + "}"));
 
 		KubernetesAuthentication authentication = new KubernetesAuthentication(options, this.restTemplate);
 
@@ -78,29 +82,35 @@ void loginShouldObtainTokenWithStaticJwtSupplier() {
 	@Test
 	void loginShouldFail() {
 
-		KubernetesAuthenticationOptions options = KubernetesAuthenticationOptions.builder().role("hello")
-				.jwtSupplier(() -> "my-jwt-token").build();
+		KubernetesAuthenticationOptions options = KubernetesAuthenticationOptions.builder()
+			.role("hello")
+			.jwtSupplier(() -> "my-jwt-token")
+			.build();
 
 		this.mockRest.expect(requestTo("/auth/kubernetes/login")) //
-				.andRespond(withServerError());
+			.andRespond(withServerError());
 
 		assertThatExceptionOfType(VaultException.class)
-				.isThrownBy(() -> new KubernetesAuthentication(options, this.restTemplate).login());
+			.isThrownBy(() -> new KubernetesAuthentication(options, this.restTemplate).login());
 	}
 
 	@Test
 	void shouldReuseCachedToken() {
 
 		AtomicReference<String> token = new AtomicReference<>("foo");
-		KubernetesAuthenticationOptions options = KubernetesAuthenticationOptions.builder().role("hello") //
-				.jwtSupplier(((KubernetesJwtSupplier) token::get).cached()).build();
+		KubernetesAuthenticationOptions options = KubernetesAuthenticationOptions.builder()
+			.role("hello") //
+			.jwtSupplier(((KubernetesJwtSupplier) token::get).cached())
+			.build();
 
 		token.set("bar");
 
-		this.mockRest.expect(requestTo("/auth/kubernetes/login")).andExpect(method(HttpMethod.POST))
-				.andExpect(jsonPath("$.role").value("hello")).andExpect(jsonPath("$.jwt").value("foo"))
-				.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON)
-						.body("{" + "\"auth\":{\"client_token\":\"my-token\"}" + "}"));
+		this.mockRest.expect(requestTo("/auth/kubernetes/login"))
+			.andExpect(method(HttpMethod.POST))
+			.andExpect(jsonPath("$.role").value("hello"))
+			.andExpect(jsonPath("$.jwt").value("foo"))
+			.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON)
+				.body("{" + "\"auth\":{\"client_token\":\"my-token\"}" + "}"));
 
 		KubernetesAuthentication authentication = new KubernetesAuthentication(options, this.restTemplate);
 
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/authentication/LifecycleAwareSessionManagerIntegrationTests.java b/spring-vault-core/src/test/java/org/springframework/vault/authentication/LifecycleAwareSessionManagerIntegrationTests.java
index a17775b0a..2ae29c4b7 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/authentication/LifecycleAwareSessionManagerIntegrationTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/authentication/LifecycleAwareSessionManagerIntegrationTests.java
@@ -73,9 +73,10 @@ void shouldRenewToken() {
 		VaultTokenOperations tokenOperations = prepare().getVaultOperations().opsForToken();
 
 		VaultTokenRequest tokenRequest = VaultTokenRequest.builder() //
-				.renewable().ttl(1, TimeUnit.HOURS) //
-				.explicitMaxTtl(10, TimeUnit.HOURS) //
-				.build();
+			.renewable()
+			.ttl(1, TimeUnit.HOURS) //
+			.explicitMaxTtl(10, TimeUnit.HOURS) //
+			.build();
 
 		VaultToken token = tokenOperations.create(tokenRequest).getToken();
 
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/authentication/LifecycleAwareSessionManagerUnitTests.java b/spring-vault-core/src/test/java/org/springframework/vault/authentication/LifecycleAwareSessionManagerUnitTests.java
index 142c0a87a..0deddc422 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/authentication/LifecycleAwareSessionManagerUnitTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/authentication/LifecycleAwareSessionManagerUnitTests.java
@@ -117,7 +117,7 @@ void shouldSelfLookupToken() {
 		when(this.clientAuthentication.login()).thenReturn(VaultToken.of("login"));
 
 		when(this.restOperations.exchange(anyString(), any(), any(), ArgumentMatchers.<Class>any()))
-				.thenReturn(new ResponseEntity<>(vaultResponse, HttpStatus.OK));
+			.thenReturn(new ResponseEntity<>(vaultResponse, HttpStatus.OK));
 
 		LoginToken sessionToken = (LoginToken) this.sessionManager.getSessionToken();
 		assertThat(sessionToken.getLeaseDuration()).isEqualTo(Duration.ofSeconds(100));
@@ -140,7 +140,7 @@ void shouldContinueIfSelfLookupFails() {
 		when(this.clientAuthentication.login()).thenReturn(VaultToken.of("login"));
 
 		when(this.restOperations.exchange(anyString(), any(), any(), ArgumentMatchers.<Class>any()))
-				.thenThrow(new HttpClientErrorException(HttpStatus.FORBIDDEN));
+			.thenThrow(new HttpClientErrorException(HttpStatus.FORBIDDEN));
 
 		VaultToken sessionToken = this.sessionManager.getSessionToken();
 		assertThat(sessionToken).isExactlyInstanceOf(VaultToken.class);
@@ -375,7 +375,7 @@ void shouldUseTaskScheduler() {
 				this.restOperations);
 
 		when(this.clientAuthentication.login())
-				.thenReturn(LoginToken.renewable("login".toCharArray(), Duration.ofSeconds(5)));
+			.thenReturn(LoginToken.renewable("login".toCharArray(), Duration.ofSeconds(5)));
 
 		ArgumentCaptor<Trigger> triggerCaptor = ArgumentCaptor.forClass(Trigger.class);
 
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/authentication/LoginTokenAdapterUnitTests.java b/spring-vault-core/src/test/java/org/springframework/vault/authentication/LoginTokenAdapterUnitTests.java
index 3e47b929e..ca90b02ea 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/authentication/LoginTokenAdapterUnitTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/authentication/LoginTokenAdapterUnitTests.java
@@ -56,10 +56,12 @@ void before() throws Exception {
 	@Test
 	void shouldSelfLookupToken() throws Exception {
 
-		this.mockRest.expect(requestTo("/auth/token/lookup-self")).andExpect(method(HttpMethod.GET))
-				.andExpect(header(VaultHttpHeaders.VAULT_TOKEN, "5e6332cf-f003-6369-8cba-5bce2330f6cc"))
-				.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON).body("{\"data\": {\n"
-						+ "    \"creation_ttl\": 600,\n" + "    \"renewable\": false,\n" + "    \"ttl\": 456} }"));
+		this.mockRest.expect(requestTo("/auth/token/lookup-self"))
+			.andExpect(method(HttpMethod.GET))
+			.andExpect(header(VaultHttpHeaders.VAULT_TOKEN, "5e6332cf-f003-6369-8cba-5bce2330f6cc"))
+			.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON)
+				.body("{\"data\": {\n" + "    \"creation_ttl\": 600,\n" + "    \"renewable\": false,\n"
+						+ "    \"ttl\": 456} }"));
 
 		LoginTokenAdapter adapter = new LoginTokenAdapter(
 				new TokenAuthentication("5e6332cf-f003-6369-8cba-5bce2330f6cc"), this.restTemplate);
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/authentication/LoginTokenUnitTests.java b/spring-vault-core/src/test/java/org/springframework/vault/authentication/LoginTokenUnitTests.java
index 4fb33d2c3..f1fab922b 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/authentication/LoginTokenUnitTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/authentication/LoginTokenUnitTests.java
@@ -41,11 +41,11 @@ void toStringShouldPrintFields() {
 
 		assertThat(LoginToken.of("token")).hasToString("LoginToken [renewable=false, leaseDuration=PT0S, type=null]");
 		assertThat(LoginToken.of("token".toCharArray(), Duration.ofSeconds(1)))
-				.hasToString("LoginToken [renewable=false, leaseDuration=PT1S, type=null]");
+			.hasToString("LoginToken [renewable=false, leaseDuration=PT1S, type=null]");
 		assertThat(LoginToken.renewable("token".toCharArray(), Duration.ofSeconds(1)))
-				.hasToString("LoginToken [renewable=true, leaseDuration=PT1S, type=null]");
+			.hasToString("LoginToken [renewable=true, leaseDuration=PT1S, type=null]");
 		assertThat(LoginToken.builder().token("foo").type("service").build())
-				.hasToString("LoginToken [renewable=false, leaseDuration=PT0S, type=service]");
+			.hasToString("LoginToken [renewable=false, leaseDuration=PT0S, type=service]");
 	}
 
 	@Test
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/authentication/PcfAuthenticationOptionsUnitTests.java b/spring-vault-core/src/test/java/org/springframework/vault/authentication/PcfAuthenticationOptionsUnitTests.java
index bd652f1b4..fc339554d 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/authentication/PcfAuthenticationOptionsUnitTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/authentication/PcfAuthenticationOptionsUnitTests.java
@@ -30,8 +30,8 @@ class PcfAuthenticationOptionsUnitTests {
 	void emptyEnvVariableShouldFailWithMeaningfulMessage() {
 
 		assertThatThrownBy(() -> PcfAuthenticationOptions.builder().role("my-role").build())
-				.isInstanceOf(IllegalStateException.class) //
-				.hasMessageContaining("Environment variable CF_INSTANCE_CERT not set");
+			.isInstanceOf(IllegalStateException.class) //
+			.hasMessageContaining("Environment variable CF_INSTANCE_CERT not set");
 	}
 
 }
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/authentication/PcfAuthenticationUnitTests.java b/spring-vault-core/src/test/java/org/springframework/vault/authentication/PcfAuthenticationUnitTests.java
index 8522f2005..a0891c987 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/authentication/PcfAuthenticationUnitTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/authentication/PcfAuthenticationUnitTests.java
@@ -89,11 +89,12 @@ void before() {
 	@Test
 	void loginShouldObtainToken() {
 
-		PcfAuthenticationOptions options = PcfAuthenticationOptions.builder().instanceCertificate(() -> "foo") //
-				.instanceKey(() -> this.instanceKey) //
-				.role("dev-role") //
-				.clock(this.clock) //
-				.build();
+		PcfAuthenticationOptions options = PcfAuthenticationOptions.builder()
+			.instanceCertificate(() -> "foo") //
+			.instanceKey(() -> this.instanceKey) //
+			.role("dev-role") //
+			.clock(this.clock) //
+			.build();
 
 		PcfAuthentication authentication = new PcfAuthentication(options, this.restTemplate);
 
@@ -107,11 +108,12 @@ void loginShouldObtainToken() {
 	@Test
 	void loginWithStepsShouldObtainToken() {
 
-		PcfAuthenticationOptions options = PcfAuthenticationOptions.builder().instanceCertificate(() -> "foo") //
-				.instanceKey(() -> this.instanceKey) //
-				.role("dev-role") //
-				.clock(this.clock) //
-				.build();
+		PcfAuthenticationOptions options = PcfAuthenticationOptions.builder()
+			.instanceCertificate(() -> "foo") //
+			.instanceKey(() -> this.instanceKey) //
+			.role("dev-role") //
+			.clock(this.clock) //
+			.build();
 
 		expectLoginRequest();
 
@@ -125,12 +127,14 @@ void loginWithStepsShouldObtainToken() {
 
 	private void expectLoginRequest() {
 
-		this.mockRest.expect(requestTo("/auth/pcf/login")).andExpect(method(HttpMethod.POST))
-				.andExpect(jsonPath("$.role").value("dev-role")).andExpect(jsonPath("$.signature").exists())
-				.andExpect(jsonPath("$.cf_instance_cert").value("foo"))
-				.andExpect(jsonPath("$.signing_time").value("2007-12-03T10:15:30Z"))
-				.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON)
-						.body("{" + "\"auth\":{\"client_token\":\"my-token\"}" + "}"));
+		this.mockRest.expect(requestTo("/auth/pcf/login"))
+			.andExpect(method(HttpMethod.POST))
+			.andExpect(jsonPath("$.role").value("dev-role"))
+			.andExpect(jsonPath("$.signature").exists())
+			.andExpect(jsonPath("$.cf_instance_cert").value("foo"))
+			.andExpect(jsonPath("$.signing_time").value("2007-12-03T10:15:30Z"))
+			.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON)
+				.body("{" + "\"auth\":{\"client_token\":\"my-token\"}" + "}"));
 	}
 
 }
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/authentication/ReactiveLifecycleAwareSessionManagerIntegrationTests.java b/spring-vault-core/src/test/java/org/springframework/vault/authentication/ReactiveLifecycleAwareSessionManagerIntegrationTests.java
index d59555a08..840a7e3f5 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/authentication/ReactiveLifecycleAwareSessionManagerIntegrationTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/authentication/ReactiveLifecycleAwareSessionManagerIntegrationTests.java
@@ -96,9 +96,9 @@ void shouldLogin() {
 				() -> Mono.just(loginToken), this.taskScheduler, prepare().getWebClient());
 
 		sessionManager.getVaultToken() //
-				.as(StepVerifier::create) //
-				.expectNext(loginToken) //
-				.verifyComplete();
+			.as(StepVerifier::create) //
+			.expectNext(loginToken) //
+			.verifyComplete();
 	}
 
 	// Expect no exception to be thrown.
@@ -108,9 +108,10 @@ void shouldRenewToken() {
 		VaultTokenOperations tokenOperations = prepare().getVaultOperations().opsForToken();
 
 		VaultTokenRequest tokenRequest = VaultTokenRequest.builder() //
-				.renewable().ttl(1, TimeUnit.HOURS) //
-				.explicitMaxTtl(10, TimeUnit.HOURS) //
-				.build();
+			.renewable()
+			.ttl(1, TimeUnit.HOURS) //
+			.explicitMaxTtl(10, TimeUnit.HOURS) //
+			.build();
 
 		VaultToken token = tokenOperations.create(tokenRequest).getToken();
 
@@ -133,13 +134,13 @@ public Mono<VaultToken> getVaultToken() throws VaultException {
 		};
 
 		sessionManager.getSessionToken() //
-				.as(StepVerifier::create) //
-				.expectNext(loginToken) //
-				.verifyComplete();
+			.as(StepVerifier::create) //
+			.expectNext(loginToken) //
+			.verifyComplete();
 		sessionManager.renewToken() //
-				.as(StepVerifier::create) //
-				.expectNext(loginToken) //
-				.verifyComplete();
+			.as(StepVerifier::create) //
+			.expectNext(loginToken) //
+			.verifyComplete();
 	}
 
 	@Test
@@ -152,9 +153,9 @@ void shouldRevokeOnDisposal() {
 				prepare().getWebClient());
 
 		sessionManager.getSessionToken() //
-				.as(StepVerifier::create) //
-				.expectNext(loginToken) //
-				.verifyComplete();
+			.as(StepVerifier::create) //
+			.expectNext(loginToken) //
+			.verifyComplete();
 		sessionManager.destroy();
 
 		prepare().getVaultOperations().doWithSession(restOperations -> {
@@ -182,9 +183,9 @@ void shouldRevokeToken() {
 				prepare().getWebClient());
 
 		sessionManager.getSessionToken() //
-				.as(StepVerifier::create) //
-				.expectNext(loginToken) //
-				.verifyComplete();
+			.as(StepVerifier::create) //
+			.expectNext(loginToken) //
+			.verifyComplete();
 		sessionManager.revokeNow();
 
 		prepare().getVaultOperations().doWithSession(restOperations -> {
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/authentication/ReactiveLifecycleAwareSessionManagerUnitTests.java b/spring-vault-core/src/test/java/org/springframework/vault/authentication/ReactiveLifecycleAwareSessionManagerUnitTests.java
index 5b108d98f..5c3aec540 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/authentication/ReactiveLifecycleAwareSessionManagerUnitTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/authentication/ReactiveLifecycleAwareSessionManagerUnitTests.java
@@ -138,9 +138,9 @@ void shouldObtainTokenFromClientAuthentication() {
 		mockToken(LoginToken.of("login"));
 
 		this.sessionManager.getSessionToken() //
-				.as(StepVerifier::create) //
-				.expectNext(LoginToken.of("login")) //
-				.verifyComplete();
+			.as(StepVerifier::create) //
+			.expectNext(LoginToken.of("login")) //
+			.verifyComplete();
 		verify(this.listener).onAuthenticationEvent(any(AfterLoginEvent.class));
 	}
 
@@ -188,14 +188,15 @@ void shouldContinueIfSelfLookupFails() {
 
 		mockToken(VaultToken.of("login"));
 
-		when(this.responseSpec.bodyToMono((Class) any())).thenReturn(
-				Mono.error(new WebClientResponseException("forbidden", 403, "Forbidden", null, null, null)));
+		when(this.responseSpec.bodyToMono((Class) any()))
+			.thenReturn(Mono.error(new WebClientResponseException("forbidden", 403, "Forbidden", null, null, null)));
 
 		this.sessionManager.getSessionToken() //
-				.as(StepVerifier::create) //
-				.assertNext(it -> {
-					assertThat(it).isExactlyInstanceOf(VaultToken.class);
-				}).verifyComplete();
+			.as(StepVerifier::create) //
+			.assertNext(it -> {
+				assertThat(it).isExactlyInstanceOf(VaultToken.class);
+			})
+			.verifyComplete();
 		verify(this.listener).onAuthenticationEvent(any(AfterLoginEvent.class));
 		verify(this.errorListener).onAuthenticationError(any());
 	}
@@ -205,8 +206,8 @@ void tokenRenewalShouldMapException() {
 
 		mockToken(LoginToken.renewable("foo".toCharArray(), Duration.ofMinutes(1)));
 
-		when(this.responseSpec.bodyToMono((Class) any())).thenReturn(Mono.error(
-				new WebClientResponseException("Some server error", 500, "Some server error", null, null, null)));
+		when(this.responseSpec.bodyToMono((Class) any())).thenReturn(Mono
+			.error(new WebClientResponseException("Some server error", 500, "Some server error", null, null, null)));
 
 		AtomicReference<AuthenticationErrorEvent> listener = new AtomicReference<>();
 		this.sessionManager.addErrorListener(listener::set);
@@ -214,8 +215,8 @@ void tokenRenewalShouldMapException() {
 		this.sessionManager.getVaultToken().as(StepVerifier::create).expectNextCount(1).verifyComplete();
 		this.sessionManager.renewToken().as(StepVerifier::create).verifyComplete();
 		assertThat(listener.get().getException()).isInstanceOf(VaultTokenRenewalException.class)
-				.hasCauseInstanceOf(WebClientResponseException.class)
-				.hasMessageContaining("Cannot renew token: Status 500 Some server error");
+			.hasCauseInstanceOf(WebClientResponseException.class)
+			.hasMessageContaining("Cannot renew token: Status 500 Some server error");
 
 	}
 
@@ -229,9 +230,9 @@ void shouldRevokeLoginTokenOnDestroy() {
 		when(this.responseSpec.bodyToMono(String.class)).thenReturn(Mono.just("OK"));
 
 		this.sessionManager.getVaultToken() //
-				.as(StepVerifier::create) //
-				.expectNextCount(1) //
-				.verifyComplete();
+			.as(StepVerifier::create) //
+			.expectNextCount(1) //
+			.verifyComplete();
 
 		this.sessionManager.destroy();
 
@@ -247,9 +248,9 @@ void shouldNotRevokeRegularTokenOnDestroy() {
 
 		this.sessionManager.setTokenSelfLookupEnabled(false);
 		this.sessionManager.renewToken() //
-				.as(StepVerifier::create) //
-				.expectNextCount(1) //
-				.verifyComplete();
+			.as(StepVerifier::create) //
+			.expectNextCount(1) //
+			.verifyComplete();
 		this.sessionManager.destroy();
 
 		verify(this.webClient, never()).post();
@@ -267,9 +268,9 @@ void shouldNotRevokeBatchTokenOnDestroy() {
 
 		this.sessionManager.setTokenSelfLookupEnabled(false);
 		this.sessionManager.renewToken() //
-				.as(StepVerifier::create) //
-				.expectNextCount(1) //
-				.verifyComplete();
+			.as(StepVerifier::create) //
+			.expectNextCount(1) //
+			.verifyComplete();
 		this.sessionManager.destroy();
 
 		verify(this.webClient, never()).post();
@@ -283,13 +284,13 @@ void shouldNotThrowExceptionsOnRevokeErrors() {
 
 		mockToken(LoginToken.of("login"));
 
-		when(this.responseSpec.bodyToMono((Class) any())).thenReturn(
-				Mono.error(new WebClientResponseException("forbidden", 403, "Forbidden", null, null, null)));
+		when(this.responseSpec.bodyToMono((Class) any()))
+			.thenReturn(Mono.error(new WebClientResponseException("forbidden", 403, "Forbidden", null, null, null)));
 
 		this.sessionManager.renewToken() //
-				.as(StepVerifier::create) //
-				.expectNextCount(1) //
-				.verifyComplete();
+			.as(StepVerifier::create) //
+			.expectNextCount(1) //
+			.verifyComplete();
 		this.sessionManager.destroy();
 
 		verify(this.requestBodyUriSpec).uri("auth/token/revoke-self");
@@ -301,9 +302,9 @@ void shouldScheduleTokenRenewal() {
 		mockToken(LoginToken.renewable("login".toCharArray(), Duration.ofSeconds(5)));
 
 		this.sessionManager.getSessionToken() //
-				.as(StepVerifier::create) //
-				.expectNextCount(1) //
-				.verifyComplete();
+			.as(StepVerifier::create) //
+			.expectNextCount(1) //
+			.verifyComplete();
 
 		verify(this.taskScheduler).schedule(any(Runnable.class), any(Trigger.class));
 	}
@@ -323,9 +324,9 @@ void shouldRunTokenRenewal() {
 		when(this.responseSpec.bodyToMono(VaultResponse.class)).thenReturn(Mono.just(vaultResponse));
 
 		this.sessionManager.getSessionToken() //
-				.as(StepVerifier::create) //
-				.expectNextCount(1) //
-				.verifyComplete();
+			.as(StepVerifier::create) //
+			.expectNextCount(1) //
+			.verifyComplete();
 
 		verify(this.taskScheduler).schedule(runnableCaptor.capture(), any(Trigger.class));
 
@@ -345,14 +346,14 @@ void shouldReScheduleTokenRenewalAfterSuccessfulRenewal() {
 		mockToken(LoginToken.renewable("login".toCharArray(), Duration.ofSeconds(5)));
 
 		when(this.responseSpec.bodyToMono(VaultResponse.class))
-				.thenReturn(Mono.just(fromToken(LoginToken.of("foo".toCharArray(), Duration.ofSeconds(10)))));
+			.thenReturn(Mono.just(fromToken(LoginToken.of("foo".toCharArray(), Duration.ofSeconds(10)))));
 
 		ArgumentCaptor<Runnable> runnableCaptor = ArgumentCaptor.forClass(Runnable.class);
 
 		this.sessionManager.getSessionToken() //
-				.as(StepVerifier::create) //
-				.expectNextCount(1) //
-				.verifyComplete();
+			.as(StepVerifier::create) //
+			.expectNextCount(1) //
+			.verifyComplete();
 		verify(this.taskScheduler).schedule(runnableCaptor.capture(), any(Trigger.class));
 
 		runnableCaptor.getValue().run();
@@ -365,7 +366,7 @@ void shouldNotScheduleRenewalIfRenewalTtlExceedsThreshold() {
 
 		mockToken(LoginToken.renewable("login".toCharArray(), Duration.ofSeconds(5)));
 		when(this.responseSpec.bodyToMono(VaultResponse.class))
-				.thenReturn(Mono.just(fromToken(LoginToken.of("foo".toCharArray(), Duration.ofSeconds(2)))));
+			.thenReturn(Mono.just(fromToken(LoginToken.of("foo".toCharArray(), Duration.ofSeconds(2)))));
 
 		ArgumentCaptor<Runnable> runnableCaptor = ArgumentCaptor.forClass(Runnable.class);
 
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/authentication/TokenAuthenticationOperatorIntegrationTests.java b/spring-vault-core/src/test/java/org/springframework/vault/authentication/TokenAuthenticationOperatorIntegrationTests.java
index 70df31c0a..892ab6082 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/authentication/TokenAuthenticationOperatorIntegrationTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/authentication/TokenAuthenticationOperatorIntegrationTests.java
@@ -42,8 +42,11 @@ class TokenAuthenticationOperatorIntegrationTests extends TokenAuthenticationInt
 	@Test
 	void shouldSelfLookup() {
 
-		VaultTokenRequest tokenRequest = VaultTokenRequest.builder().ttl(Duration.ofSeconds(60)).renewable().numUses(1)
-				.build();
+		VaultTokenRequest tokenRequest = VaultTokenRequest.builder()
+			.ttl(Duration.ofSeconds(60))
+			.renewable()
+			.numUses(1)
+			.build();
 
 		VaultToken token = prepare().getVaultOperations().opsForToken().create(tokenRequest).getToken();
 
@@ -65,8 +68,11 @@ void shouldSelfLookup() {
 	@Test
 	void shouldFailDuringSelfLookup() {
 
-		VaultTokenRequest tokenRequest = VaultTokenRequest.builder().ttl(Duration.ofSeconds(60)).renewable().numUses(1)
-				.build();
+		VaultTokenRequest tokenRequest = VaultTokenRequest.builder()
+			.ttl(Duration.ofSeconds(60))
+			.renewable()
+			.numUses(1)
+			.build();
 
 		VaultToken token = prepare().getVaultOperations().opsForToken().create(tokenRequest).getToken();
 
@@ -75,14 +81,14 @@ void shouldFailDuringSelfLookup() {
 
 		// first usage
 		operator.getVaultToken() //
-				.as(StepVerifier::create) //
-				.expectNextCount(1) //
-				.verifyComplete();
+			.as(StepVerifier::create) //
+			.expectNextCount(1) //
+			.verifyComplete();
 
 		operator.getVaultToken() //
-				.as(StepVerifier::create) //
-				.expectError(VaultException.class) //
-				.verify();
+			.as(StepVerifier::create) //
+			.expectError(VaultException.class) //
+			.verify();
 	}
 
 }
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/authentication/TokenAuthenticationStepsIntegrationTests.java b/spring-vault-core/src/test/java/org/springframework/vault/authentication/TokenAuthenticationStepsIntegrationTests.java
index e33879968..c244aa9ef 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/authentication/TokenAuthenticationStepsIntegrationTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/authentication/TokenAuthenticationStepsIntegrationTests.java
@@ -42,8 +42,11 @@ class TokenAuthenticationStepsIntegrationTests extends TokenAuthenticationIntegr
 	@Test
 	void shouldSelfLookup() {
 
-		VaultTokenRequest tokenRequest = VaultTokenRequest.builder().ttl(Duration.ofSeconds(60)).renewable().numUses(1)
-				.build();
+		VaultTokenRequest tokenRequest = VaultTokenRequest.builder()
+			.ttl(Duration.ofSeconds(60))
+			.renewable()
+			.numUses(1)
+			.build();
 
 		VaultToken token = prepare().getVaultOperations().opsForToken().create(tokenRequest).getToken();
 
@@ -62,8 +65,11 @@ void shouldSelfLookup() {
 	@Test
 	void shouldFailDuringSelfLookup() {
 
-		VaultTokenRequest tokenRequest = VaultTokenRequest.builder().ttl(Duration.ofSeconds(60)).renewable().numUses(1)
-				.build();
+		VaultTokenRequest tokenRequest = VaultTokenRequest.builder()
+			.ttl(Duration.ofSeconds(60))
+			.renewable()
+			.numUses(1)
+			.build();
 
 		VaultToken token = prepare().getVaultOperations().opsForToken().create(tokenRequest).getToken();
 
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/authentication/UsernamePasswordAuthenticationIntegrationTestBase.java b/spring-vault-core/src/test/java/org/springframework/vault/authentication/UsernamePasswordAuthenticationIntegrationTestBase.java
index 1aa8cd48b..92dbcd5cc 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/authentication/UsernamePasswordAuthenticationIntegrationTestBase.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/authentication/UsernamePasswordAuthenticationIntegrationTestBase.java
@@ -48,9 +48,9 @@ public void before() {
 
 		prepare().getVaultOperations().opsForSys().createOrUpdatePolicy(DEFAULT_USERPASS_AUTHENTICATION_PATH, POLICY);
 		prepare().getVaultOperations()
-				.doWithSession(restOperations -> restOperations.postForEntity(
-						String.format("auth/%s/users/%s", DEFAULT_USERPASS_AUTHENTICATION_PATH, username),
-						singletonMap("password", password), Map.class));
+			.doWithSession(restOperations -> restOperations.postForEntity(
+					String.format("auth/%s/users/%s", DEFAULT_USERPASS_AUTHENTICATION_PATH, username),
+					singletonMap("password", password), Map.class));
 	}
 
 }
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/authentication/UsernamePasswordAuthenticationIntegrationTests.java b/spring-vault-core/src/test/java/org/springframework/vault/authentication/UsernamePasswordAuthenticationIntegrationTests.java
index 74cf28b96..ea26a9615 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/authentication/UsernamePasswordAuthenticationIntegrationTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/authentication/UsernamePasswordAuthenticationIntegrationTests.java
@@ -37,7 +37,9 @@ class UsernamePasswordAuthenticationIntegrationTests extends UsernamePasswordAut
 	void shouldLoginSuccessfully() {
 
 		UsernamePasswordAuthenticationOptions options = UsernamePasswordAuthenticationOptions.builder()
-				.username(username).password(password).build();
+			.username(username)
+			.password(password)
+			.build();
 
 		UsernamePasswordAuthentication authentication = new UsernamePasswordAuthentication(options, restTemplate);
 		VaultToken login = authentication.login();
@@ -49,7 +51,9 @@ void shouldLoginSuccessfully() {
 	void shouldLoginUsingAuthenticationSteps() {
 
 		UsernamePasswordAuthenticationOptions options = UsernamePasswordAuthenticationOptions.builder()
-				.username(username).password(password).build();
+			.username(username)
+			.password(password)
+			.build();
 
 		AuthenticationStepsExecutor executor = new AuthenticationStepsExecutor(
 				UsernamePasswordAuthentication.createAuthenticationSteps(options), restTemplate);
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/authentication/UsernamePasswordAuthenticationUnitTests.java b/spring-vault-core/src/test/java/org/springframework/vault/authentication/UsernamePasswordAuthenticationUnitTests.java
index 77fb5e25a..be30ed0ed 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/authentication/UsernamePasswordAuthenticationUnitTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/authentication/UsernamePasswordAuthenticationUnitTests.java
@@ -55,16 +55,22 @@ void before() {
 	@Test
 	void shouldLoginWithTotp() {
 
-		UsernamePasswordAuthenticationOptions options = UsernamePasswordAuthenticationOptions.builder().path("okta")
-				.username("walter").password("heisenberg").totp("123456").build();
+		UsernamePasswordAuthenticationOptions options = UsernamePasswordAuthenticationOptions.builder()
+			.path("okta")
+			.username("walter")
+			.password("heisenberg")
+			.totp("123456")
+			.build();
 
 		UsernamePasswordAuthentication sut = new UsernamePasswordAuthentication(options, this.restTemplate);
 
-		this.mockRest.expect(requestTo("/auth/okta/login/walter")).andExpect(method(HttpMethod.POST))
-				.andExpect(jsonPath("$.password").value("heisenberg")).andExpect(jsonPath("$.totp").value("123456"))
-				.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON).body(
-						"{" + "\"auth\":{\"client_token\":\"my-token\", \"renewable\": true, \"lease_duration\": 10}"
-								+ "}"));
+		this.mockRest.expect(requestTo("/auth/okta/login/walter"))
+			.andExpect(method(HttpMethod.POST))
+			.andExpect(jsonPath("$.password").value("heisenberg"))
+			.andExpect(jsonPath("$.totp").value("123456"))
+			.andRespond(withSuccess().contentType(MediaType.APPLICATION_JSON)
+				.body("{" + "\"auth\":{\"client_token\":\"my-token\", \"renewable\": true, \"lease_duration\": 10}"
+						+ "}"));
 
 		VaultToken login = sut.login();
 
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/client/ClientHttpRequestFactoryFactoryIntegrationTests.java b/spring-vault-core/src/test/java/org/springframework/vault/client/ClientHttpRequestFactoryFactoryIntegrationTests.java
index 423e8581f..4b80b36d5 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/client/ClientHttpRequestFactoryFactoryIntegrationTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/client/ClientHttpRequestFactoryFactoryIntegrationTests.java
@@ -69,8 +69,9 @@ void httpComponentsClientShouldWork() throws Exception {
 	void httpComponentsClientUsingPemShouldWork() throws Exception {
 
 		File caCertificate = new File(Settings.findWorkDir(), "ca/certs/ca.cert.pem");
-		SslConfiguration sslConfiguration = SslConfiguration.forTrustStore(SslConfiguration.KeyStoreConfiguration
-				.of(new FileSystemResource(caCertificate)).withStoreType(SslConfiguration.PEM_KEYSTORE_TYPE));
+		SslConfiguration sslConfiguration = SslConfiguration
+			.forTrustStore(SslConfiguration.KeyStoreConfiguration.of(new FileSystemResource(caCertificate))
+				.withStoreType(SslConfiguration.PEM_KEYSTORE_TYPE));
 
 		ClientHttpRequestFactory factory = HttpComponents.usingHttpComponents(new ClientOptions(), sslConfiguration);
 		RestTemplate template = new RestTemplate(factory);
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/client/ReactiveVaultClientsIntegrationTests.java b/spring-vault-core/src/test/java/org/springframework/vault/client/ReactiveVaultClientsIntegrationTests.java
index 72f36cc84..ec2d40426 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/client/ReactiveVaultClientsIntegrationTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/client/ReactiveVaultClientsIntegrationTests.java
@@ -49,15 +49,25 @@ void shouldUseVaultEndpointProvider() {
 			});
 		}, ClientHttpConnectorFactory.create(new ClientOptions(), Settings.createSslConfiguration()));
 
-		client.get().uri("/sys/health").exchange().flatMap(it -> it.bodyToMono(String.class)).as(StepVerifier::create)
-				.consumeNextWith(actual -> {
-					assertThat(actual).contains("initialized").contains("standby");
-				}).verifyComplete();
+		client.get()
+			.uri("/sys/health")
+			.exchange()
+			.flatMap(it -> it.bodyToMono(String.class))
+			.as(StepVerifier::create)
+			.consumeNextWith(actual -> {
+				assertThat(actual).contains("initialized").contains("standby");
+			})
+			.verifyComplete();
 
-		client.get().uri("sys/health").exchange().flatMap(it -> it.bodyToMono(String.class)).as(StepVerifier::create)
-				.consumeNextWith(actual -> {
-					assertThat(actual).contains("initialized").contains("standby");
-				}).verifyComplete();
+		client.get()
+			.uri("sys/health")
+			.exchange()
+			.flatMap(it -> it.bodyToMono(String.class))
+			.as(StepVerifier::create)
+			.consumeNextWith(actual -> {
+				assertThat(actual).contains("initialized").contains("standby");
+			})
+			.verifyComplete();
 
 		assertThat(resolver).hasValue(Thread.currentThread());
 	}
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/client/ReactiveVaultClientsUnitTests.java b/spring-vault-core/src/test/java/org/springframework/vault/client/ReactiveVaultClientsUnitTests.java
index ce235513a..8a18b0d60 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/client/ReactiveVaultClientsUnitTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/client/ReactiveVaultClientsUnitTests.java
@@ -46,11 +46,17 @@ void shouldApplyNamespace() {
 
 		ClientHttpConnector connector = (method, uri, fn) -> fn.apply(request).then(Mono.just(response));
 
-		WebClient webClient = WebClient.builder().clientConnector(connector)
-				.filter(ReactiveVaultClients.namespace("foo/bar")).build();
-
-		webClient.get().uri("/auth/foo").retrieve().bodyToMono(String.class).as(StepVerifier::create) //
-				.verifyComplete();
+		WebClient webClient = WebClient.builder()
+			.clientConnector(connector)
+			.filter(ReactiveVaultClients.namespace("foo/bar"))
+			.build();
+
+		webClient.get()
+			.uri("/auth/foo")
+			.retrieve()
+			.bodyToMono(String.class)
+			.as(StepVerifier::create) //
+			.verifyComplete();
 
 		assertThat(request.getHeaders()).containsEntry(VaultHttpHeaders.VAULT_NAMESPACE,
 				Collections.singletonList("foo/bar"));
@@ -64,13 +70,18 @@ void shouldAllowNamespaceOverride() {
 
 		ClientHttpConnector connector = (method, uri, fn) -> fn.apply(request).then(Mono.just(response));
 
-		WebClient webClient = WebClient.builder().clientConnector(connector)
-				.filter(ReactiveVaultClients.namespace("foo/bar")).build();
-
-		webClient.get().uri("/auth/foo").header(VaultHttpHeaders.VAULT_NAMESPACE, "baz").retrieve()
-				.bodyToMono(String.class) //
-				.as(StepVerifier::create) //
-				.verifyComplete();
+		WebClient webClient = WebClient.builder()
+			.clientConnector(connector)
+			.filter(ReactiveVaultClients.namespace("foo/bar"))
+			.build();
+
+		webClient.get()
+			.uri("/auth/foo")
+			.header(VaultHttpHeaders.VAULT_NAMESPACE, "baz")
+			.retrieve()
+			.bodyToMono(String.class) //
+			.as(StepVerifier::create) //
+			.verifyComplete();
 
 		assertThat(request.getHeaders()).containsEntry(VaultHttpHeaders.VAULT_NAMESPACE,
 				Collections.singletonList("baz"));
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/client/RestTemplateBuilderUnitTests.java b/spring-vault-core/src/test/java/org/springframework/vault/client/RestTemplateBuilderUnitTests.java
index 190cef850..6dc19c249 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/client/RestTemplateBuilderUnitTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/client/RestTemplateBuilderUnitTests.java
@@ -41,8 +41,10 @@ void shouldApplyErrorHandler() {
 
 		ResponseErrorHandler errorHandler = new DefaultResponseErrorHandler();
 
-		RestTemplate restTemplate = RestTemplateBuilder.builder().endpoint(VaultEndpoint.create("localhost", 8200))
-				.errorHandler(errorHandler).build();
+		RestTemplate restTemplate = RestTemplateBuilder.builder()
+			.endpoint(VaultEndpoint.create("localhost", 8200))
+			.errorHandler(errorHandler)
+			.build();
 
 		assertThat(restTemplate.getErrorHandler()).isSameAs(errorHandler);
 	}
@@ -52,8 +54,10 @@ void shouldApplyErrorHandlerViaCustomizer() {
 
 		ResponseErrorHandler errorHandler = new DefaultResponseErrorHandler();
 
-		RestTemplate restTemplate = RestTemplateBuilder.builder().endpoint(VaultEndpoint.create("localhost", 8200))
-				.customizers(it -> it.setErrorHandler(errorHandler)).build();
+		RestTemplate restTemplate = RestTemplateBuilder.builder()
+			.endpoint(VaultEndpoint.create("localhost", 8200))
+			.customizers(it -> it.setErrorHandler(errorHandler))
+			.build();
 
 		assertThat(restTemplate.getErrorHandler()).isSameAs(errorHandler);
 	}
@@ -61,8 +65,10 @@ void shouldApplyErrorHandlerViaCustomizer() {
 	@Test
 	void shouldApplyRequestCustomizers() throws IOException {
 
-		RestTemplate restTemplate = RestTemplateBuilder.builder().endpoint(VaultEndpoint.create("localhost", 8200))
-				.requestCustomizers(request -> request.getHeaders().add("header", "value")).build();
+		RestTemplate restTemplate = RestTemplateBuilder.builder()
+			.endpoint(VaultEndpoint.create("localhost", 8200))
+			.requestCustomizers(request -> request.getHeaders().add("header", "value"))
+			.build();
 
 		restTemplate.getInterceptors().clear();
 
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/client/VaultClientsUnitTests.java b/spring-vault-core/src/test/java/org/springframework/vault/client/VaultClientsUnitTests.java
index be7e5aac2..db7f781e3 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/client/VaultClientsUnitTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/client/VaultClientsUnitTests.java
@@ -91,8 +91,10 @@ void shouldApplyNamespace() {
 
 		MockRestServiceServer mockRest = MockRestServiceServer.createServer(restTemplate);
 
-		mockRest.expect(requestTo("/auth/foo")).andExpect(method(HttpMethod.GET))
-				.andExpect(header(VaultHttpHeaders.VAULT_NAMESPACE, "foo/bar")).andRespond(withSuccess());
+		mockRest.expect(requestTo("/auth/foo"))
+			.andExpect(method(HttpMethod.GET))
+			.andExpect(header(VaultHttpHeaders.VAULT_NAMESPACE, "foo/bar"))
+			.andRespond(withSuccess());
 
 		restTemplate.getForEntity("/auth/foo", String.class);
 	}
@@ -106,8 +108,10 @@ void shouldAllowNamespaceOverride() {
 
 		MockRestServiceServer mockRest = MockRestServiceServer.createServer(restTemplate);
 
-		mockRest.expect(requestTo("/auth/foo")).andExpect(method(HttpMethod.GET))
-				.andExpect(header(VaultHttpHeaders.VAULT_NAMESPACE, "baz")).andRespond(withSuccess());
+		mockRest.expect(requestTo("/auth/foo"))
+			.andExpect(method(HttpMethod.GET))
+			.andExpect(header(VaultHttpHeaders.VAULT_NAMESPACE, "baz"))
+			.andRespond(withSuccess());
 
 		HttpHeaders headers = new HttpHeaders();
 		headers.add(VaultHttpHeaders.VAULT_NAMESPACE, "baz");
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/client/VaultResponsesUnitTests.java b/spring-vault-core/src/test/java/org/springframework/vault/client/VaultResponsesUnitTests.java
index b4a15c8d2..cf19a3a7e 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/client/VaultResponsesUnitTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/client/VaultResponsesUnitTests.java
@@ -69,7 +69,7 @@ void shouldBuildExceptionWithPathAndErrorMessage() {
 
 		VaultException vaultException = VaultResponses.buildException(cause, "sys/path");
 		assertThat(vaultException).hasMessageContaining("Status 400 Bad Request [sys/path]: some-error")
-				.hasCause(cause);
+			.hasCause(cause);
 	}
 
 }
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/config/EnvironmentVaultConfigurationAzureMSIAuthenticationUnitTests.java b/spring-vault-core/src/test/java/org/springframework/vault/config/EnvironmentVaultConfigurationAzureMSIAuthenticationUnitTests.java
index 72ef07d2f..937eea7cd 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/config/EnvironmentVaultConfigurationAzureMSIAuthenticationUnitTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/config/EnvironmentVaultConfigurationAzureMSIAuthenticationUnitTests.java
@@ -60,7 +60,7 @@ void shouldConfigureAuthentication(@Autowired EnvironmentVaultConfiguration conf
 		AzureMsiAuthenticationOptions options = (AzureMsiAuthenticationOptions) accessor.getPropertyValue("options");
 
 		assertThat(options.getIdentityTokenServiceUri())
-				.isEqualTo(AzureMsiAuthenticationOptions.DEFAULT_IDENTITY_TOKEN_SERVICE_URI);
+			.isEqualTo(AzureMsiAuthenticationOptions.DEFAULT_IDENTITY_TOKEN_SERVICE_URI);
 		assertThat(options.getInstanceMetadataServiceUri()).isEqualTo(URI.create("http://foo"));
 	}
 
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/config/EnvironmentVaultConfigurationUnitTests.java b/spring-vault-core/src/test/java/org/springframework/vault/config/EnvironmentVaultConfigurationUnitTests.java
index 9930cc791..8b5d3a420 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/config/EnvironmentVaultConfigurationUnitTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/config/EnvironmentVaultConfigurationUnitTests.java
@@ -90,11 +90,11 @@ void shouldConfigureSsl() {
 
 		assertThat(sslConfiguration.getKeyStore()).isInstanceOf(ClassPathResource.class);
 		assertThat(new String(sslConfiguration.getKeyStoreConfiguration().getStorePassword()))
-				.isEqualTo("key store password");
+			.isEqualTo("key store password");
 
 		assertThat(sslConfiguration.getTrustStore()).isInstanceOf(ClassPathResource.class);
 		assertThat(new String(sslConfiguration.getTrustStoreConfiguration().getStorePassword()))
-				.isEqualTo("trust store password");
+			.isEqualTo("trust store password");
 
 		assertThat(sslConfiguration.getEnabledProtocols()).containsExactly("TLSv1.2", "TLSv1.1");
 		assertThat(sslConfiguration.getEnabledCipherSuites()).containsExactly("TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/core/ReactiveVaultTemplateAgentIntegrationTests.java b/spring-vault-core/src/test/java/org/springframework/vault/core/ReactiveVaultTemplateAgentIntegrationTests.java
index 176f8776d..8d2d36438 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/core/ReactiveVaultTemplateAgentIntegrationTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/core/ReactiveVaultTemplateAgentIntegrationTests.java
@@ -63,8 +63,9 @@ void shouldUseAgentAuthentication() {
 
 		ReactiveVaultTemplate vaultTemplate = new ReactiveVaultTemplate(this.endpoint, this.connector);
 
-		vaultTemplate.write("secret/foo", Collections.singletonMap("key", "value")).as(StepVerifier::create)
-				.verifyComplete();
+		vaultTemplate.write("secret/foo", Collections.singletonMap("key", "value"))
+			.as(StepVerifier::create)
+			.verifyComplete();
 	}
 
 	@Test
@@ -74,8 +75,9 @@ void shouldUseAgentAuthenticationWithBuilder() {
 
 		ReactiveVaultTemplate vaultTemplate = new ReactiveVaultTemplate(builder);
 
-		vaultTemplate.write("secret/foo", Collections.singletonMap("key", "value")).as(StepVerifier::create)
-				.verifyComplete();
+		vaultTemplate.write("secret/foo", Collections.singletonMap("key", "value"))
+			.as(StepVerifier::create)
+			.verifyComplete();
 	}
 
 }
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/core/ReactiveVaultTemplateGenericIntegrationTests.java b/spring-vault-core/src/test/java/org/springframework/vault/core/ReactiveVaultTemplateGenericIntegrationTests.java
index 89565d66b..461031823 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/core/ReactiveVaultTemplateGenericIntegrationTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/core/ReactiveVaultTemplateGenericIntegrationTests.java
@@ -59,19 +59,21 @@ void readShouldReturnAbsentKey() {
 	@Test
 	void readShouldReturnExistingKey() {
 
-		this.vaultOperations.write("secret/mykey", Collections.singletonMap("hello", "world")).as(StepVerifier::create) //
-				.verifyComplete();
-
-		this.vaultOperations.read("secret/mykey").as(StepVerifier::create)
-				.consumeNextWith(actual -> assertThat(actual.getRequiredData()).containsEntry("hello", "world")) //
-				.verifyComplete();
+		this.vaultOperations.write("secret/mykey", Collections.singletonMap("hello", "world"))
+			.as(StepVerifier::create) //
+			.verifyComplete();
+
+		this.vaultOperations.read("secret/mykey")
+			.as(StepVerifier::create)
+			.consumeNextWith(actual -> assertThat(actual.getRequiredData()).containsEntry("hello", "world")) //
+			.verifyComplete();
 	}
 
 	@Test
 	void readShouldReturnNestedPropertiesKey() throws IOException {
 
 		Map map = this.OBJECT_MAPPER
-				.readValue("{ \"hello.array[0]\":\"array-value0\", \"hello.array[1]\":\"array-value1\" }", Map.class);
+			.readValue("{ \"hello.array[0]\":\"array-value0\", \"hello.array[1]\":\"array-value1\" }", Map.class);
 
 		this.vaultOperations.write("secret/mykey", map).as(StepVerifier::create).verifyComplete();
 
@@ -105,50 +107,59 @@ void readObjectShouldReadDomainClass() {
 		data.put("password", "Secret");
 
 		this.vaultOperations.write("secret/mykey", data) //
-				.as(StepVerifier::create) //
-				.verifyComplete();
+			.as(StepVerifier::create) //
+			.verifyComplete();
 
 		this.vaultOperations.read("secret/mykey", Person.class) //
-				.as(StepVerifier::create) //
-				.consumeNextWith(actual -> {
+			.as(StepVerifier::create) //
+			.consumeNextWith(actual -> {
 
-					Person person = actual.getRequiredData();
-					assertThat(person.getFirstname()).isEqualTo("Walter");
-					assertThat(person.getPassword()).isEqualTo("Secret");
+				Person person = actual.getRequiredData();
+				assertThat(person.getFirstname()).isEqualTo("Walter");
+				assertThat(person.getPassword()).isEqualTo("Secret");
 
-				}).verifyComplete();
+			})
+			.verifyComplete();
 	}
 
 	@Test
 	void listShouldNotReturnAbsentKey() {
 
-		this.vaultOperations.list("foo").collectList().as(StepVerifier::create)
-				.consumeNextWith(actual -> assertThat(actual).isEmpty()).verifyComplete();
+		this.vaultOperations.list("foo")
+			.collectList()
+			.as(StepVerifier::create)
+			.consumeNextWith(actual -> assertThat(actual).isEmpty())
+			.verifyComplete();
 	}
 
 	@Test
 	void listShouldReturnExistingKey() {
 
-		this.vaultOperations.write("secret/mykey", Collections.singletonMap("hello", "world")).as(StepVerifier::create) //
-				.verifyComplete();
+		this.vaultOperations.write("secret/mykey", Collections.singletonMap("hello", "world"))
+			.as(StepVerifier::create) //
+			.verifyComplete();
 
-		this.vaultOperations.list("secret").collectList().as(StepVerifier::create)
-				.consumeNextWith(actual -> assertThat(actual).contains("mykey")).verifyComplete();
+		this.vaultOperations.list("secret")
+			.collectList()
+			.as(StepVerifier::create)
+			.consumeNextWith(actual -> assertThat(actual).contains("mykey"))
+			.verifyComplete();
 	}
 
 	@Test
 	void deleteShouldRemoveKey() {
 
-		this.vaultOperations.write("secret/mykey", Collections.singletonMap("hello", "world")).as(StepVerifier::create) //
-				.verifyComplete();
+		this.vaultOperations.write("secret/mykey", Collections.singletonMap("hello", "world"))
+			.as(StepVerifier::create) //
+			.verifyComplete();
 
 		this.vaultOperations.delete("secret/mykey") //
-				.as(StepVerifier::create) //
-				.verifyComplete();
+			.as(StepVerifier::create) //
+			.verifyComplete();
 
 		this.vaultOperations.read("secret/mykey") //
-				.as(StepVerifier::create) //
-				.verifyComplete();
+			.as(StepVerifier::create) //
+			.verifyComplete();
 	}
 
 	@Test
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/core/VaultKeyValueMetadataTemplateIntegrationTests.java b/spring-vault-core/src/test/java/org/springframework/vault/core/VaultKeyValueMetadataTemplateIntegrationTests.java
index 854de2752..e69d02df7 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/core/VaultKeyValueMetadataTemplateIntegrationTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/core/VaultKeyValueMetadataTemplateIntegrationTests.java
@@ -70,7 +70,7 @@ class VaultKeyValueMetadataTemplateIntegrationTests extends AbstractVaultKeyValu
 	void setup() {
 
 		this.vaultKeyValueMetadataOperations = this.vaultOperations.opsForVersionedKeyValue("versioned")
-				.opsForKeyValueMetadata();
+			.opsForKeyValueMetadata();
 
 		try {
 			this.vaultKeyValueMetadataOperations.delete(SECRET_NAME);
@@ -139,8 +139,11 @@ void shouldUpdateKVMetadata() {
 		this.kvOperations.put(CAS_SECRET_NAME, secret);
 
 		Duration duration = Duration.ofMinutes(30).plusHours(6).plusSeconds(30);
-		VaultMetadataRequest request = VaultMetadataRequest.builder().casRequired(true).deleteVersionAfter(duration)
-				.maxVersions(20).build();
+		VaultMetadataRequest request = VaultMetadataRequest.builder()
+			.casRequired(true)
+			.deleteVersionAfter(duration)
+			.maxVersions(20)
+			.build();
 
 		this.vaultKeyValueMetadataOperations.put(CAS_SECRET_NAME, request);
 
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/core/VaultNamespaceSecretIntegrationTests.java b/spring-vault-core/src/test/java/org/springframework/vault/core/VaultNamespaceSecretIntegrationTests.java
index 0901131b8..35705e1bc 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/core/VaultNamespaceSecretIntegrationTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/core/VaultNamespaceSecretIntegrationTests.java
@@ -61,18 +61,20 @@
  */
 class VaultNamespaceSecretIntegrationTests extends IntegrationTestSupport {
 
-	static final Policy POLICY = Policy
-			.of(Policy.Rule.builder().path("/*").capabilities(Policy.BuiltinCapabilities.READ,
-					Policy.BuiltinCapabilities.CREATE, Policy.BuiltinCapabilities.UPDATE).build());
+	static final Policy POLICY = Policy.of(Policy.Rule.builder()
+		.path("/*")
+		.capabilities(Policy.BuiltinCapabilities.READ, Policy.BuiltinCapabilities.CREATE,
+				Policy.BuiltinCapabilities.UPDATE)
+		.build());
 
 	RestTemplateBuilder devRestTemplate;
 
 	RestTemplateBuilder marketingRestTemplate;
 
 	WebClientBuilder marketingWebClientBuilder = WebClientBuilder.builder()
-			.httpConnector(ClientHttpConnectorFactory.create(new ClientOptions(), Settings.createSslConfiguration()))
-			.endpoint(TestRestTemplateFactory.TEST_VAULT_ENDPOINT)
-			.defaultHeader(VaultHttpHeaders.VAULT_NAMESPACE, "marketing");
+		.httpConnector(ClientHttpConnectorFactory.create(new ClientOptions(), Settings.createSslConfiguration()))
+		.endpoint(TestRestTemplateFactory.TEST_VAULT_ENDPOINT)
+		.defaultHeader(VaultHttpHeaders.VAULT_NAMESPACE, "marketing");
 
 	String devToken;
 
@@ -92,32 +94,37 @@ void before() {
 		}
 
 		this.devRestTemplate = RestTemplateBuilder.builder()
-				.requestFactory(
-						ClientHttpRequestFactoryFactory.create(new ClientOptions(), Settings.createSslConfiguration()))
-				.endpoint(TestRestTemplateFactory.TEST_VAULT_ENDPOINT).customizers(restTemplate -> restTemplate
-						.getInterceptors().add(VaultClients.createNamespaceInterceptor("dev")));
+			.requestFactory(
+					ClientHttpRequestFactoryFactory.create(new ClientOptions(), Settings.createSslConfiguration()))
+			.endpoint(TestRestTemplateFactory.TEST_VAULT_ENDPOINT)
+			.customizers(
+					restTemplate -> restTemplate.getInterceptors().add(VaultClients.createNamespaceInterceptor("dev")));
 
 		this.marketingRestTemplate = RestTemplateBuilder.builder()
-				.requestFactory(
-						ClientHttpRequestFactoryFactory.create(new ClientOptions(), Settings.createSslConfiguration()))
-				.endpoint(TestRestTemplateFactory.TEST_VAULT_ENDPOINT)
-				.defaultHeader(VaultHttpHeaders.VAULT_NAMESPACE, "marketing");
+			.requestFactory(
+					ClientHttpRequestFactoryFactory.create(new ClientOptions(), Settings.createSslConfiguration()))
+			.endpoint(TestRestTemplateFactory.TEST_VAULT_ENDPOINT)
+			.defaultHeader(VaultHttpHeaders.VAULT_NAMESPACE, "marketing");
 
 		VaultTemplate dev = new VaultTemplate(this.devRestTemplate,
 				new SimpleSessionManager(new TokenAuthentication(Settings.token())));
 
 		mountKv(dev, "dev-secrets");
 		dev.opsForSys().createOrUpdatePolicy("relaxed", POLICY);
-		this.devToken = dev.opsForToken().create(VaultTokenRequest.builder().withPolicy("relaxed").build()).getToken()
-				.getToken();
+		this.devToken = dev.opsForToken()
+			.create(VaultTokenRequest.builder().withPolicy("relaxed").build())
+			.getToken()
+			.getToken();
 
 		VaultTemplate marketing = new VaultTemplate(this.marketingRestTemplate,
 				new SimpleSessionManager(new TokenAuthentication(Settings.token())));
 
 		mountKv(marketing, "marketing-secrets");
 		marketing.opsForSys().createOrUpdatePolicy("relaxed", POLICY);
-		this.marketingToken = marketing.opsForToken().create(VaultTokenRequest.builder().withPolicy("relaxed").build())
-				.getToken().getToken();
+		this.marketingToken = marketing.opsForToken()
+			.create(VaultTokenRequest.builder().withPolicy("relaxed").build())
+			.getToken()
+			.getToken();
 	}
 
 	private void mountKv(VaultTemplate template, String path) {
@@ -203,10 +210,15 @@ void shouldReportReactiveInitialized() {
 				() -> Mono.just(VaultToken.of(this.marketingToken)));
 
 		reactiveMarketing.doWithSession(webClient -> {
-			return webClient.get().uri("sys/init").header(VaultHttpHeaders.VAULT_NAMESPACE, "").exchange()
-					.flatMap(it -> it.bodyToMono(Map.class));
-		}).as(StepVerifier::create).assertNext(actual -> assertThat(actual).containsEntry("initialized", true))
-				.verifyComplete();
+			return webClient.get()
+				.uri("sys/init")
+				.header(VaultHttpHeaders.VAULT_NAMESPACE, "")
+				.exchange()
+				.flatMap(it -> it.bodyToMono(Map.class));
+		})
+			.as(StepVerifier::create)
+			.assertNext(actual -> assertThat(actual).containsEntry("initialized", true))
+			.verifyComplete();
 	}
 
 	@Configuration
@@ -231,7 +243,7 @@ public SslConfiguration sslConfiguration() {
 		protected RestTemplateBuilder restTemplateBuilder(VaultEndpointProvider endpointProvider,
 				ClientHttpRequestFactory requestFactory) {
 			return super.restTemplateBuilder(endpointProvider, requestFactory)
-					.defaultHeader(VaultHttpHeaders.VAULT_NAMESPACE, "marketing");
+				.defaultHeader(VaultHttpHeaders.VAULT_NAMESPACE, "marketing");
 		}
 
 	}
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/core/VaultPkiTemplateIntegrationTests.java b/spring-vault-core/src/test/java/org/springframework/vault/core/VaultPkiTemplateIntegrationTests.java
index c93635d69..ef751140a 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/core/VaultPkiTemplateIntegrationTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/core/VaultPkiTemplateIntegrationTests.java
@@ -172,15 +172,17 @@ void issueCertificateShouldCreateCertificate() throws KeyStoreException {
 	void issueCertificateUsingFormat(KeyFixture keyFixture) throws Exception {
 
 		VaultCertificateRequest request = VaultCertificateRequest.builder()
-				.commonName(keyFixture.format.replace('_', '-') + ".hello.example.com")
-				.privateKeyFormat(keyFixture.privateKeyFormat).format(keyFixture.format).build();
+			.commonName(keyFixture.format.replace('_', '-') + ".hello.example.com")
+			.privateKeyFormat(keyFixture.privateKeyFormat)
+			.format(keyFixture.format)
+			.build();
 
 		VaultCertificateResponse certificateResponse = this.pkiOperations
-				.issueCertificate("testrole-" + keyFixture.keyType.name(), request);
+			.issueCertificate("testrole-" + keyFixture.keyType.name(), request);
 
 		CertificateBundle data = certificateResponse.getRequiredData();
 		assertThat(data.getX509Certificate().getSubjectX500Principal().getName())
-				.isEqualTo("CN=" + request.getCommonName());
+			.isEqualTo("CN=" + request.getCommonName());
 		assertThat(data.getX509IssuerCertificates()).hasSize(2);
 
 		assertThat(data.getPrivateKeySpec()).isNotNull();
@@ -248,8 +250,10 @@ public String toString() {
 	@RequiresVaultVersion(NO_TTL_UNIT_REQUIRED_FROM)
 	void issueCertificateWithTtlShouldCreateCertificate() {
 
-		VaultCertificateRequest request = VaultCertificateRequest.builder().ttl(Duration.ofHours(48))
-				.commonName("hello.example.com").build();
+		VaultCertificateRequest request = VaultCertificateRequest.builder()
+			.ttl(Duration.ofHours(48))
+			.commonName("hello.example.com")
+			.build();
 
 		VaultCertificateResponse certificateResponse = this.pkiOperations.issueCertificate("testrole", request);
 
@@ -257,7 +261,7 @@ void issueCertificateWithTtlShouldCreateCertificate() {
 
 		Instant now = Instant.now();
 		assertThat(certificate.getNotAfter()).isAfter(Date.from(now.plus(40, ChronoUnit.HOURS)))
-				.isBefore(Date.from(now.plus(50, ChronoUnit.HOURS)));
+			.isBefore(Date.from(now.plus(50, ChronoUnit.HOURS)));
 	}
 
 	@Test
@@ -301,7 +305,7 @@ void issueCertificateFail() {
 		VaultCertificateRequest request = VaultCertificateRequest.create("not.supported");
 
 		assertThatExceptionOfType(VaultException.class)
-				.isThrownBy(() -> this.pkiOperations.issueCertificate("testrole", request));
+			.isThrownBy(() -> this.pkiOperations.issueCertificate("testrole", request));
 	}
 
 	@Test
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/core/VaultSysTemplateIntegrationTests.java b/spring-vault-core/src/test/java/org/springframework/vault/core/VaultSysTemplateIntegrationTests.java
index 24fb3e65c..0578df04b 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/core/VaultSysTemplateIntegrationTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/core/VaultSysTemplateIntegrationTests.java
@@ -81,8 +81,11 @@ void mountShouldMountGenericSecret() {
 			this.adminOperations.unmount("other");
 		}
 
-		VaultMount mount = VaultMount.builder().type("generic")
-				.config(Collections.singletonMap("default_lease_ttl", "1h")).description("hello, world").build();
+		VaultMount mount = VaultMount.builder()
+			.type("generic")
+			.config(Collections.singletonMap("default_lease_ttl", "1h"))
+			.description("hello, world")
+			.build();
 
 		this.adminOperations.mount("other", mount);
 
@@ -104,8 +107,11 @@ void mountShouldMountKv1Secret() {
 			this.adminOperations.unmount("kVv1");
 		}
 
-		VaultMount mount = VaultMount.builder().type("kv").config(Collections.singletonMap("default_lease_ttl", "1h"))
-				.description("hello, world").build();
+		VaultMount mount = VaultMount.builder()
+			.type("kv")
+			.config(Collections.singletonMap("default_lease_ttl", "1h"))
+			.description("hello, world")
+			.build();
 
 		this.adminOperations.mount("kVv1", mount);
 
@@ -133,8 +139,12 @@ void mountShouldMountKv2Secret() {
 			this.adminOperations.unmount("kVv2");
 		}
 
-		VaultMount mount = VaultMount.builder().type("kv").config(Collections.singletonMap("default_lease_ttl", "1h"))
-				.options(Collections.singletonMap("version", "2")).description("hello, world").build();
+		VaultMount mount = VaultMount.builder()
+			.type("kv")
+			.config(Collections.singletonMap("default_lease_ttl", "1h"))
+			.options(Collections.singletonMap("version", "2"))
+			.description("hello, world")
+			.build();
 
 		this.adminOperations.mount("kVv2", mount);
 
@@ -218,15 +228,19 @@ void shouldReadAbsentRootPolicy() {
 	void shouldReadDefaultPolicy() {
 
 		assertThatExceptionOfType(UnsupportedOperationException.class)
-				.isThrownBy(() -> this.adminOperations.getPolicy("default"));
+			.isThrownBy(() -> this.adminOperations.getPolicy("default"));
 	}
 
 	@Test
 	@RequiresVaultVersion("0.7.0")
 	void shouldCreatePolicy() {
 
-		Rule rule = Rule.builder().path("foo").capabilities(READ, UPDATE).minWrappingTtl(Duration.ofSeconds(100))
-				.maxWrappingTtl(Duration.ofHours(2)).build();
+		Rule rule = Rule.builder()
+			.path("foo")
+			.capabilities(READ, UPDATE)
+			.minWrappingTtl(Duration.ofSeconds(100))
+			.maxWrappingTtl(Duration.ofHours(2))
+			.build();
 
 		this.adminOperations.createOrUpdatePolicy("foo", Policy.of(rule));
 
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/core/VaultTemplateAgentIntegrationTests.java b/spring-vault-core/src/test/java/org/springframework/vault/core/VaultTemplateAgentIntegrationTests.java
index 9a59f598a..c362bf8a8 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/core/VaultTemplateAgentIntegrationTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/core/VaultTemplateAgentIntegrationTests.java
@@ -68,8 +68,9 @@ void shouldUseAgentAuthentication() {
 	@Test
 	void shouldUseAgentAuthenticationWithBuilder() {
 
-		RestTemplateBuilder builder = RestTemplateBuilder.builder().endpoint(this.endpoint)
-				.requestFactory(this.requestFactory);
+		RestTemplateBuilder builder = RestTemplateBuilder.builder()
+			.endpoint(this.endpoint)
+			.requestFactory(this.requestFactory);
 
 		VaultTemplate vaultTemplate = new VaultTemplate(builder);
 
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/core/VaultTemplateGenericIntegrationTests.java b/spring-vault-core/src/test/java/org/springframework/vault/core/VaultTemplateGenericIntegrationTests.java
index 2743995d1..5daeccb67 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/core/VaultTemplateGenericIntegrationTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/core/VaultTemplateGenericIntegrationTests.java
@@ -72,7 +72,7 @@ void readShouldReturnExistingKey() {
 	void readShouldReturnNestedPropertiesKey() throws Exception {
 
 		Map map = this.OBJECT_MAPPER
-				.readValue("{ \"hello.array[0]\":\"array-value0\", \"hello.array[1]\":\"array-value1\" }", Map.class);
+			.readValue("{ \"hello.array[0]\":\"array-value0\", \"hello.array[1]\":\"array-value1\" }", Map.class);
 		this.vaultOperations.write("secret/mykey", map);
 
 		VaultResponse read = this.vaultOperations.read("secret/mykey");
@@ -91,7 +91,7 @@ void readShouldReturnNestedObjects() throws Exception {
 		VaultResponse read = this.vaultOperations.read("secret/mykey");
 		assertThat(read).isNotNull();
 		assertThat(read.getRequiredData()).containsEntry("array", Arrays
-				.asList(Collections.singletonMap("hello", "world"), Collections.singletonMap("hello1", "world1")));
+			.asList(Collections.singletonMap("hello", "world"), Collections.singletonMap("hello1", "world1")));
 	}
 
 	@Test
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/core/VaultTemplateTransformIntegrationTests.java b/spring-vault-core/src/test/java/org/springframework/vault/core/VaultTemplateTransformIntegrationTests.java
index 8e12e1cd7..fd022f92c 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/core/VaultTemplateTransformIntegrationTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/core/VaultTemplateTransformIntegrationTests.java
@@ -87,8 +87,8 @@ void shouldEncode() {
 	void shouldEncodeAndDecode() {
 
 		String value = "123-45-6789";
-		VaultResponse response = this.vaultOperations.write("transform/encode/myrole", String.format(
-				"{\"value\": \"%s\", \"tweak\": \"%s\"}", value, Base64Utils.encodeToString("somenum".getBytes())));
+		VaultResponse response = this.vaultOperations.write("transform/encode/myrole", String
+			.format("{\"value\": \"%s\", \"tweak\": \"%s\"}", value, Base64Utils.encodeToString("somenum".getBytes())));
 
 		String encoded = (String) response.getRequiredData().get("encoded_value");
 		VaultResponse decoded = this.vaultOperations.write("transform/decode/myrole", String.format(
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/core/VaultTemplateTransitIntegrationTests.java b/spring-vault-core/src/test/java/org/springframework/vault/core/VaultTemplateTransitIntegrationTests.java
index 6cfeb0be3..3d0bdf0b9 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/core/VaultTemplateTransitIntegrationTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/core/VaultTemplateTransitIntegrationTests.java
@@ -74,8 +74,8 @@ void tearDown() {
 	private void deleteKey(String keyName) {
 
 		try {
-			this.vaultOperations.opsForTransit().configureKey(keyName,
-					VaultTransitKeyConfiguration.builder().deletionAllowed(true).build());
+			this.vaultOperations.opsForTransit()
+				.configureKey(keyName, VaultTransitKeyConfiguration.builder().deletionAllowed(true).build());
 		}
 		catch (Exception e) {
 		}
@@ -117,7 +117,7 @@ void shouldEncryptAndDecrypt() {
 				Collections.singletonMap("ciphertext", response.getRequiredData().get("ciphertext")));
 
 		assertThat((String) decrypted.getRequiredData().get("plaintext"))
-				.isEqualTo(Base64Utils.encodeToString("that message is secret".getBytes()));
+			.isEqualTo(Base64Utils.encodeToString("that message is secret".getBytes()));
 	}
 
 }
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/core/VaultTokenTemplateIntegrationTests.java b/spring-vault-core/src/test/java/org/springframework/vault/core/VaultTokenTemplateIntegrationTests.java
index ad22bcd5a..da0915bb2 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/core/VaultTokenTemplateIntegrationTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/core/VaultTokenTemplateIntegrationTests.java
@@ -69,16 +69,17 @@ void createTokenShouldCreateANewToken() {
 	@Test
 	void createTokenShouldCreateACustomizedToken() {
 
-		VaultTokenRequest tokenRequest = VaultTokenRequest.builder().displayName("display") //
-				.explicitMaxTtl(Duration.ofHours(5)) //
-				.ttl(Duration.ofMinutes(30 * 60)) //
-				.policies(Collections.singleton("root")) //
-				.numUses(2) //
-				.renewable() //
-				.noDefaultPolicy() //
-				.noParent() //
-				.id(UUID.randomUUID().toString()) //
-				.build();
+		VaultTokenRequest tokenRequest = VaultTokenRequest.builder()
+			.displayName("display") //
+			.explicitMaxTtl(Duration.ofHours(5)) //
+			.ttl(Duration.ofMinutes(30 * 60)) //
+			.policies(Collections.singleton("root")) //
+			.numUses(2) //
+			.renewable() //
+			.noDefaultPolicy() //
+			.noParent() //
+			.id(UUID.randomUUID().toString()) //
+			.build();
 
 		VaultTokenResponse tokenResponse = this.tokenOperations.create(tokenRequest);
 		assertThat(tokenResponse.getAuth()).containsEntry("client_token", tokenRequest.getId());
@@ -94,16 +95,17 @@ void createOrphanTokenShouldCreateAToken() {
 	@Test
 	void createOrphanTokenShouldCreateACustomizedToken() {
 
-		VaultTokenRequest tokenRequest = VaultTokenRequest.builder().displayName("display") //
-				.explicitMaxTtl(Duration.ofHours(5)) //
-				.ttl(Duration.ofMinutes(30 * 60)) //
-				.policies(Collections.singleton("root")) //
-				.numUses(2) //
-				.renewable() //
-				.noDefaultPolicy() //
-				.noParent() //
-				.id(UUID.randomUUID().toString()) //
-				.build();
+		VaultTokenRequest tokenRequest = VaultTokenRequest.builder()
+			.displayName("display") //
+			.explicitMaxTtl(Duration.ofHours(5)) //
+			.ttl(Duration.ofMinutes(30 * 60)) //
+			.policies(Collections.singleton("root")) //
+			.numUses(2) //
+			.renewable() //
+			.noDefaultPolicy() //
+			.noParent() //
+			.id(UUID.randomUUID().toString()) //
+			.build();
 
 		VaultTokenResponse tokenResponse = this.tokenOperations.createOrphan(tokenRequest);
 		assertThat(tokenResponse.getAuth()).containsEntry("client_token", tokenRequest.getId());
@@ -112,10 +114,11 @@ void createOrphanTokenShouldCreateACustomizedToken() {
 	@Test
 	void renewShouldRenewToken() {
 
-		VaultTokenRequest tokenRequest = VaultTokenRequest.builder().explicitMaxTtl(Duration.ofHours(5)) //
-				.ttl(Duration.ofMinutes(30 * 60)) //
-				.renewable() //
-				.build();
+		VaultTokenRequest tokenRequest = VaultTokenRequest.builder()
+			.explicitMaxTtl(Duration.ofHours(5)) //
+			.ttl(Duration.ofMinutes(30 * 60)) //
+			.renewable() //
+			.build();
 
 		VaultTokenResponse tokenResponse = this.tokenOperations.create(tokenRequest);
 		VaultTokenResponse renew = this.tokenOperations.renew(tokenResponse.getToken());
@@ -129,7 +132,7 @@ void renewShouldFailForNonRenewableRenewTokens() {
 		VaultTokenResponse tokenResponse = this.tokenOperations.create();
 
 		assertThatExceptionOfType(VaultException.class)
-				.isThrownBy(() -> this.tokenOperations.renew(tokenResponse.getToken()));
+			.isThrownBy(() -> this.tokenOperations.renew(tokenResponse.getToken()));
 	}
 
 	@Test
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/core/VaultTransformTemplateIntegrationTests.java b/spring-vault-core/src/test/java/org/springframework/vault/core/VaultTransformTemplateIntegrationTests.java
index 470616550..186adc1b7 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/core/VaultTransformTemplateIntegrationTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/core/VaultTransformTemplateIntegrationTests.java
@@ -107,8 +107,10 @@ void tearDown() {
 	@Test
 	void encodeCreatesCiphertextWithTransformationAndProvidedTweak() {
 
-		VaultTransformContext transformRequest = VaultTransformContext.builder().transformation("myssn")
-				.tweak("somenum".getBytes()).build();
+		VaultTransformContext transformRequest = VaultTransformContext.builder()
+			.transformation("myssn")
+			.tweak("somenum".getBytes())
+			.build();
 
 		TransformCiphertext ciphertext = this.transformOperations.encode("myrole", "123-45-6789".getBytes(),
 				transformRequest);
@@ -139,8 +141,10 @@ void encodeCreatesCiphertextWithInternalTransformationAndNoTweak() {
 	@Test
 	void encodeAndDecodeYieldsStartingResultWithSameTweakValueProvided() {
 
-		VaultTransformContext transformRequest = VaultTransformContext.builder().transformation("myssn")
-				.tweak("somenum".getBytes()).build();
+		VaultTransformContext transformRequest = VaultTransformContext.builder()
+			.transformation("myssn")
+			.tweak("somenum".getBytes())
+			.build();
 		String targetValue = "123-45-6789";
 
 		TransformCiphertext ciphertext = this.transformOperations.encode("myrole", targetValue.getBytes(),
@@ -154,16 +158,20 @@ void encodeAndDecodeYieldsStartingResultWithSameTweakValueProvided() {
 	@Test
 	void encodeAndDecodeDoesNotYieldStartingResultWithDifferentTweakValueProvided() {
 
-		VaultTransformContext transformRequest = VaultTransformContext.builder().transformation("myssn")
-				.tweak("somenum".getBytes()).build();
+		VaultTransformContext transformRequest = VaultTransformContext.builder()
+			.transformation("myssn")
+			.tweak("somenum".getBytes())
+			.build();
 		String targetValue = "123-45-6789";
 
 		TransformCiphertext ciphertext = this.transformOperations.encode("myrole", targetValue.getBytes(),
 				transformRequest);
 		assertThat(ciphertext.getCiphertext()).matches("[0-9]{3}-[0-9]{2}-[0-9]{4}").isNotEqualTo(targetValue);
 
-		VaultTransformContext otherDecodeRequest = VaultTransformContext.builder().transformation("myssn")
-				.tweak("numsome".getBytes()).build();
+		VaultTransformContext otherDecodeRequest = VaultTransformContext.builder()
+			.transformation("myssn")
+			.tweak("numsome".getBytes())
+			.build();
 
 		String decodeResponse = this.transformOperations.decode("myrole", ciphertext.getCiphertext(),
 				otherDecodeRequest);
@@ -197,18 +205,25 @@ void encodeAndDecodeWithoutContextWorksForInternalTweakSource() {
 	@Test
 	void batchEncodeAndDecodeYieldsStartingResults() {
 
-		VaultTransformContext transformRequest = VaultTransformContext.builder().transformation("myssn")
-				.tweak("somenum".getBytes()).build();
+		VaultTransformContext transformRequest = VaultTransformContext.builder()
+			.transformation("myssn")
+			.tweak("somenum".getBytes())
+			.build();
 
 		List<String> ssns = Arrays.asList("123-01-4567", "123-02-4567", "123-03-4567", "123-04-4567", "123-05-4567");
 
 		List<VaultTransformEncodeResult> encoded = this.transformOperations.encode("myrole",
-				ssns.stream().map(TransformPlaintext::of).map(plaintext -> plaintext.with(transformRequest))
-						.collect(Collectors.toList()));
+				ssns.stream()
+					.map(TransformPlaintext::of)
+					.map(plaintext -> plaintext.with(transformRequest))
+					.collect(Collectors.toList()));
 
 		List<VaultTransformDecodeResult> decoded = this.transformOperations.decode("myrole",
-				encoded.stream().map(VaultTransformEncodeResult::getAsString).map(TransformCiphertext::of)
-						.map(ciphertext -> ciphertext.with(transformRequest)).collect(Collectors.toList()));
+				encoded.stream()
+					.map(VaultTransformEncodeResult::getAsString)
+					.map(TransformCiphertext::of)
+					.map(ciphertext -> ciphertext.with(transformRequest))
+					.collect(Collectors.toList()));
 
 		for (int i = 0; i < decoded.size(); i++) {
 			assertThat(decoded.get(i).getAsString()).isEqualTo(ssns.get(i));
@@ -224,8 +239,10 @@ void batchEncodeAndDecodeYieldsStartingResultsForInternalWithNoContext() {
 				ssns.stream().map(TransformPlaintext::of).collect(Collectors.toList()));
 
 		List<VaultTransformDecodeResult> decoded = this.transformOperations.decode("internalrole",
-				encoded.stream().map(VaultTransformEncodeResult::getAsString).map(TransformCiphertext::of)
-						.collect(Collectors.toList()));
+				encoded.stream()
+					.map(VaultTransformEncodeResult::getAsString)
+					.map(TransformCiphertext::of)
+					.collect(Collectors.toList()));
 
 		for (int i = 0; i < decoded.size(); i++) {
 			assertThat(decoded.get(i).getAsString()).isEqualTo(ssns.get(i));
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/core/VaultTransitTemplateIntegrationTests.java b/spring-vault-core/src/test/java/org/springframework/vault/core/VaultTransitTemplateIntegrationTests.java
index e35d126a6..2c204c33a 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/core/VaultTransitTemplateIntegrationTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/core/VaultTransitTemplateIntegrationTests.java
@@ -219,9 +219,9 @@ void createKeyShouldCreateAes256Gcm96Key() {
 	void createKeyShouldCreateKeyWithOptions() {
 
 		VaultTransitKeyCreationRequest request = VaultTransitKeyCreationRequest.builder() //
-				.convergentEncryption(true) //
-				.derived(true) //
-				.build();
+			.convergentEncryption(true) //
+			.derived(true) //
+			.build();
 
 		this.transitOperations.createKey("mykey", request);
 
@@ -241,8 +241,11 @@ void shouldConfigureKey() {
 		this.transitOperations.rotate("mykey");
 		this.transitOperations.rotate("mykey");
 
-		VaultTransitKeyConfiguration configuration = VaultTransitKeyConfiguration.builder().deletionAllowed(true)
-				.minDecryptionVersion(1).minEncryptionVersion(2).build();
+		VaultTransitKeyConfiguration configuration = VaultTransitKeyConfiguration.builder()
+			.deletionAllowed(true)
+			.minDecryptionVersion(1)
+			.minEncryptionVersion(2)
+			.build();
 
 		this.transitOperations.configureKey("mykey", configuration);
 
@@ -314,9 +317,10 @@ void encryptShouldCreateCiphertextWithNonceAndContext() {
 		this.transitOperations.createKey("mykey",
 				VaultTransitKeyCreationRequest.builder().convergentEncryption(true).derived(true).build());
 
-		VaultTransitContext transitRequest = VaultTransitContext.builder().context("blubb".getBytes()) //
-				.nonce("123456789012".getBytes()) //
-				.build();
+		VaultTransitContext transitRequest = VaultTransitContext.builder()
+			.context("blubb".getBytes()) //
+			.nonce("123456789012".getBytes()) //
+			.build();
 
 		String ciphertext = this.transitOperations.encrypt("mykey", "hello-world".getBytes(), transitRequest);
 		assertThat(ciphertext).startsWith("vault:v1:");
@@ -329,9 +333,10 @@ void encryptShouldEncryptEmptyValues() {
 		this.transitOperations.createKey("mykey",
 				VaultTransitKeyCreationRequest.builder().convergentEncryption(true).derived(true).build());
 
-		VaultTransitContext context = VaultTransitContext.builder().context("blubb".getBytes()) //
-				.nonce("123456789012".getBytes()) //
-				.build();
+		VaultTransitContext context = VaultTransitContext.builder()
+			.context("blubb".getBytes()) //
+			.nonce("123456789012".getBytes()) //
+			.build();
 
 		Ciphertext ciphertext = this.transitOperations.encrypt("mykey", Plaintext.of("").with(context));
 
@@ -345,9 +350,10 @@ void encryptShouldCreateWrappedCiphertextWithNonceAndContext() {
 		this.transitOperations.createKey("mykey",
 				VaultTransitKeyCreationRequest.builder().convergentEncryption(true).derived(true).build());
 
-		VaultTransitContext context = VaultTransitContext.builder().context("blubb".getBytes()) //
-				.nonce("123456789012".getBytes()) //
-				.build();
+		VaultTransitContext context = VaultTransitContext.builder()
+			.context("blubb".getBytes()) //
+			.nonce("123456789012".getBytes()) //
+			.build();
 
 		Ciphertext ciphertext = this.transitOperations.encrypt("mykey", Plaintext.of("hello-world").with(context));
 
@@ -373,9 +379,9 @@ void decryptShouldCreatePlaintextWithNonceAndContext() {
 				VaultTransitKeyCreationRequest.builder().convergentEncryption(true).derived(true).build());
 
 		VaultTransitContext transitRequest = VaultTransitContext.builder() //
-				.context("blubb".getBytes()) //
-				.nonce("123456789012".getBytes()) //
-				.build();
+			.context("blubb".getBytes()) //
+			.nonce("123456789012".getBytes()) //
+			.build();
 
 		String ciphertext = this.transitOperations.encrypt("mykey", "hello-world".getBytes(), transitRequest);
 
@@ -390,9 +396,9 @@ void decryptShouldCreateWrappedPlaintextWithNonceAndContext() {
 				VaultTransitKeyCreationRequest.builder().convergentEncryption(true).derived(true).build());
 
 		VaultTransitContext context = VaultTransitContext.builder() //
-				.context("blubb".getBytes()) //
-				.nonce("123456789012".getBytes()) //
-				.build();
+			.context("blubb".getBytes()) //
+			.nonce("123456789012".getBytes()) //
+			.build();
 
 		Ciphertext ciphertext = this.transitOperations.encrypt("mykey", Plaintext.of("hello-world").with(context));
 		Plaintext plaintext = this.transitOperations.decrypt("mykey", ciphertext);
@@ -435,9 +441,9 @@ void encryptAndRewrapShouldCreateCiphertextWithNonceAndContext() {
 				VaultTransitKeyCreationRequest.builder().convergentEncryption(true).derived(true).build());
 
 		VaultTransitContext transitRequest = VaultTransitContext.builder() //
-				.context("blubb".getBytes()) //
-				.nonce("123456789012".getBytes()) //
-				.build();
+			.context("blubb".getBytes()) //
+			.nonce("123456789012".getBytes()) //
+			.build();
 
 		String ciphertext = this.transitOperations.encrypt("mykey", "hello-world".getBytes(), transitRequest);
 		this.transitOperations.rotate("mykey");
@@ -484,16 +490,16 @@ void shouldBatchDecrypt() {
 	void shouldBatchEncryptWithContext() {
 
 		VaultTransitKeyCreationRequest request = VaultTransitKeyCreationRequest.builder() //
-				.derived(true) //
-				.build();
+			.derived(true) //
+			.build();
 
 		this.transitOperations.createKey("mykey", request);
 
 		Plaintext one = Plaintext.of("one")
-				.with(VaultTransitContext.builder().context("oneContext".getBytes()).build());
+			.with(VaultTransitContext.builder().context("oneContext".getBytes()).build());
 
 		Plaintext two = Plaintext.of("two")
-				.with(VaultTransitContext.builder().context("twoContext".getBytes()).build());
+			.with(VaultTransitContext.builder().context("twoContext".getBytes()).build());
 
 		List<VaultEncryptionResult> encrypted = this.transitOperations.encrypt("mykey", Arrays.asList(one, two));
 
@@ -506,16 +512,16 @@ void shouldBatchEncryptWithContext() {
 	void shouldBatchDecryptWithContext() {
 
 		VaultTransitKeyCreationRequest request = VaultTransitKeyCreationRequest.builder() //
-				.derived(true) //
-				.build();
+			.derived(true) //
+			.build();
 
 		this.transitOperations.createKey("mykey", request);
 
 		Plaintext one = Plaintext.of("one")
-				.with(VaultTransitContext.builder().context("oneContext".getBytes()).build());
+			.with(VaultTransitContext.builder().context("oneContext".getBytes()).build());
 
 		Plaintext two = Plaintext.of("two")
-				.with(VaultTransitContext.builder().context("twoContext".getBytes()).build());
+			.with(VaultTransitContext.builder().context("twoContext".getBytes()).build());
 
 		List<VaultEncryptionResult> encrypted = this.transitOperations.encrypt("mykey", Arrays.asList(one, two));
 		List<VaultDecryptionResult> decrypted = this.transitOperations.decrypt("mykey",
@@ -530,16 +536,16 @@ void shouldBatchDecryptWithContext() {
 	void shouldBatchDecryptWithWrongContext() {
 
 		VaultTransitKeyCreationRequest request = VaultTransitKeyCreationRequest.builder() //
-				.derived(true) //
-				.build();
+			.derived(true) //
+			.build();
 
 		this.transitOperations.createKey("mykey", request);
 
 		Plaintext one = Plaintext.of("one")
-				.with(VaultTransitContext.builder().context("oneContext".getBytes()).build());
+			.with(VaultTransitContext.builder().context("oneContext".getBytes()).build());
 
 		Plaintext two = Plaintext.of("two")
-				.with(VaultTransitContext.builder().context("twoContext".getBytes()).build());
+			.with(VaultTransitContext.builder().context("twoContext".getBytes()).build());
 
 		List<VaultEncryptionResult> encrypted = this.transitOperations.encrypt("mykey", Arrays.asList(one, two));
 
@@ -581,13 +587,13 @@ void shouldBatchDecryptEmptyPlaintext() {
 	void shouldBatchDecryptEmptyPlaintextWithContext() {
 
 		VaultTransitKeyCreationRequest request = VaultTransitKeyCreationRequest.builder() //
-				.derived(true) //
-				.build();
+			.derived(true) //
+			.build();
 
 		this.transitOperations.createKey("mykey", request);
 
 		Plaintext empty = Plaintext.empty()
-				.with(VaultTransitContext.builder().context("oneContext".getBytes()).build());
+			.with(VaultTransitContext.builder().context("oneContext".getBytes()).build());
 
 		List<VaultEncryptionResult> encrypted = this.transitOperations.encrypt("mykey",
 				Collections.singletonList(empty));
@@ -614,8 +620,10 @@ void generateHmacShouldCreateHmacForRotatedKey() {
 		String keyName = createEcdsaP256Key();
 		this.transitOperations.rotate(keyName);
 
-		VaultHmacRequest request = VaultHmacRequest.builder().plaintext(Plaintext.of("hello-world")).keyVersion(2)
-				.build();
+		VaultHmacRequest request = VaultHmacRequest.builder()
+			.plaintext(Plaintext.of("hello-world"))
+			.keyVersion(2)
+			.build();
 
 		Hmac hmac = this.transitOperations.getHmac(keyName, request);
 		assertThat(hmac.getHmac()).isNotEmpty();
@@ -627,8 +635,10 @@ void generateHmacWithCustomAlgorithmShouldCreateHmac() {
 
 		String keyName = createEcdsaP256Key();
 
-		VaultHmacRequest request = VaultHmacRequest.builder().plaintext(Plaintext.of("hello-world"))
-				.algorithm("sha2-512").build();
+		VaultHmacRequest request = VaultHmacRequest.builder()
+			.plaintext(Plaintext.of("hello-world"))
+			.algorithm("sha2-512")
+			.build();
 
 		Hmac hmac = this.transitOperations.getHmac(keyName, request);
 		assertThat(hmac.getHmac()).isNotEmpty();
@@ -639,11 +649,13 @@ void generateHmacWithInvalidAlgorithmShouldFail() {
 
 		String keyName = createEcdsaP256Key();
 
-		VaultHmacRequest request = VaultHmacRequest.builder().plaintext(Plaintext.of("hello-world"))
-				.algorithm("blah-512").build();
+		VaultHmacRequest request = VaultHmacRequest.builder()
+			.plaintext(Plaintext.of("hello-world"))
+			.algorithm("blah-512")
+			.build();
 
 		assertThatExceptionOfType(VaultException.class)
-				.isThrownBy(() -> this.transitOperations.getHmac(keyName, request));
+			.isThrownBy(() -> this.transitOperations.getHmac(keyName, request));
 	}
 
 	@Test
@@ -673,7 +685,7 @@ void signWithInvalidKeyFormatShouldFail() {
 		this.transitOperations.createKey("mykey");
 
 		assertThatExceptionOfType(VaultException.class)
-				.isThrownBy(() -> this.transitOperations.sign("mykey", Plaintext.of("hello-world")));
+			.isThrownBy(() -> this.transitOperations.sign("mykey", Plaintext.of("hello-world")));
 	}
 
 	@Test
@@ -728,7 +740,10 @@ void shouldVerifyValidSignatureWithCustomAlgorithm() {
 		Signature signature = this.transitOperations.sign(keyName, request);
 
 		VaultSignatureVerificationRequest verificationRequest = VaultSignatureVerificationRequest.builder()
-				.hashAlgorithm("sha2-512").plaintext(plaintext).signature(signature).build();
+			.hashAlgorithm("sha2-512")
+			.plaintext(plaintext)
+			.signature(signature)
+			.build();
 
 		SignatureValidation valid = this.transitOperations.verify(keyName, verificationRequest);
 		assertThat(valid).isEqualTo(SignatureValidation.valid());
@@ -740,7 +755,9 @@ void shouldCreateNewExportableKey() {
 
 		VaultTransitOperations vaultTransitOperations = this.vaultOperations.opsForTransit();
 		VaultTransitKeyCreationRequest vaultTransitKeyCreationRequest = VaultTransitKeyCreationRequest.builder()
-				.exportable(true).derived(true).build();
+			.exportable(true)
+			.derived(true)
+			.build();
 
 		vaultTransitOperations.createKey("export-test", vaultTransitKeyCreationRequest);
 
@@ -784,7 +801,7 @@ void shouldNotAllowExportSigningKey() {
 		this.vaultOperations.write("transit/keys/export", Collections.singletonMap("exportable", true));
 
 		assertThatExceptionOfType(VaultException.class)
-				.isThrownBy(() -> this.transitOperations.exportKey("export", TransitKeyType.SIGNING_KEY));
+			.isThrownBy(() -> this.transitOperations.exportKey("export", TransitKeyType.SIGNING_KEY));
 	}
 
 	@Test
@@ -806,8 +823,10 @@ void shouldExportEcDsaKey() {
 
 		VaultTransitOperations transitOperations = this.vaultOperations.opsForTransit();
 
-		VaultTransitKeyCreationRequest request = VaultTransitKeyCreationRequest.builder().type("ecdsa-p256")
-				.exportable(true).build();
+		VaultTransitKeyCreationRequest request = VaultTransitKeyCreationRequest.builder()
+			.type("ecdsa-p256")
+			.exportable(true)
+			.build();
 
 		transitOperations.createKey("ecdsa-key", request);
 
@@ -824,8 +843,10 @@ void shouldExportEdKey() {
 
 		VaultTransitOperations transitOperations = this.vaultOperations.opsForTransit();
 
-		VaultTransitKeyCreationRequest request = VaultTransitKeyCreationRequest.builder().type("ed25519")
-				.exportable(true).build();
+		VaultTransitKeyCreationRequest request = VaultTransitKeyCreationRequest.builder()
+			.type("ed25519")
+			.exportable(true)
+			.build();
 
 		transitOperations.createKey("ed-key", request);
 
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/core/VaultVersionedKeyValueTemplateIntegrationTests.java b/spring-vault-core/src/test/java/org/springframework/vault/core/VaultVersionedKeyValueTemplateIntegrationTests.java
index 8113a243b..9d9bf4f9e 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/core/VaultVersionedKeyValueTemplateIntegrationTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/core/VaultVersionedKeyValueTemplateIntegrationTests.java
@@ -99,8 +99,8 @@ void shouldCreateVersionedWithCAS() {
 
 		// this should fail
 		assertThatThrownBy(() -> this.versionedOperations.put(key, Versioned.create(secret, Version.unversioned())))
-				.isExactlyInstanceOf(VaultException.class)
-				.hasMessageContaining("check-and-set parameter did not match the current version");
+			.isExactlyInstanceOf(VaultException.class)
+			.hasMessageContaining("check-and-set parameter did not match the current version");
 	}
 
 	@Test
@@ -139,9 +139,9 @@ void shouldReadDifferentVersions() {
 		this.versionedOperations.put(key, Collections.singletonMap("key", "v2"));
 
 		assertThat(this.versionedOperations.get(key, Version.from(1)).getRequiredData())
-				.isEqualTo(Collections.singletonMap("key", "v1"));
+			.isEqualTo(Collections.singletonMap("key", "v1"));
 		assertThat(this.versionedOperations.get(key, Version.from(2)).getRequiredData())
-				.isEqualTo(Collections.singletonMap("key", "v2"));
+			.isEqualTo(Collections.singletonMap("key", "v2"));
 	}
 
 	@Test
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/core/VaultWrappingTemplateIntegrationTests.java b/spring-vault-core/src/test/java/org/springframework/vault/core/VaultWrappingTemplateIntegrationTests.java
index c9265f15a..3aa3114f3 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/core/VaultWrappingTemplateIntegrationTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/core/VaultWrappingTemplateIntegrationTests.java
@@ -73,7 +73,7 @@ void shouldCreateWrappedSecret() {
 		assertThat(metadata.getTtl()).isEqualTo(Duration.ofSeconds(100));
 		assertThat(metadata.getToken()).isNotNull();
 		assertThat(metadata.getCreationTime()).isBefore(Instant.now().plusSeconds(60))
-				.isAfter(Instant.now().minusSeconds(60));
+			.isAfter(Instant.now().minusSeconds(60));
 	}
 
 	@Test
@@ -88,7 +88,7 @@ void shouldLookupWrappedSecret() {
 		assertThat(lookup.getTtl()).isEqualTo(Duration.ofSeconds(100));
 		assertThat(lookup.getToken()).isNotNull();
 		assertThat(lookup.getCreationTime()).isBefore(Instant.now().plusSeconds(60))
-				.isAfter(Instant.now().minusSeconds(60));
+			.isAfter(Instant.now().minusSeconds(60));
 	}
 
 	@Test
@@ -140,13 +140,13 @@ void shouldRewrapSecret() {
 		assertThat(rewrap.getTtl()).isEqualTo(Duration.ofSeconds(100));
 		assertThat(rewrap.getToken()).isNotEqualTo(metadata.getToken());
 		assertThat(rewrap.getCreationTime()).isBefore(Instant.now().plusSeconds(60))
-				.isAfter(Instant.now().minusSeconds(60));
+			.isAfter(Instant.now().minusSeconds(60));
 	}
 
 	@Test
 	void shouldRewrapAbsentSecret() {
 		assertThatExceptionOfType(VaultException.class)
-				.isThrownBy(() -> this.wrappingOperations.rewrap(VaultToken.of("foo")));
+			.isThrownBy(() -> this.wrappingOperations.rewrap(VaultToken.of("foo")));
 	}
 
 	static final class Secret {
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/core/env/LeaseAwareVaultPropertySourceUnitTests.java b/spring-vault-core/src/test/java/org/springframework/vault/core/env/LeaseAwareVaultPropertySourceUnitTests.java
index 91d510a2e..9b4c25b01 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/core/env/LeaseAwareVaultPropertySourceUnitTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/core/env/LeaseAwareVaultPropertySourceUnitTests.java
@@ -112,7 +112,7 @@ void ignoresNotFoundByDefault() {
 		when(this.leaseContainer.addRequestedSecret(any())).then(invocation -> {
 
 			listeners.forEach(leaseListener -> leaseListener
-					.onLeaseEvent(new SecretNotFoundEvent(invocation.getArgument(0), Lease.none())));
+				.onLeaseEvent(new SecretNotFoundEvent(invocation.getArgument(0), Lease.none())));
 			return invocation.getArgument(0);
 		});
 
@@ -165,8 +165,9 @@ void propagatesErrorIfIgnoreResourceNotFoundIsFalse() {
 		});
 
 		assertThatThrownBy(() -> new LeaseAwareVaultPropertySource("name", this.leaseContainer, secret,
-				PropertyTransformers.noop(), false)).isInstanceOf(VaultPropertySourceNotFoundException.class)
-						.hasRootCauseExactlyInstanceOf(RuntimeException.class);
+				PropertyTransformers.noop(), false))
+			.isInstanceOf(VaultPropertySourceNotFoundException.class)
+			.hasRootCauseExactlyInstanceOf(RuntimeException.class);
 	}
 
 }
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/core/env/VaultPropertySourceUnitTests.java b/spring-vault-core/src/test/java/org/springframework/vault/core/env/VaultPropertySourceUnitTests.java
index 80dc6dc0e..329955279 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/core/env/VaultPropertySourceUnitTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/core/env/VaultPropertySourceUnitTests.java
@@ -47,8 +47,8 @@ class VaultPropertySourceUnitTests {
 
 	@Test
 	void shouldRejectEmptyPath() {
-		assertThatIllegalArgumentException().isThrownBy(
-				() -> new VaultPropertySource("hello", this.vaultTemplate, "", PropertyTransformers.noop()));
+		assertThatIllegalArgumentException()
+			.isThrownBy(() -> new VaultPropertySource("hello", this.vaultTemplate, "", PropertyTransformers.noop()));
 
 	}
 
@@ -62,8 +62,9 @@ void shouldRejectPathStartingWithSlash() {
 	void propertiesNotFoundShouldFailOnIgnoreSecretNotFoundDisabled() {
 
 		assertThatThrownBy(() -> new VaultPropertySource("hello", this.vaultTemplate, "secret/myapp",
-				PropertyTransformers.noop(), false)).isInstanceOf(VaultPropertySourceNotFoundException.class)
-						.hasNoCause();
+				PropertyTransformers.noop(), false))
+			.isInstanceOf(VaultPropertySourceNotFoundException.class)
+			.hasNoCause();
 	}
 
 	@Test
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/core/env/VersionedKeyValueBackendIntegrationTests.java b/spring-vault-core/src/test/java/org/springframework/vault/core/env/VersionedKeyValueBackendIntegrationTests.java
index 7ae01d569..59af1b754 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/core/env/VersionedKeyValueBackendIntegrationTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/core/env/VersionedKeyValueBackendIntegrationTests.java
@@ -65,8 +65,8 @@ static void beforeClass(VaultInitializer initializer) {
 
 		PrepareVault prepare = initializer.prepare();
 
-		VaultKeyValueOperations versionedKv = prepare.getVaultOperations().opsForKeyValue("versioned",
-				VaultKeyValueOperationsSupport.KeyValueBackend.versioned());
+		VaultKeyValueOperations versionedKv = prepare.getVaultOperations()
+			.opsForKeyValue("versioned", VaultKeyValueOperationsSupport.KeyValueBackend.versioned());
 
 		versionedKv.put("my/path", Collections.singletonMap("my-key", "my-value"));
 	}
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/core/lease/LeaseEndpointsUnitTests.java b/spring-vault-core/src/test/java/org/springframework/vault/core/lease/LeaseEndpointsUnitTests.java
index 380d2f7fc..61e77dcb9 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/core/lease/LeaseEndpointsUnitTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/core/lease/LeaseEndpointsUnitTests.java
@@ -64,7 +64,7 @@ void legacyRenewsUsingSysRenew() {
 		vaultResponseBody.put("lease_duration", 90L);
 		vaultResponseBody.put("renewable", false);
 		when(restOperations.exchange(eq("sys/renew"), eq(HttpMethod.PUT), any(HttpEntity.class), eq(Map.class)))
-				.thenReturn(new ResponseEntity<>(vaultResponseBody, HttpStatus.OK));
+			.thenReturn(new ResponseEntity<>(vaultResponseBody, HttpStatus.OK));
 
 		when(oldLease.getLeaseId()).thenReturn("old_lease");
 		when(oldLease.getLeaseDuration()).thenReturn(Duration.ofSeconds(70));
@@ -110,7 +110,7 @@ void sysLeasesRenewsUsingSysLeasesRenew() {
 		vaultResponseBody.put("lease_duration", 90L);
 		vaultResponseBody.put("renewable", false);
 		when(restOperations.exchange(eq("sys/leases/renew"), eq(HttpMethod.PUT), any(HttpEntity.class), eq(Map.class)))
-				.thenReturn(new ResponseEntity<>(vaultResponseBody, HttpStatus.OK));
+			.thenReturn(new ResponseEntity<>(vaultResponseBody, HttpStatus.OK));
 
 		when(oldLease.getLeaseId()).thenReturn("old_lease");
 		when(oldLease.getLeaseDuration()).thenReturn(Duration.ofSeconds(70));
@@ -157,7 +157,7 @@ void leasesRenewsUsingSysLeasesRenew() {
 		vaultResponseBody.put("lease_duration", 90L);
 		vaultResponseBody.put("renewable", false);
 		when(restOperations.exchange(eq("sys/leases/renew"), eq(HttpMethod.PUT), any(HttpEntity.class), eq(Map.class)))
-				.thenReturn(new ResponseEntity<>(vaultResponseBody, HttpStatus.OK));
+			.thenReturn(new ResponseEntity<>(vaultResponseBody, HttpStatus.OK));
 
 		when(oldLease.getLeaseId()).thenReturn("old_lease");
 		when(oldLease.getLeaseDuration()).thenReturn(Duration.ofSeconds(70));
@@ -203,7 +203,7 @@ void leasesRevokedByPrefixRenewsUsingSysLeasesRenew() {
 		vaultResponseBody.put("lease_duration", 90L);
 		vaultResponseBody.put("renewable", false);
 		when(restOperations.exchange(eq("sys/leases/renew"), eq(HttpMethod.PUT), any(HttpEntity.class), eq(Map.class)))
-				.thenReturn(new ResponseEntity<>(vaultResponseBody, HttpStatus.OK));
+			.thenReturn(new ResponseEntity<>(vaultResponseBody, HttpStatus.OK));
 
 		when(oldLease.getLeaseId()).thenReturn("old_lease");
 		when(oldLease.getLeaseDuration()).thenReturn(Duration.ofSeconds(70));
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/core/lease/RotatingGenericSecretsIntegrationTestConfiguration.java b/spring-vault-core/src/test/java/org/springframework/vault/core/lease/RotatingGenericSecretsIntegrationTestConfiguration.java
index 522ce3708..b6cee66ee 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/core/lease/RotatingGenericSecretsIntegrationTestConfiguration.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/core/lease/RotatingGenericSecretsIntegrationTestConfiguration.java
@@ -59,7 +59,7 @@ public static class PropertySourceHolder implements InitializingBean {
 		public void afterPropertiesSet() throws Exception {
 			Assert.notNull(this.appContext, "application context must be set");
 			Map<String, LeaseAwareVaultPropertySource> leaseAwareVaultPropertySources = this.appContext
-					.getBeansOfType(LeaseAwareVaultPropertySource.class);
+				.getBeansOfType(LeaseAwareVaultPropertySource.class);
 			for (LeaseAwareVaultPropertySource candidate : leaseAwareVaultPropertySources.values()) {
 				if (candidate.getRequestedSecret().getPath().equals("versioned/rotating")) {
 					this.propertySource = candidate;
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/core/lease/RotatingGenericSecretsIntegrationTests.java b/spring-vault-core/src/test/java/org/springframework/vault/core/lease/RotatingGenericSecretsIntegrationTests.java
index 148956a81..12fbaf1a0 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/core/lease/RotatingGenericSecretsIntegrationTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/core/lease/RotatingGenericSecretsIntegrationTests.java
@@ -54,8 +54,8 @@ static void beforeAll() {
 
 		assumeThat(prepare.getVersion()).isGreaterThanOrEqualTo(VaultInitializer.VERSIONING_INTRODUCED_WITH);
 
-		VaultKeyValueOperations versioned = prepare.getVaultOperations().opsForKeyValue("versioned",
-				VaultKeyValueOperationsSupport.KeyValueBackend.KV_2);
+		VaultKeyValueOperations versioned = prepare.getVaultOperations()
+			.opsForKeyValue("versioned", VaultKeyValueOperationsSupport.KeyValueBackend.KV_2);
 
 		versioned.put("rotating", Collections.singletonMap("key", "value"));
 	}
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/core/lease/SecretLeaseContainerUnitTests.java b/spring-vault-core/src/test/java/org/springframework/vault/core/lease/SecretLeaseContainerUnitTests.java
index a1c7181a7..736f857a0 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/core/lease/SecretLeaseContainerUnitTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/core/lease/SecretLeaseContainerUnitTests.java
@@ -213,7 +213,7 @@ void shouldRenewLease() {
 		prepareRenewal();
 
 		when(this.vaultOperations.doWithSession(any(RestOperationsCallback.class)))
-				.thenReturn(Lease.of("new_lease", Duration.ofSeconds(70), true));
+			.thenReturn(Lease.of("new_lease", Duration.ofSeconds(70), true));
 
 		this.secretLeaseContainer.start();
 
@@ -232,7 +232,7 @@ void shouldRenewLeaseNow() {
 		prepareRenewal();
 
 		when(this.vaultOperations.doWithSession(any(RestOperationsCallback.class)))
-				.thenReturn(Lease.of("new_lease", Duration.ofSeconds(70), true));
+			.thenReturn(Lease.of("new_lease", Duration.ofSeconds(70), true));
 
 		this.secretLeaseContainer.start();
 
@@ -283,7 +283,7 @@ void shouldRetainLeaseAfterRenewalFailure() {
 
 		prepareRenewal();
 		when(this.vaultOperations.doWithSession(any(RestOperationsCallback.class)))
-				.thenThrow(new VaultException("Renewal failure"));
+			.thenThrow(new VaultException("Renewal failure"));
 
 		this.secretLeaseContainer.setLeaseStrategy(LeaseStrategy.retainOnError());
 		this.secretLeaseContainer.start();
@@ -428,7 +428,7 @@ void shouldNotRenewExpiringLease() {
 
 		prepareRenewal();
 		when(this.vaultOperations.doWithSession(any(RestOperationsCallback.class)))
-				.thenReturn(Lease.of("new_lease", Duration.ofSeconds(5), true));
+			.thenReturn(Lease.of("new_lease", Duration.ofSeconds(5), true));
 
 		this.secretLeaseContainer.start();
 
@@ -498,7 +498,7 @@ void shouldPublishRenewalErrors() {
 
 		prepareRenewal();
 		when(this.vaultOperations.doWithSession(any(RestOperationsCallback.class)))
-				.thenThrow(new HttpClientErrorException(HttpStatus.I_AM_A_TEAPOT));
+			.thenThrow(new HttpClientErrorException(HttpStatus.I_AM_A_TEAPOT));
 
 		this.secretLeaseContainer.start();
 
@@ -524,7 +524,7 @@ void subsequentScheduleRenewalShouldApplyExpiryThreshold() {
 		prepareRenewal();
 
 		when(this.vaultOperations.doWithSession(any(RestOperationsCallback.class)))
-				.thenReturn(Lease.of("new_lease", Duration.ofSeconds(70), true));
+			.thenReturn(Lease.of("new_lease", Duration.ofSeconds(70), true));
 
 		this.secretLeaseContainer.start();
 
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/core/util/KeyValueDelegateUnitTests.java b/spring-vault-core/src/test/java/org/springframework/vault/core/util/KeyValueDelegateUnitTests.java
index 92c23ef3a..1879211a2 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/core/util/KeyValueDelegateUnitTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/core/util/KeyValueDelegateUnitTests.java
@@ -52,22 +52,22 @@ void getKeyValue2PathShouldIgnoreNotMatchingPath() {
 	void shouldConsiderKeyValueVersion() {
 
 		assertThat(MountInfo.from("foo", Collections.singletonMap("version", "1"))
-				.isKeyValue(VaultKeyValueOperationsSupport.KeyValueBackend.KV_1)).isTrue();
+			.isKeyValue(VaultKeyValueOperationsSupport.KeyValueBackend.KV_1)).isTrue();
 
 		assertThat(MountInfo.from("foo", Collections.singletonMap("version", 1))
-				.isKeyValue(VaultKeyValueOperationsSupport.KeyValueBackend.KV_1)).isTrue();
+			.isKeyValue(VaultKeyValueOperationsSupport.KeyValueBackend.KV_1)).isTrue();
 
 		assertThat(MountInfo.from("foo", Collections.singletonMap("version", "2"))
-				.isKeyValue(VaultKeyValueOperationsSupport.KeyValueBackend.KV_2)).isTrue();
+			.isKeyValue(VaultKeyValueOperationsSupport.KeyValueBackend.KV_2)).isTrue();
 
 		assertThat(MountInfo.from("foo", Collections.singletonMap("version", 2))
-				.isKeyValue(VaultKeyValueOperationsSupport.KeyValueBackend.KV_1)).isFalse();
+			.isKeyValue(VaultKeyValueOperationsSupport.KeyValueBackend.KV_1)).isFalse();
 
 		assertThat(MountInfo.from("foo", Collections.singletonMap("version", "2"))
-				.isKeyValue(VaultKeyValueOperationsSupport.KeyValueBackend.KV_1)).isFalse();
+			.isKeyValue(VaultKeyValueOperationsSupport.KeyValueBackend.KV_1)).isFalse();
 
 		assertThat(MountInfo.from("foo", Collections.emptyMap())
-				.isKeyValue(VaultKeyValueOperationsSupport.KeyValueBackend.KV_1)).isFalse();
+			.isKeyValue(VaultKeyValueOperationsSupport.KeyValueBackend.KV_1)).isFalse();
 	}
 
 }
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/core/util/PropertyTransformersUnitTests.java b/spring-vault-core/src/test/java/org/springframework/vault/core/util/PropertyTransformersUnitTests.java
index c79d78e9e..b82fed203 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/core/util/PropertyTransformersUnitTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/core/util/PropertyTransformersUnitTests.java
@@ -34,34 +34,35 @@ void propertyNamePrefix() {
 
 		PropertyTransformer propertyTransformer = PropertyTransformers.propertyNamePrefix("my-prefix.");
 
-		assertThat(propertyTransformer.transformProperties(this.properties)).hasSize(1).containsEntry("my-prefix.key",
-				"value");
+		assertThat(propertyTransformer.transformProperties(this.properties)).hasSize(1)
+			.containsEntry("my-prefix.key", "value");
 	}
 
 	@Test
 	void propertyNamePrefixChaining() {
 
 		PropertyTransformer propertyTransformer = PropertyTransformers.propertyNamePrefix("my-prefix.")
-				.andThen(PropertyTransformers.propertyNamePrefix("foo-bar."));
+			.andThen(PropertyTransformers.propertyNamePrefix("foo-bar."));
 
 		assertThat(propertyTransformer.transformProperties(this.properties)).hasSize(1)
-				.containsEntry("foo-bar.my-prefix.key", "value");
+			.containsEntry("foo-bar.my-prefix.key", "value");
 	}
 
 	@Test
 	void longChaining() {
 
 		PropertyTransformer last = PropertyTransformers.propertyNamePrefix("last.")
-				.andThen(PropertyTransformers.noop());
+			.andThen(PropertyTransformers.noop());
 
 		PropertyTransformer middle = PropertyTransformers.propertyNamePrefix("middle.")
-				.andThen(PropertyTransformers.propertyNamePrefix("after-middle."));
+			.andThen(PropertyTransformers.propertyNamePrefix("after-middle."));
 
 		PropertyTransformer propertyTransformer = PropertyTransformers.propertyNamePrefix("inner.")
-				.andThen(PropertyTransformers.noop().andThen(middle)).andThen(last);
+			.andThen(PropertyTransformers.noop().andThen(middle))
+			.andThen(last);
 
 		assertThat(propertyTransformer.transformProperties(this.properties)).hasSize(1)
-				.containsEntry("last.after-middle.middle.inner.key", "value");
+			.containsEntry("last.after-middle.middle.inner.key", "value");
 	}
 
 }
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/repository/VaultKv2RepositoryIntegrationTests.java b/spring-vault-core/src/test/java/org/springframework/vault/repository/VaultKv2RepositoryIntegrationTests.java
index ad2f34136..cabd545d9 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/repository/VaultKv2RepositoryIntegrationTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/repository/VaultKv2RepositoryIntegrationTests.java
@@ -179,7 +179,7 @@ void optimisticLockingInsertShouldFail() {
 		person.setVersion(2);
 
 		assertThatExceptionOfType(OptimisticLockingFailureException.class)
-				.isThrownBy(() -> this.versionedRepository.save(person));
+			.isThrownBy(() -> this.versionedRepository.save(person));
 	}
 
 	@Test
@@ -194,7 +194,7 @@ void optimisticLockingUpdateShouldFail() {
 		saved.setFirstname("baz");
 
 		assertThatExceptionOfType(OptimisticLockingFailureException.class)
-				.isThrownBy(() -> this.versionedRepository.save(saved));
+			.isThrownBy(() -> this.versionedRepository.save(saved));
 	}
 
 	@Test
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/repository/VaultRepositoryIntegrationTests.java b/spring-vault-core/src/test/java/org/springframework/vault/repository/VaultRepositoryIntegrationTests.java
index 5ea98f804..9055e2f80 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/repository/VaultRepositoryIntegrationTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/repository/VaultRepositoryIntegrationTests.java
@@ -143,7 +143,7 @@ void shouldApplyLimiting() {
 	@Test
 	void shouldFailForNonIdCriteria() {
 		assertThatExceptionOfType(InvalidDataAccessApiUsageException.class)
-				.isThrownBy(() -> this.vaultRepository.findInvalidByFirstname("foo"));
+			.isThrownBy(() -> this.vaultRepository.findInvalidByFirstname("foo"));
 	}
 
 	interface VaultRepository extends CrudRepository<Person, String> {
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/repository/query/VaultQueryCreatorUnitTests.java b/spring-vault-core/src/test/java/org/springframework/vault/repository/query/VaultQueryCreatorUnitTests.java
index 56907b93f..9557297d3 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/repository/query/VaultQueryCreatorUnitTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/repository/query/VaultQueryCreatorUnitTests.java
@@ -186,7 +186,7 @@ void greaterThanAndLessThan() {
 	@Test
 	void failsForNonIdProperties() {
 		assertThatExceptionOfType(InvalidDataAccessApiUsageException.class)
-				.isThrownBy(() -> createQuery("findByName", ""));
+			.isThrownBy(() -> createQuery("findByName", ""));
 	}
 
 	VaultQuery createQuery(String methodName, String value) {
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/repository/support/VaultRevisionRepositoryIntegrationTests.java b/spring-vault-core/src/test/java/org/springframework/vault/repository/support/VaultRevisionRepositoryIntegrationTests.java
index 1a45ca1ce..2b74ce047 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/repository/support/VaultRevisionRepositoryIntegrationTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/repository/support/VaultRevisionRepositoryIntegrationTests.java
@@ -192,8 +192,9 @@ void shouldFindDeletedRevisionMetadata() {
 	@SuppressWarnings("rawtypes")
 	private VaultRevisionRepository<VersionedPerson> getRepository() {
 
-		VaultPersistentEntity<?> entity = keyValueTemplate.getConverter().getMappingContext()
-				.getRequiredPersistentEntity(VersionedPerson.class);
+		VaultPersistentEntity<?> entity = keyValueTemplate.getConverter()
+			.getMappingContext()
+			.getRequiredPersistentEntity(VersionedPerson.class);
 
 		return new VaultRevisionRepository<>(new MappingVaultEntityInformation(entity), "versioned/versionedPerson",
 				keyValueTemplate);
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/support/JsonMapFlattenerUnitTests.java b/spring-vault-core/src/test/java/org/springframework/vault/support/JsonMapFlattenerUnitTests.java
index f94d217c8..e1a6b72ea 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/support/JsonMapFlattenerUnitTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/support/JsonMapFlattenerUnitTests.java
@@ -53,7 +53,7 @@ void shouldFlattenNestedObject() throws Exception {
 	void shouldFlattenDeeplyNestedObject() throws Exception {
 
 		Map<String, Object> map = this.OBJECT_MAPPER
-				.readValue("{\"key\": { \"nested\": {\"anotherLevel\": \"value\"} } }", Map.class);
+			.readValue("{\"key\": { \"nested\": {\"anotherLevel\": \"value\"} } }", Map.class);
 		Map<String, Object> result = JsonMapFlattener.flatten(map);
 
 		assertThat(result).containsEntry("key.nested.anotherLevel", "value");
@@ -63,7 +63,7 @@ void shouldFlattenDeeplyNestedObject() throws Exception {
 	void shouldFlattenNestedListOfSimpleObjects() throws Exception {
 
 		Map<String, Object> map = this.OBJECT_MAPPER
-				.readValue("{\"key\": [\"one\", \"two\"], \"dotted.key\": [\"one\", \"two\"] }", Map.class);
+			.readValue("{\"key\": [\"one\", \"two\"], \"dotted.key\": [\"one\", \"two\"] }", Map.class);
 		Map<String, Object> result = JsonMapFlattener.flatten(map);
 
 		assertThat(result).containsEntry("key[0]", "one").containsEntry("key[1]", "two");
@@ -74,7 +74,7 @@ void shouldFlattenNestedListOfSimpleObjects() throws Exception {
 	void shouldFlattenNestedListOfComplexObject() throws Exception {
 
 		Map<String, Object> map = this.OBJECT_MAPPER
-				.readValue("{\"key\": [{ \"nested\":\"value\"}, { \"nested\":\"other-value\"}] }", Map.class);
+			.readValue("{\"key\": [{ \"nested\":\"value\"}, { \"nested\":\"other-value\"}] }", Map.class);
 		Map<String, Object> result = JsonMapFlattener.flatten(map);
 
 		assertThat(result).containsEntry("key[0].nested", "value").containsEntry("key[1].nested", "other-value");
@@ -87,8 +87,8 @@ void shouldFlattenDeeplyNestedListOfComplexObject() throws Exception {
 				"{\"key\": { \"level1\": [{ \"nested\":\"value\"}, { \"nested\":\"other-value\"}]} }", Map.class);
 		Map<String, Object> result = JsonMapFlattener.flatten(map);
 
-		assertThat(result).containsEntry("key.level1[0].nested", "value").containsEntry("key.level1[1].nested",
-				"other-value");
+		assertThat(result).containsEntry("key.level1[0].nested", "value")
+			.containsEntry("key.level1[1].nested", "other-value");
 	}
 
 }
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/support/KeyFactoriesUnitTests.java b/spring-vault-core/src/test/java/org/springframework/vault/support/KeyFactoriesUnitTests.java
index 13b2edeac..eb7106cca 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/support/KeyFactoriesUnitTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/support/KeyFactoriesUnitTests.java
@@ -54,7 +54,7 @@ void shouldCreateEcKey() throws IOException, GeneralSecurityException {
 
 		ECPrivateKeySpec ecKeySpec = (ECPrivateKeySpec) keySpec;
 		assertThat(ecKeySpec.getS())
-				.isEqualTo("80321543313819895612774489145376520718294627432743956845606752593828296924959");
+			.isEqualTo("80321543313819895612774489145376520718294627432743956845606752593828296924959");
 
 		// Verify against BouncyCastle parser
 		ECPrivateKey ecPrivateKey = ECPrivateKey.getInstance(key.getContent());
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/support/PemObjectUnitTests.java b/spring-vault-core/src/test/java/org/springframework/vault/support/PemObjectUnitTests.java
index 78f457248..a2185fa48 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/support/PemObjectUnitTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/support/PemObjectUnitTests.java
@@ -43,9 +43,9 @@ class PemObjectUnitTests {
 	@BeforeEach
 	void setUp() {
 		assertThat(this.privateDir).exists()
-				.isDirectoryContaining(file -> file.getName().equalsIgnoreCase("localhost.public.key.pem"));
+			.isDirectoryContaining(file -> file.getName().equalsIgnoreCase("localhost.public.key.pem"));
 		assertThat(this.privateDir).exists()
-				.isDirectoryContaining(file -> file.getName().equalsIgnoreCase("localhost.decrypted.key.pem"));
+			.isDirectoryContaining(file -> file.getName().equalsIgnoreCase("localhost.decrypted.key.pem"));
 	}
 
 	@Test
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/support/PolicySerializationUnitTests.java b/spring-vault-core/src/test/java/org/springframework/vault/support/PolicySerializationUnitTests.java
index 03fd24201..d95231a1c 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/support/PolicySerializationUnitTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/support/PolicySerializationUnitTests.java
@@ -43,12 +43,21 @@ class PolicySerializationUnitTests {
 	@Test
 	void shouldSerialize() throws Exception {
 
-		Rule rule = Rule.builder().path("secret/*").capabilities("create", "read", "update")
-				.allowedParameter("ttl", "1h", "2h").deniedParameter("password").build();
-
-		Rule another = Rule.builder().path("secret/foo").capabilities("create", "read", "update", "delete", "list")
-				.minWrappingTtl(Duration.ofMinutes(1)).maxWrappingTtl(Duration.ofHours(1))
-				.allowedParameter("ttl", "1h", "2h").deniedParameter("password").build();
+		Rule rule = Rule.builder()
+			.path("secret/*")
+			.capabilities("create", "read", "update")
+			.allowedParameter("ttl", "1h", "2h")
+			.deniedParameter("password")
+			.build();
+
+		Rule another = Rule.builder()
+			.path("secret/foo")
+			.capabilities("create", "read", "update", "delete", "list")
+			.minWrappingTtl(Duration.ofMinutes(1))
+			.maxWrappingTtl(Duration.ofHours(1))
+			.allowedParameter("ttl", "1h", "2h")
+			.deniedParameter("password")
+			.build();
 
 		Policy policy = Policy.of(rule, another);
 
@@ -62,13 +71,22 @@ void shouldSerialize() throws Exception {
 	@Test
 	void shouldDeserialize() throws Exception {
 
-		Rule rule = Rule.builder().path("secret/*").capabilities("create", "read", "update", "update")
-				.allowedParameter("ttl", "1h", "2h").deniedParameter("password").build();
-
-		Rule another = Rule.builder().path("secret/foo").capabilities("create", "read", "update", "delete", "list")
-				.minWrappingTtl(Duration.ofMinutes(1)).maxWrappingTtl(Duration.ofHours(1))
-				.allowedParameter("ttl", "1h", "2h").allowedParameter("ttl", "1h", "2h").deniedParameter("password")
-				.build();
+		Rule rule = Rule.builder()
+			.path("secret/*")
+			.capabilities("create", "read", "update", "update")
+			.allowedParameter("ttl", "1h", "2h")
+			.deniedParameter("password")
+			.build();
+
+		Rule another = Rule.builder()
+			.path("secret/foo")
+			.capabilities("create", "read", "update", "delete", "list")
+			.minWrappingTtl(Duration.ofMinutes(1))
+			.maxWrappingTtl(Duration.ofHours(1))
+			.allowedParameter("ttl", "1h", "2h")
+			.allowedParameter("ttl", "1h", "2h")
+			.deniedParameter("password")
+			.build();
 
 		Policy expected = Policy.of(rule, another);
 
@@ -106,9 +124,9 @@ void shouldDeserializeEmptyPolicy() throws Exception {
 	void shouldRejectUnknownFieldNames() throws Exception {
 
 		assertThatIllegalArgumentException()
-				.isThrownBy(() -> this.OBJECT_MAPPER.readValue("{\"foo\":1, \"path\": {} }", Policy.class));
+			.isThrownBy(() -> this.OBJECT_MAPPER.readValue("{\"foo\":1, \"path\": {} }", Policy.class));
 		assertThatIllegalArgumentException()
-				.isThrownBy(() -> this.OBJECT_MAPPER.readValue("{\"foo\":\"bar\"}", Policy.class));
+			.isThrownBy(() -> this.OBJECT_MAPPER.readValue("{\"foo\":\"bar\"}", Policy.class));
 	}
 
 	@Test
@@ -132,15 +150,17 @@ void shouldDeserializeRuleWithHour() throws Exception {
 	@Test
 	void crudShouldReturnCrudCapabilities() {
 
-		assertThat(Policy.BuiltinCapabilities.crud()).hasSize(5).contains(Policy.BuiltinCapabilities.CREATE)
-				.doesNotContain(Policy.BuiltinCapabilities.SUDO);
+		assertThat(Policy.BuiltinCapabilities.crud()).hasSize(5)
+			.contains(Policy.BuiltinCapabilities.CREATE)
+			.doesNotContain(Policy.BuiltinCapabilities.SUDO);
 	}
 
 	@Test
 	void sudoShouldReturnCrudAndSudoCapabilities() {
 
-		assertThat(Policy.BuiltinCapabilities.crudAndSudo()).hasSize(6).contains(Policy.BuiltinCapabilities.CREATE)
-				.contains(Policy.BuiltinCapabilities.SUDO);
+		assertThat(Policy.BuiltinCapabilities.crudAndSudo()).hasSize(6)
+			.contains(Policy.BuiltinCapabilities.CREATE)
+			.contains(Policy.BuiltinCapabilities.SUDO);
 	}
 
 }
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/support/SslConfigurationUnitTests.java b/spring-vault-core/src/test/java/org/springframework/vault/support/SslConfigurationUnitTests.java
index be6362957..a197d7c70 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/support/SslConfigurationUnitTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/support/SslConfigurationUnitTests.java
@@ -70,8 +70,10 @@ void shouldCreateConfiguration() {
 	void shouldCreateConfigurationWithEnabledCipherSuites() {
 
 		KeyStoreConfiguration keystore = KeyStoreConfiguration.of(new ClassPathResource("certificate.json"));
-		SslConfiguration tsConfig = SslConfiguration.unconfigured().withTrustStore(keystore).withEnabledCipherSuites(
-				"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256");
+		SslConfiguration tsConfig = SslConfiguration.unconfigured()
+			.withTrustStore(keystore)
+			.withEnabledCipherSuites("TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
+					"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256");
 
 		assertThat(tsConfig.getTrustStoreConfiguration()).isSameAs(keystore);
 		assertThat(tsConfig.getKeyStoreConfiguration().isPresent()).isFalse();
@@ -84,8 +86,9 @@ void shouldCreateConfigurationWithEnabledCipherSuites() {
 	void shouldCreateConfigurationWithEnabledProtocols() {
 
 		KeyStoreConfiguration keystore = KeyStoreConfiguration.of(new ClassPathResource("certificate.json"));
-		SslConfiguration tsConfig = SslConfiguration.unconfigured().withTrustStore(keystore)
-				.withEnabledProtocols("TLSv1.2", "TLSv1.1");
+		SslConfiguration tsConfig = SslConfiguration.unconfigured()
+			.withTrustStore(keystore)
+			.withEnabledProtocols("TLSv1.2", "TLSv1.1");
 
 		assertThat(tsConfig.getTrustStoreConfiguration()).isSameAs(keystore);
 		assertThat(tsConfig.getKeyStoreConfiguration().isPresent()).isFalse();
@@ -98,7 +101,7 @@ void shouldCreateConfigurationWithEnabledProtocols() {
 	void shouldCreatePemConfiguration() {
 
 		KeyStoreConfiguration keystore = KeyStoreConfiguration.of(new ClassPathResource("certificate.json"))
-				.withStoreType("PEM");
+			.withStoreType("PEM");
 		SslConfiguration configuration = SslConfiguration.forTrustStore(keystore);
 
 		assertThat(configuration.getTrustStoreConfiguration().getStoreType()).isEqualTo("PEM");
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/support/VaultCertificateRequestUnitTests.java b/spring-vault-core/src/test/java/org/springframework/vault/support/VaultCertificateRequestUnitTests.java
index deae98bc9..f982511a9 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/support/VaultCertificateRequestUnitTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/support/VaultCertificateRequestUnitTests.java
@@ -30,7 +30,7 @@ class VaultCertificateRequestUnitTests {
 	@Test
 	void shouldRejectUnconfiguredBuilder() {
 		assertThatExceptionOfType(IllegalArgumentException.class)
-				.isThrownBy(() -> VaultCertificateRequest.builder().build());
+			.isThrownBy(() -> VaultCertificateRequest.builder().build());
 	}
 
 	@Test
@@ -45,15 +45,15 @@ void shouldBuildRequestWithCommonName() {
 	void shouldBuildFullyConfiguredRequest() {
 
 		VaultCertificateRequest request = VaultCertificateRequest.builder() //
-				.commonName("hello.com") //
-				.withAltName("alt") //
-				.withIpSubjectAltName("127.0.0.1") //
-				.withUriSubjectAltName("hello.world") //
-				.withOtherSans("email;UTF-8:me@example.com") //
-				.excludeCommonNameFromSubjectAltNames() //
-				.format("pem") //
-				.privateKeyFormat("der") //
-				.build();
+			.commonName("hello.com") //
+			.withAltName("alt") //
+			.withIpSubjectAltName("127.0.0.1") //
+			.withUriSubjectAltName("hello.world") //
+			.withOtherSans("email;UTF-8:me@example.com") //
+			.excludeCommonNameFromSubjectAltNames() //
+			.format("pem") //
+			.privateKeyFormat("der") //
+			.build();
 
 		assertThat(request.getCommonName()).isEqualTo("hello.com");
 		assertThat(request.getAltNames()).hasSize(1).contains("alt");
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/support/VaultTokenRequestUnitTests.java b/spring-vault-core/src/test/java/org/springframework/vault/support/VaultTokenRequestUnitTests.java
index f7777ec25..a9f7619db 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/support/VaultTokenRequestUnitTests.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/support/VaultTokenRequestUnitTests.java
@@ -41,8 +41,9 @@ void shouldBuildEmptyRequest() {
 	@Test
 	void shouldBuildRequestWithMeta() {
 
-		VaultTokenRequest tokenRequest = VaultTokenRequest.builder().meta(Collections.singletonMap("key", "value"))
-				.build();
+		VaultTokenRequest tokenRequest = VaultTokenRequest.builder()
+			.meta(Collections.singletonMap("key", "value"))
+			.build();
 
 		assertThat(tokenRequest.getMeta()).containsEntry("key", "value");
 	}
@@ -58,8 +59,10 @@ void shouldBuildRequestWithPolicies() {
 	@Test
 	void shouldRequestWithDuration() {
 
-		VaultTokenRequest tokenRequest = VaultTokenRequest.builder().ttl(Duration.ofSeconds(10))
-				.explicitMaxTtl(Duration.ofSeconds(20)).build();
+		VaultTokenRequest tokenRequest = VaultTokenRequest.builder()
+			.ttl(Duration.ofSeconds(10))
+			.explicitMaxTtl(Duration.ofSeconds(20))
+			.build();
 
 		assertThat(tokenRequest.getTtl()).isEqualTo("10s");
 		assertThat(tokenRequest.getExplicitMaxTtl()).isEqualTo("20s");
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/util/PrepareVault.java b/spring-vault-core/src/test/java/org/springframework/vault/util/PrepareVault.java
index fb8551d75..56c7059de 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/util/PrepareVault.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/util/PrepareVault.java
@@ -74,7 +74,7 @@ public VaultToken initializeVault() {
 		int requiredKeys = 2;
 
 		VaultInitializationResponse initialized = this.vaultOperations.opsForSys()
-				.initialize(VaultInitializationRequest.create(createKeys, requiredKeys));
+			.initialize(VaultInitializationRequest.create(createKeys, requiredKeys));
 
 		for (int i = 0; i < requiredKeys; i++) {
 
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/util/TestRestTemplateFactory.java b/spring-vault-core/src/test/java/org/springframework/vault/util/TestRestTemplateFactory.java
index 2eb0b7453..34a2b480b 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/util/TestRestTemplateFactory.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/util/TestRestTemplateFactory.java
@@ -86,7 +86,7 @@ private static void initializeClientHttpRequestFactory(SslConfiguration sslConfi
 		}
 
 		final ClientHttpRequestFactory clientHttpRequestFactory = ClientHttpRequestFactoryFactory
-				.create(new ClientOptions(), sslConfiguration);
+			.create(new ClientOptions(), sslConfiguration);
 
 		if (factoryCache.compareAndSet(null, clientHttpRequestFactory)) {
 
diff --git a/spring-vault-core/src/test/java/org/springframework/vault/util/VaultVersionExtension.java b/spring-vault-core/src/test/java/org/springframework/vault/util/VaultVersionExtension.java
index dac734bcf..d7a62d236 100644
--- a/spring-vault-core/src/test/java/org/springframework/vault/util/VaultVersionExtension.java
+++ b/spring-vault-core/src/test/java/org/springframework/vault/util/VaultVersionExtension.java
@@ -35,7 +35,7 @@ class VaultVersionExtension implements ExecutionCondition {
 	private static final ExtensionContext.Namespace VAULT = ExtensionContext.Namespace.create("vault.version");
 
 	private static final ConditionEvaluationResult ENABLED_BY_DEFAULT = ConditionEvaluationResult
-			.enabled("@VaultVersion is not present");
+		.enabled("@VaultVersion is not present");
 
 	@Override
 	public ConditionEvaluationResult evaluateExecutionCondition(ExtensionContext context) {
@@ -62,11 +62,11 @@ public ConditionEvaluationResult evaluateExecutionCondition(ExtensionContext con
 
 		if (runningVersion.isGreaterThanOrEqualTo(required)) {
 			return ConditionEvaluationResult
-					.enabled(String.format("@VaultVersion check passed current Vault version is %s", runningVersion));
+				.enabled(String.format("@VaultVersion check passed current Vault version is %s", runningVersion));
 		}
 
-		return ConditionEvaluationResult.disabled(String.format(
-				"@VaultVersion requires since version %s, current Vault version is %s", required, runningVersion));
+		return ConditionEvaluationResult.disabled(String
+			.format("@VaultVersion requires since version %s, current Vault version is %s", required, runningVersion));
 	}
 
 }