Include X-Vault-Request header on all requests

[ianferguson]

Vault Agent (can) require consumers to include an X-Vault-Request header to guard against some SSRF attacks for users of the Vault Agent, particularly in auto-auth mode: https://www.vaultproject.io/api#the-x-vault-request-header

The hashicorp/vault Golang client adds this header to every outgoing request already: https://github.com/hashicorp/vault/pull/7627/files, this PR adds the same functionality to vault-java-driver

[marc-szalkiewicz-dd]

@steve-perkins Any chance you would have time to review this brief PR?

[steve-perkins]

@marc-szalkiewicz-dd Sorry. I left BetterCloud late last year, and no longer have access to do anything with this repo. My new employer uses Vault only via the Agent Injector in Kubernetes sidecars, so I haven't used the Java driver or been in the codebase in quite some time.

There was a was a transition plan before I left, but that was pre-COVID. I don't know what the current situation is, and am not in ongoing contact.

[ianferguson]

For anyone needing this PR: I've forked this library and released a v6.0.0 version that is the same as the final BetterCloud/vault-java-driver 5.1.0, as well as a v6.1.0 version that includes the contents of this pull request:

• https://search.maven.org/artifact/io.ianferguson/vault-java-driver/6.1.0/jar
• https://github.com/ianferguson/vault-java-driver/releases/tag/v6.1.0