Remove resource caching from PCF and Kubernetes authentication methods

Since AuthenticationStepsOperator is now able to use non-blocking I/O for resource access, there's no need to cache the instance keys/tokens.

See gh-586.

spring-vault-core/src/main/java/org/springframework/vault/authentication/AppRoleAuthentication.java

@@ -115,7 +115,7 @@ private static Node<Map<String, String>> getAuthenticationSteps(AppRoleAuthentic
 	private static Node<String> getRoleIdSteps(AppRoleAuthenticationOptions options, RoleId roleId) {
 
 		if (roleId instanceof Provided) {
-			return AuthenticationSteps.fromSupplier(((Provided) roleId)::getValue);
+			return AuthenticationSteps.fromValue(((Provided) roleId).getValue());
 		}
 
 		if (roleId instanceof Pull) {
@@ -138,7 +138,7 @@ private static Node<String> getRoleIdSteps(AppRoleAuthenticationOptions options,
 	private static Node<String> getSecretIdSteps(AppRoleAuthenticationOptions options, SecretId secretId) {
 
 		if (secretId instanceof Provided) {
-			return AuthenticationSteps.fromSupplier(((Provided) secretId)::getValue);
+			return AuthenticationSteps.fromValue(((Provided) secretId).getValue());
 		}
 
 		if (secretId instanceof Pull) {

spring-vault-core/src/main/java/org/springframework/vault/authentication/AzureMsiAuthentication.java

@@ -131,7 +131,7 @@ protected static AuthenticationSteps createAuthenticationSteps(AzureMsiAuthentic
 					.map(AzureMsiAuthentication::toAzureVmEnvironment);
 		}
 		else {
-			environmentSteps = AuthenticationSteps.fromSupplier(() -> environment);
+			environmentSteps = AuthenticationSteps.fromValue(environment);
 		}
 
 		return environmentSteps.zipWith(msiToken)

spring-vault-core/src/main/java/org/springframework/vault/authentication/KubernetesAuthentication.java

@@ -75,8 +75,8 @@ public static AuthenticationSteps createAuthenticationSteps(KubernetesAuthentica
 
 		Assert.notNull(options, "KubernetesAuthenticationOptions must not be null");
 
-		String token = options.getJwtSupplier().get();
-		return AuthenticationSteps.fromSupplier(() -> getKubernetesLogin(options.getRole(), token))
+		return AuthenticationSteps.fromSupplier(options.getJwtSupplier())
+				.map(token -> getKubernetesLogin(options.getRole(), token))
 				.login(AuthenticationUtil.getLoginPath(options.getPath()));
 	}
 

spring-vault-core/src/main/java/org/springframework/vault/authentication/KubernetesAuthenticationOptions.java

@@ -27,8 +27,8 @@
  * {@link KubernetesAuthentication} can be constructed using {@link #builder()}. Instances
  * of this class are immutable once constructed.
  * <p>
- * Default to obtain a cached token from
- * {@code /var/run/secrets/kubernetes.io/serviceaccount/token}.
+ * Defaults to obtain the token from
+ * {@code /var/run/secrets/kubernetes.io/serviceaccount/token} on each login.
  *
  * @author Michal Budzyn
  * @author Mark Paluch
@@ -155,7 +155,7 @@ public KubernetesAuthenticationOptions build() {
 			Assert.notNull(this.role, "Role must not be null");
 
 			return new KubernetesAuthenticationOptions(this.path, this.role,
-					this.jwtSupplier == null ? new KubernetesServiceAccountTokenFile().cached() : this.jwtSupplier);
+					this.jwtSupplier == null ? new KubernetesServiceAccountTokenFile() : this.jwtSupplier);
 		}
 
 	}

spring-vault-core/src/main/java/org/springframework/vault/authentication/PcfAuthentication.java

@@ -90,10 +90,12 @@ public static AuthenticationSteps createAuthenticationSteps(PcfAuthenticationOpt
 
 		Assert.notNull(options, "PcfAuthenticationOptions must not be null");
 
-		String instanceCert = options.getInstanceCertSupplier().get();
-		String instanceKey = options.getInstanceKeySupplier().get();
-		return AuthenticationSteps
-				.fromSupplier(() -> getPcfLogin(options.getRole(), options.getClock(), instanceCert, instanceKey)) //
+		AuthenticationSteps.Node<String> cert = AuthenticationSteps.fromSupplier(options.getInstanceCertSupplier());
+		AuthenticationSteps.Node<String> key = AuthenticationSteps.fromSupplier(options.getInstanceKeySupplier());
+
+		return cert
+				.zipWith(key).map(credentials -> getPcfLogin(options.getRole(), options.getClock(),
+						credentials.getLeft(), credentials.getRight()))
 				.login(AuthenticationUtil.getLoginPath(options.getPath()));
 	}
 

spring-vault-core/src/main/java/org/springframework/vault/authentication/PcfAuthenticationOptions.java

@@ -29,8 +29,8 @@
  * certificate {@link Supplier}s. {@link PcfAuthenticationOptions} can be constructed
  * using {@link #builder()}. Instances of this class are immutable once constructed.
  * <p>
- * Defaults to a cached instance certificate/key by resolving {@code CF_INSTANCE_CERT} and
- * {@code CF_INSTANCE_KEY} env variables.
+ * Defaults to platform-default instance certificate/key by resolving
+ * {@code CF_INSTANCE_CERT} and {@code CF_INSTANCE_KEY} env variables.
  *
  * @author Mark Paluch
  * @see CredentialSupplier
@@ -223,12 +223,12 @@ public PcfAuthenticationOptions build() {
 			Supplier<String> instanceCertSupplier = this.instanceCertSupplier;
 
 			if (instanceCertSupplier == null) {
-				instanceCertSupplier = new ResourceCredentialSupplier(resolveEnvVariable("CF_INSTANCE_CERT")).cached();
+				instanceCertSupplier = new ResourceCredentialSupplier(resolveEnvVariable("CF_INSTANCE_CERT"));
 			}
 
 			Supplier<String> instanceKeySupplier = this.instanceKeySupplier;
 			if (instanceKeySupplier == null) {
-				instanceKeySupplier = new ResourceCredentialSupplier(resolveEnvVariable("CF_INSTANCE_KEY")).cached();
+				instanceKeySupplier = new ResourceCredentialSupplier(resolveEnvVariable("CF_INSTANCE_KEY"));
 			}
 
 			return new PcfAuthenticationOptions(this.path, this.role, this.clock, instanceCertSupplier,