SK-2859: Code smell and quality fixes for vault SDK

[Devesh-Skyflow]

Why

A code-smell/quality review of the vault SDK surfaced several maintainability and
correctness issues (dead code, duplicated logic, magic strings, a swallowed
exception, an unsafe shared-static request id, and an error path that echoed raw
response bodies). These are addressed here, separated from unrelated tooling so the
SDK changes can be reviewed on their own.

Goal

Reduce structural debt and a couple of correctness/security smells without changing
public API or wire behavior:

• VaultClient: remove dead apiKey field; de-duplicate detect token-mapping via
  buildTokenType/buildTokenEntities (drops unchecked casts + vestigial params);
  extract ConnectionPool magic numbers; simplify entityScores identity map;
  nullable-Optional -> Optional.empty(); de-dup repeated getBleep(); brace guard.
• ConnectionClient: drop the unused updateConnectionConfig(ConnectionConfig) param
  (now symmetric with VaultClient.updateVaultConfig()).
• HttpUtility: request id now comes only from the backend x-request-id
  (thread-safe ThreadLocal storage, no SDK-generated UUID fallback — matches the
  Go/Node/Python SDKs); extract header/content-type/status constants; collapse deep
  nesting; remove a swallowed exception via the URLEncoder(String, Charset) overload.
• SkyflowException: no longer echoes malformed / non-object response bodies as the
  exception message (uses a generic message; standard {"error":{...}} path unchanged)
  — aligns with the other SDKs and closes a CWE-209 raw-body leak.

Non-goals: the larger VaultClient class split (DetectRequestFactory), the shared
prioritiseCredentials extraction (blocked by an unreachable defensive catch), and
any Claude/tooling config (kept out of this branch).

Testing

• mvn compile, mvn checkstyle:check, mvn test all pass on a clean main base.
• 585 tests; the only failures are the 5 pre-existing environment-dependent tests
  (no .env/SKYFLOW_CREDENTIALS) documented in the repo — they fail identically on
  main and are unrelated to these changes.
• Added/updated unit tests for the SkyflowException body handling and the
  ConnectionClient updateConnectionConfig() change; JaCoCo shows net-improved
  branch coverage on the modified classes (e.g. VaultClient 16 → 3 missed branches).

Tech debt

Net reduction. Remaining pre-existing items intentionally not tackled here: the
oversized VaultClient (Long class) and the duplicated prioritiseCredentials()
across the two clients.

[github-actions]

✅ Gitleaks Findings: No secrets detected. Safe to proceed!

[github-actions]

Semgrep Findings: Issues with Error level severity are found (Error is Highest severity in Semgrep), Please resolve the issues before merging.