Move default token helper to api

[tomhjp]

The Vault Terraform provider currently depends on github.com/hashicorp/vault.

As documented elsewhere, this isn't a supported dependency and puts the provider at risk of being broken by any updates. Most of the code depended on is trivial like constants, or test dependencies like preparing test containers. The hardest dependency to remove is the fact that it depends on the CLI's DefaultTokenHelper: https://github.com/hashicorp/terraform-provider-vault/blob/cb919ae6c040cdfc5513b635ec9c4b4762e24ca4/internal/provider/meta.go#L627

This PR moves the two related packages (command/config and command/token) over to the api package so that the provider can continue to share that non-trivial functionality and work towards removing the hashicorp/vault dependency.

For the initial draft I've chosen api over sdk because it seems like a reasonable piece of functionality for any consumer of the API to want to use.

Note that I've tried to create a sequence of commits that do one thing each with very limited scope, so it may be easier to review commit-by-commit.

[github-actions]

CI Results:
All Go tests succeeded! ✅

[github-actions]

Build Results:
All builds succeeded! ✅

[VioletHynes]

This looks good to me! I gave thought to api vs sdk and ultimately I think this makes the most sense: a token is primarily to access Vault's APIs.

Thanks for this -- excited to reduce usage of the Vault dependency.

I wanted to note that there's a related community PR we should close when we merge this: #9786

[peteski22]

[tomhjp]

Thank you both!

[orirawlings]

I just want to say thanks. I've been hoping for this for several years, but didn't have the time to dig in myself. I hope that default token helper behavior becomes a more common fixture in the vault libraries for other languages because it's a great way to encapsulate simultaneous login sessions to multiple clusters.