pub fn current_token() -> Option<SecretString>Expand description
Get the raw bearer token for the current request as a SecretString.
Returns None outside a request context or when auth used mTLS/API-key.
Tool handlers use this for downstream token passthrough.
The returned value is wrapped in SecretString so it does not leak
via Debug/Display/serde. Call .expose_secret() only when the
raw value is actually needed (e.g. as the Authorization header on
an outbound HTTP request).
An empty token is treated as absent (returns None); this preserves
backward compatibility with the prior Option<String> API where the
empty default sentinel meant “no token”.