Currently in the MCP Server since the tool callback execution happens in a separate worker pool (boundedElastic scheduler) it loses any context including the headers being passed in the /mcp endpoint.
For most scenarios in the tool callback method there might be certain validations / authorizations that may be needed which can be achieved by having access to the original Authorization Bearer token.
What do you think ? @ThomasVitale / @markpollack
If you are ok with this I can work on a PR to include this in the framework. But let me know what you guys think.