Minor tweak to private_tokens CLI tool

This makes it easier to send the results to curl or other commands. Instead of

```
curl -H "$(blaze run //third_party/quic/masque:private_tokens -- --alsologtostderr --private_key_file=${PATH_TO_PAT_PRIVATE_KEY} --public_key_file=${PATH_TO_PAT_PUBLIC_KEY} 2>&1 | grep 'Authorization: PrivateToken token=')"
```

you can now use:

```
curl -H "$(blaze run //third_party/quic/masque:private_tokens -- --private_key_file=${PATH_TO_PAT_PRIVATE_KEY} --public_key_file=${PATH_TO_PAT_PUBLIC_KEY} 2>/dev/null)"
```

PiperOrigin-RevId: 919790292

quiche/quic/masque/private_tokens_bin.cc

diff --git a/quiche/quic/masque/private_tokens_bin.cc b/quiche/quic/masque/private_tokens_bin.cc
index af2d996..35072fe 100644
--- a/quiche/quic/masque/private_tokens_bin.cc
+++ b/quiche/quic/masque/private_tokens_bin.cc
@@ -3,6 +3,7 @@
 // found in the LICENSE file.
 
 #include <algorithm>
+#include <iostream>
 #include <string>
 #include <vector>
 
@@ -87,8 +88,13 @@
           "  \"token-keys\": [\n    {\n      \"token-type\": 2,\n",
           "      \"token-key\": \"", encoded_public_key, "\",\n    }\n  ]\n}");
 
-      QUICHE_LOG(INFO) << "The issuer config could look like:\n"
-                       << issuer_config;
+      if (!private_key_file.empty()) {
+        QUICHE_LOG(INFO) << "The issuer config could look like:\n"
+                         << issuer_config;
+      } else {
+        QUICHE_LOG(INFO) << "The issuer config could look like:";
+        std::cout << issuer_config << std::endl;
+      }
     }
   }
 
@@ -117,6 +123,8 @@
     QUICHE_RETURN_IF_ERROR(
         TokenValidatesFromAtLeastOneKey(encoded_public_keys, generated_token));
     QUICHE_LOG(INFO) << "Validated locally-generated token";
+
+    std::cout << auth_header << std::endl;
   }
   return absl::OkStatus();
 }