Add custom headers

[p53]

it would be useful to add custom headers to request to idp provider, e.g. oidc well-known url might be behind auth or other e.g. sidecar container/pod cases

[ericchiang]

The general way this is supported is through providing a custom HTTP client:

https://pkg.go.dev/github.com/coreos/go-oidc/v3/oidc#ClientContext

That allows you to provide TLS configurations that you need as well as a custom HTTP RoundTripper implementation. It also matches golang.org/x/oauth2's knob:

https://pkg.go.dev/golang.org/x/oauth2#pkg-variables

Does that work?

[p53]

Yeah i used custom roundtripper implementation but i find it more workaround then proper implementation

[ericchiang]

Thanks for the reply.

While it might be slightly more work, go-oidc supports this use case and I'm not sure that we want to provide convenient APIs for every possible HTTP customization.

I'm also not sure I understand the comment about sidecars. Most sidecars transparently add headers as a proxy, potentially doing break-and-inspect. That wouldn't be at this library level.

Given that this isn't a popular requirement for OpenID Connect providers, I'm content closing this out for now. We could potentially add documentation for how to implement a RoundTripper. Am I missing anything?

[p53]

i think it is different case when you want to provide client customization and request customization, for client customization it is good way to do it like you do it right now, but there should be possibility to modify request (without doing it through roundtripper), but i understand that it could be a lot of work, ok lets close it, maybe in future there will be more people which would like to have it and then maybe you can return to it