kube-oidc-proxy has support for adding 'extra' headers to the impersonation user info. This can be useful for passing extra information onto the target server about the proxy or client. kube-oidc-proxy currently supports two configuration options.
The following flag can be passed which will append the remote client IP as an extra header:
--extra-user-header-client-ip
Proxied requests will then contain the header
Impersonate-Extra-Remote-Client-Ip: <REMOTE_ADDR> where <REMOTE_ADDR> is
the address of the source connection of the request. Note that this IP address
may not be the real client IP address when the request is being proxied. If the
X-Forwarded-For header is present in the request then the value will be used
as the client address.
The following flag accepts a number of key value pairs that will be added as extra impersonation headers with proxied requests. This flag accepts a number of key value pairs, separated by commas, where a single key may have multiple values:
--extra-user-headers=key1=foo,key2=bar,key1=bar
Proxied requests will then contain the headers
Impersonate-Extra-Key1: foo,bar
Impersonate-Extra-Key2: foo