Need to be able to add headers when calling authorize_redirect()

[securitypedant]

Is your feature request related to a problem? Please describe.

I am using your library with the Flask client for an OAuth 2.0 flow.

The resource I am using your library with is behind a security gateway that is expecting auth in the HTTP headers. This is fine when I call...

token = oauth.myapp.authorize_access_token(headers=headers)

I can pass in HTTP headers for the auth, so that when the token is requested, it is authenticated by the HTTP gateway infront of my token issuer.

However, when I call...

return oauth.myapp.authorize_redirect(redirect_uri)

It looks for the server metadata, and gets it from a URL I specify in the registration, i.e.

server_metadata_url='https://dash.staging.mycompany.com/.well-known/jwks.json'

and the authorize_redirect() makes the HTTP request, but fails. I need a way to pass HTTP headers into this function as well.

Describe the solution you'd like

I would like to be able to run...

return oauth.myapp.authorize_redirect(redirect_uri, headers=headers)

Where headers contains HTTP authentication data.

Describe alternatives you've considered

I tried passing in the headers, hoping that **kwargs would be passed through and at some point the headers respected. But it didn't work.

Additional context

None

[tianjing-li]

+1 I am also interested in having this feature

[lepture]

A PR is welcome.