I'm trying to setup SSO with a private CMS vendor who provides support for OAuth2 and member data via REST API. I'd like to use the custom service option in the OAuth 2 Service section (3.3.3) but the vendor uses Basic Authentication for token endpoints and I have to use their REST API service to pull user info. The conventional endpoints won't work without modification in my case. For now I have modified the core directly to supplement these changes by adding the following:
lib/filelib.php
curl_setopt($curl, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($curl, CURLOPT_USERPWD, "myapiusername:myapipassword");
this fixes my http basic authentication issue
/lib/classes/oauth2/client.php
Modified get_userinfo() to use the vendors API Rest service using curl directly to pull in all the fields needed for mapping. The rest of the set up is pretty much similar to the google, facebook, microsoft configuration.
Is there a way to do this without modifying the core or creating an auth plugin from scratch?