Delegate Jenkins authentication to Oauth1.0 or Custom Security Realm

[Miguelangel Fernandez]

We have a legacy Identity Provider which only supports two authentication mechanisms:

1. Oauth 1.0.
2. A custom service I can call with a user and password and obtain a session token which then has to be placed in a custom header of every other call to the IdP —to get user info and such.

I’d like to know whether there’s any plugin that will allow configuring Jenkins to delegate authentication to such an IdP through either mechanism. I'm starting to look at the Oauth Credentials Plugin, but it doesn't look like it'll do the trick.

"By itself, this library has no user visible changes, it is intended only to surface new extension points on top of which OAuth providers may surface their own OAuth2Credentials implementations."

If not, then what are my options here? I’m thinking of writing a plugin to implement one of these. Is there a good guide I can use? Or an existing plugin I should extend?