Is it possible to realize the following scenario using WSO2:
I have an existing API implementation (in form of a Spring Boot application) that needs to be protected. All access to the API should be authorized via OAuth 2 bearer tokens issued from a token endpoint. The Bearer tokens should be issued based on two different types of authorization:
1) An OpenID Connect Authorization Code Flow, to an IdP-implementation I provide. 2) A bespoke Authentication Token generated by a 3rd party system (I will provide the code for validating such a token and identifying the scope etc. based on this)
So for both scenarios I need a token endpoint that can issue OAuth 2 Bearer tokens - based on either OpenID Connect Auth Code or on the bespoke token, respectively (with suitable code "hook-ins" provided me). Could this be WSO2 identity server?
It's particularly the last part I am unsure about - as far as I can tell, WSO2 Identity Server provides a token end-point. Maybe this could handle #1. But can I extend this so it can support scenario #2? Which WSO2 products would I be using for this?