How to add passport authentication as OR middleware to protected routes?

We’re currently working on a website, which is part of a bigger project that combines lots of websites. Those websites should all be accessible through SSO using the SAML protocol.
For the SAML SSO we are using passportjs, since SAML is not officially supported at the moment from Strapi yet.

However not all of our users will come through SSO, meaning we have to have some register/sign up process on our own. Since we are using Strapi as our CMS anyway we would obviously want to do the authentication via Strapi as well.
In the passport middleware we can pass multiple options for authentication, allowing for some others to authenticate via a JWT or SAML. Is there any way we could combine the SAML authentication at the moment with the Strapi authentication?

My experience with Strapi so far is quite limited. I have seen that we can add custom middleware to the api, which would help a lot to add passport, however we would have to have some kind of mechanism that basically tells Strapi a user has been authenticated through passport when trying to hit protected routes.
Basically we want to have users be able to access private routes either through the passport middleware or through Strapi authentication.