CP authenticating to IdP via SAML?
Is there any planned activity on using external Identity Providers (google/facebook/private IdP etc) for the captive portal authentication?
I don't think there's any planned activity on this. Don't wait for it.
It's however possible to do what you said, I did it: external authentication with Shibboleth IdP or any other SAML IdP or X.509 certificates among others. It needs quite a lot of work and modifications anyway.
Are you in the position to share your work so that it could be evaluated for future inclusion in the official package?
I have to ask to my boss..those changes are for our internal network.
Anyway the main idea is to redirect the user to an external php page (idp) where he can authenticate.
If the auth is ok the user gets back to the CP with a gpg signed message from idp.
the CP checks the gpg sign and allows the user to login.
I will publish more details if allowed.