I can’t speak to the status of proxy IdP support on IdP3. When we needed a proxy IdP a couple years back, we turned to SimpleSAMLphp for the proxy functionality. Cirrus Identity recently released an opensource module for SimpleSAMLphp that will do what you’re talking about – talking to OIDC-based identity providers:
While my first choice to set up a proxy IdP wasn’t introducing a new piece of software, SSP was very easy to set up, is very low maintenance, and has met our needs well. We still use the Shib IdP for the actual authentication and prefer using it directly over the proxy IdP whenever possible.
From: users <[hidden email]> On Behalf Of Reid Watson
Sent: Monday, June 4, 2018 1:30 AM
To: Shib Users <[hidden email]>
Subject: Social Authentication (Facebook / Twitter) and IDP3
I have a project coming up to integrate social authentication methods into Shibboleth IDP3 (3.3.1), I have reviewed the following thread from 2017