Support of Two Factor auth in absence of OIDC

I’m trying to configure our OOD instance to use the same two factor authentication service (LinOTP + Radius + SSH/PAM) that our users use for SSH’ing into our cluster. We do not have a fully functional OIDC setup so I cannot use something like Keycloak as suggested in the documentation. Instead I’m trying to get it working using mod_intercept_form_submit + mod_authnz_pam (

Anyone with experience trying similar options with their OOD installation ? Please let me know we can share notes.