Okay, after your comments, I think I see what you’re asking but I’m not sure, so I’ll make it as generic as possible.
WordPress uses the authenticate filter hook to perform authentication. You can add additional authentication methods by connecting your own functions to this filter.
This is an example of an authentication function. This is a dangerous and dumb example, because it just logs you in as user 1 without any checks at all, but it shows what you need the function to return to authenticate a user.
add_filter('authenticate', 'myplugin_auth_example', 30, 3);
function myplugin_auth_example($user, $username, $password) {
// if user is already known, return it
if ( is_a($user, 'WP_User') ) { return $user; }
// do your authentication via whatever method here
// bottom line is that you need to get a valid WP_User object and return it
// this example just gets user number 1 from the database and uses that
// NOTE: this here is extremely dangerous and stupid, because it just logs everybody in instantly
$user = new WP_User(1);
return $user;
// if there is an error in authentication, you could do this instead
return new WP_Error( 'some_bad_auth_reason', 'Your credentials were invalid.' );
}