Edit: Looks like you beat me to it. 
You’ll find a lot on Roots discourse, e.g., Using Bedrock / Composer with “premium” plugins w/ no repo or source
Also search discourse for toran proxy, satis, etc.
For a handful of premium plugins I commonly use across sites, like Gravity Forms, I maintain a private repo for each, adding versions as they come. I add a composer.json to each repo and then can call/install these plugins from my bedrock-based project’s composer.json file. Search this discourse and composer docs for how to set up stuff like this.