I've hit the following walls with integrating native facebook/google login on a mobile platform.
1) you need to make a service that can be accessed without a session token to verify the token supplied by facebook sdk or google sdk. You can't make a service public, so you can't verify a token before being logged in.
2) If we will find a way to make our own PUBLIC scripts to validate the tokens, how can we link a certain user to certain login properties. Every user needs a password at the moment. How can we add properties to that certain user.
Thank you.