UPDATE: Check out my updated answer for a more enhanced example.

After spending an hour exploring various options, I decided to forego Meteor's default account system. Instead, I opted for 'oauth.io' in conjunction with 'meteor router' to manage user accounts through Meteor's Accounts.createUser() function. The beauty of this setup is its seamless functionality on both localhost and mobile devices like my iPhone, eliminating the need for constant deployments for testing purposes.

Meteor.startup(function () {
    OAuth.initialize('my key');
});

Here's how I configured my route:

Meteor.Router.add({
    '/oauth': function() {
      console.log('authenticated via OAuth');
        OAuth.callback('facebook', function(err, result) {
            var token = result.access_token;
            var url = 'https://graph.facebook.com/me?access_token='+token;

            $.get(url, function(data) {
                alert(data.email);
                console.log(data);
            });
        });
    }
});

Additionally, a simple anchor tag was included:

$('#loginfb').on('click', function() {
    OAuth.redirect('facebook', "/oauth");
});

Although I've made significant progress, there are a few remaining steps to implement authentication and user creation using retrieved email data from Facebook:

Accounts.createUser({
    email: data.email, 
    password: data.id //assuming Facebook ID remains constant
});

The next challenge involves checking if the user already exists before logging them in:

Meteor.loginWithPassword(data.email, data.id);

Adjustments were made to incorporate Backbone Router due to unexpected page refresh issues with Meteor Router. Additionally, a server-side function was introduced to generate passwords:

Meteor.methods({
  generatePass: function (data) {
    // perform necessary operations
    var pass = method to generate a secure password based on input data;
    return pass;
  }
});

Currently, the setup only supports Facebook login and requires further testing and feedback for optimal performance. Any advice or suggestions would be greatly appreciated as I continue refining this solution.

The main issue appears to be related to the use of window.open by the oauth packages to launch a popup window. While I have no previous experience with apple-mobile-web-app-capable, research indicates that window.open may not be compatible with it. A potential solution involves checking if the client is using a fullscreen app, which can be done using

window.navigator.standalone

as mentioned in https://developer.apple.com/library/safari/documentation/AppleApplications/Reference/SafariHTMLRef/Articles/MetaTags.html

Unfortunately, the oauth login process assumes a popup has been opened, leading to some complications. It's unclear where to conduct this test and whether a login or user creation will proceed after entering credentials in the new window.

Initially, I attempted changing window.open to window.location in accounts-oauth-helper/oauth_client.js. Although the window did open, I encountered issues with my redirect_uri, likely due to testing on a localhost project from my phone. This raises uncertainty about the continuation of the login process post-authentication.

This issue could potentially impact all login providers when utilizing apple-mobile-web-app-capable, indicating a possible bug that requires resolution. I plan to set up a dedicated project later for further investigation and will provide updates on the progress.

Discovering a more efficient method to accomplish this without relying on accounts-facebook or Facebook's own SDK. Instead, leveraging Meteor's accounts and accounts-ui for convenience.

Client-Side Event Handler:

Template.header.events({
  'click #loginFB': function(e) {
    e.preventDefault();
   OAuth.redirect('facebook', "/oauthlink");
 //or 
    var url = 'https://www.facebook.com/dialog/oauth?client_id=' +client_id+'&response_type=token&redirect_uri='+redirect;
window.location = url;
  }
});

Utilizing Iron Router to handle the OAuth result:

this.route('oauthLink', {
path: '/oauthlink',
action: function() {
  OAuth.callback('facebook', function(err, result) {
    Meteor.call('fblogin', result, function(error, result) {
      Meteor.loginWithToken(result.token, function(err) {
        if(err) {
          Meteor._debug("Error logging in with token: " + err);
        }
      })
    });
  });
}

});

Alternatively, omitting oauth.io:

this.route('oauthLink', {
path: '/oauthlink',
action: function() {
  var str = window.location.hash;
  str = str.split('&');
  var accessToken = str[0];
  var expiresIn = str[1];
  accessToken = accessToken.split('=');
  expiresIn = expiresIn.split('=');
  var result = {
    access_token : accessToken[1],
    expires_in : expiresIn[1]
  };
  Meteor.call('fblogin', result, function(error, result) {
    console.log(result)
    Meteor.loginWithToken(result.token, function(err) {
      if(err) {
        Meteor._debug("Error logging in with token: " + err);
      }
    })
  });
}

});

Though unsure about the correct use of 'Action' (as I'm new to iron-router), it functions as intended.

Server-Side Implementation:

Meteor.methods({
  fblogin: function(response) {
    var identity = Meteor.call('$getIdentity', response.access_token);
    
    var serviceData = {
      accessToken: response.access_token,
      expiresAt: (+new Date) + (1000 * response.expires_in)
    };

    var whitelisted = ['id', 'email', 'name', 'first_name',
        'last_name', 'link', 'username', 'gender', 'locale', 'age_range'];

    var fields = _.pick(identity, whitelisted);
    _.extend(serviceData, fields);

    var stuff = {
        serviceName : 'facebook',
        serviceData: serviceData,
        options: {profile: {name: identity.name}}
      };
      
      var userData = Accounts.updateOrCreateUserFromExternalService(stuff.serviceName, stuff.serviceData, stuff.options);

      var x = DDP._CurrentInvocation.get();

      var token = Accounts._generateStampedLoginToken();
      Accounts._insertLoginToken(userData.userId, token);
      Accounts._setLoginToken(userData.userId, x.connection, Accounts._hashLoginToken(token.token))
      x.setUserId(userData.userId)

      return {
        id: userData.userId,
        token: token.token,
        tokenExpires: Accounts._tokenExpiration(token.when)
      };

  },
  $getIdentity: function(accessToken) {
    try {
      return HTTP.get("https://graph.facebook.com/me", {
        params: {access_token: accessToken}}).data;
    } catch (err) {
        throw _.extend(new Error("Failed to fetch identity from Facebook. " + err.message),
               {response: err.response});
        }
    }
});

Enhancing functionality inherited from accounts-facebook package while introducing modifications tailored to specific requirements. Additionally, copying the `$getIdentity` function directly from there.

'var stuff' encapsulates Facebook data alongside meteor account data, seamlessly integrating into Accounts.updateorcreateuserfromexternalservice, thereby streamlining the process. The 'fblogin()' function yields userData, obtained through Accounts.updateorcreate...., consequently acquiring the essential token utilized for login via Metoer.loginWithToken.

Executing operations sans the need to launch additional windows or tabs as would be the case with accounts-facebook has resolved primary concerns, yielding equivalent functionality. Eliminating the necessity to ascertain user existence before generating passwords, simplifying the entire procedure.

Potential expansion across alternative OAuth APIs devoid of dependency on oauth.io is entirely feasible. Personal laziness was the only deterrent in exploring further possibilities.