The short answer is
NO
The explanation why was already kind-of provided by you (for the two hypothetical solutions you described).If the form actually "sits" on your site, you can steal the data (simple javascript on the username+password inputs). No reasonable SN site would give this privilege to 3rd party developers.
If the form does not "sit" on your site, but instead sits in an iframe on your site, you are still able to steal the data (take a look at the following stackoverflow question).
By the way, this is the reason why some sites block their login pages from being loaded once they detect the page is in an iframe
This is why authentication flows such as OAuth were invented! Solutions like this (based on tokens and keeping the login process out of the 3rd party application) are the only currently "safe" solutions that exist and are being used, this is due to the risk that the 3rd party developers might be evil.
By the way, facebook login gives a nice user experience by opening a small window instead of making a full redirection outside of the developer's site.
HAVING THAT SAID
HYPOTHETICALLY (I never saw such a solution, and I'd never use it if I were exposing an authentication service because it's kind of dumb and I it can be easily imitated for phishing purposes) you can do the following:
create a login page using some closed client-side technology (such as the oldie Java Applets, or something similar) and let the 3rd party ebmed it within their pages. The applet should encrypt the data internally before sending it to the server.