Don't use client-side oauth, make it through the "server side" of node-webkit. That means, you can popup a window, redirect it, close it when you are done. All the necessary information you need to pass using the request
library, or API SDK for the Facebook oauth.
Part of this process I've posted in here window.open without popup blocker using AJAX and manipulating the window.location