This looks like a use case for writing a custom claims provider to me.
http://msdn.microsoft.com/en-us/library/ee537299.aspx
Basically when a call is made to sharpoint, its going to redirect it to a custom claims service. here your code will run which will authenticate the user and issue a token. This token will be honored by SP2013 because you have established a trust relationship between SP2013 and claims provider.