current best practice for third-party authentication (FB, Google, etc)

There is a sea of information on the web and in the forums, but much of it is dated.

I am looking to use a third-party (Facebook, Google, etc) for authentication to non-public content on my personal wordpress site. I would like to restrict access exclusively to people I know (e.g. friends listed on FB… or could be a table of FB friend IDs I maintain on the WP side).

What are the current best practices / options for doing this?

Thanks!
Avery

(If there is a more appropriate forum for this post, please let me know.)