I'd guess it's a fake oauth screen as well. I coded one of the first (I think) Tinder auto likers for Android back in 2013, and the only way I could do it was get the real facebook username and password and log into Tinder on the phone in the background. I just put up a fake Oauth HTML page in a webview and saved the login, with a disclaimer of course, but nearly everybody ignored it. I was surprised how easy it all was.