Apple's not rejecting apps that track their users, it's rejecting apps that don't use Apple's user-tracking system.

Also, what Apple was trying to combat was persistent tracking without user knowledge (done originally using iOS's exposure of device ID, which was deprecated, and now with these "cookie" tracking implementations). Allowing a user to initiate sign in to an app is a far, far cry from that (and it would be preposterous for iOS to disable the ability to log in to apps).

I'd guess it will work the same as with facebook login. If you have a good reason to get your users private data, you may do so (using facebook, twitter, google+, etc). If you only need a login mechanism, you need to provide an alternative that does not collect user data beyond what's strictly needed for your app.

At least that's what apple's reviewers told me when my app was rejected.