I’ve thought about your idea. The problem is the client application will have ID token and SSO cookie associated with the social user. It’s possible to update ID token in client application, but we can’t update SSO cookie without asking user to login again.
I found another feature which could be useful to solve the problem: impersonation. We can have server side to generate impersonation URL associated with the DB user and return to the client application. By redirecting to the URL both ID token and SSO cookie will be switched to the DB user.
Just a thought, I am going to try it.