moved throwing the UserNotFoundException into its own method to make …

…it easier to override in a subclass; I'm implementing a custom integration where I need access to the FacebookAuthToken, so I store it in the HTTP session before throwing the exception

src/groovy/com/the6hours/grails/springsecurity/facebook/FacebookAuthProvider.groovy

@@ -72,9 +72,7 @@ class FacebookAuthProvider implements AuthenticationProvider, InitializingBean,
                 user = facebookAuthDao.create(token)
                 justCreated = true
             } else {
-                log.error "User $token.uid doesn't exist, and creation of a new user is disabled."
-                log.debug "To enable auto creation of users set `grails.plugin.springsecurity.facebook.autoCreate.enabled` to true"
-                throw new UsernameNotFoundException("Facebook user with uid $token.uid doesn't exist")
+                handleUserNotFoundNoAutocreate(token)
             }
         }
 
@@ -143,6 +141,12 @@ class FacebookAuthProvider implements AuthenticationProvider, InitializingBean,
         token
     }
 
+    protected void handleUserNotFoundNoAutocreate(FacebookAuthToken token) throws UsernameNotFoundException {
+        log.error "User $token.uid doesn't exist, and creation of a new user is disabled."
+        log.debug "To enable auto creation of users set `grails.plugin.springsecurity.facebook.autoCreate.enabled` to true"
+        throw new UsernameNotFoundException("Facebook user with uid $token.uid doesn't exist")
+    }
+
     boolean supports(Class<? extends Object> authentication) {
         FacebookAuthToken.isAssignableFrom authentication
     }