Inaccurate description of authenticationManager in reference documentation

**Describe the bug**

The [description of OAuth2 Authorization Endpoint](https://docs.spring.io/spring-authorization-server/reference/protocol-endpoints.html#oauth2-authorization-endpoint) in the reference documentation states:

> OAuth2AuthorizationEndpointFilter is configured with the following defaults:
>
> ...
> 
> AuthenticationManager — An AuthenticationManager composed of OAuth2AuthorizationCodeRequestAuthenticationProvider and OAuth2AuthorizationConsentAuthenticationProvider.

However I see that in the most recent version of Spring Authorization Server 1.5.1 `authenticationManager` for all filters is populated using the same object obtained by `httpSecurity.getSharedObject(AuthenticationManager.class)`. See [source code](https://github.com/wheleph/spring-authorization-server/blob/d43c28348a7788ce12f05f6498ed677f078a45df/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2AuthorizationEndpointConfigurer.java#L257)

Also this inaccuracy is visible in debug session:

<img width="1134" height="926" alt="Image" src="https://github.com/user-attachments/assets/1510acbf-fa06-49a4-8af7-0382ba2b360f" />

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Inaccurate description of authenticationManager in reference documentation #2153

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Inaccurate description of authenticationManager in reference documentation #2153

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions