Spring Security JwtIssuerReactiveAuthenticationManagerResolver eagerly creates Exceptions

Summary

JwtIssuerReactiveAuthenticationManagerResolver eagerly creates Exceptions which are not thrown always
see https://github.com/spring-projects/spring-security/blob/a90e579350562897ca5f092f591769374cd0d278/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/authentication/JwtIssuerReactiveAuthenticationManagerResolver.java#L122-L125 and https://github.com/spring-projects/spring-security/blob/a90e579350562897ca5f092f591769374cd0d278/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/authentication/JwtIssuerReactiveAuthenticationManagerResolver.java#L143-L146

Actual Behavior

Exceptions are instantiated always

Expected Behavior

Exceptions should be instantiated lazily only when they are needed

Version

5.3.0.BUILD-SNAPSHOT