Spring Security JwtIssuerAuthenticationManagerResolver should not resolve the bearer token

Current Behavior

Each of JwtIssuerAuthenticationManagerResolver and JwtIssuerReactiveAuthenticationManagerResolver uses either BearerTokenResolver or ServerBearerTokenAuthenticationConverter, respectfully, to resolve the bearer token from the HttpServletRequest or ServerWebExchange.

This has the downsides that, first, the bearer token is resolved from the request multiple times - once by BearerTokenAuthenticationFilter and again by the resolver - and second, it creates the need to expose the BearerTokenResolver when it is being customized in other places in the application.

Expected Behavior

Since JwtIssuerAuthenticationManagerResolver's role is to resolve an AuthenticationManager, it should just return an AuthenticationManager that reads the already-resolved token from a BearerTokenAuthenticationToken.

The same is true for JwtIssuerReactiveAuthenticationManagerResolver.

Making this change will make these authentication manager resolvers more widely usable since it will remove their dependency on BearerTokenResolver and ServerBearerTokenAuthenticationConverter.