To me, this is a two-part definition of the term "Authorization". The classic authorization is when an application is looking at the logged in users permissions and deciding what the user can do. The new way, Oauth2-way is from the user perspective. The user is authorizing the application to use the user data.

Classic: Application is authorizing the user.

Oauth2: the user is authorizing the application.

So by that definition there is no authentication in Oauth2, but rather oauth2 is relying on other parties to do the authentication, I.e login with google etc. Google is authenticating, oauth2-protocol trusts the other identity providers. So rather than having an authentication step, there is only a "redirect to Identity providers"-step for authentication.