Something in this area should have been fixed in master code; some fixes may have been released in 2.4.26. Can you indicate what version you're using? In case you're using the latest, can you test with master code?

p.

The problem seems already solved in 2.4.26.

The authorization seems to work reliable now, I couldn't recognize any authorization errors after upgrading to 2.4.26.