[Bug]: Inconsistent RequireAuthorization middleware/ Auth Context

[JVisi]

Preflight Checklist

• I could not find a solution in the documentation, the existing issues or discussions
• I have joined the ZITADEL chat

Environment

Self-hosted

Version

v2.54.1

Database

PostgreSQL

Database Version

15.6

Describe the problem caused by this bug

I've recreated the Zitadel- Go API tutorial from quickstart, and most of the time it works correctly, however I have noticed some inconsistency.

For example in this code snippet:

router.Handle("/api/tasks", mw.RequireAuthorization()(http.HandlerFunc(
        func(w http.ResponseWriter, r *http.Request) {
            // Using the [middleware.Context] function we can gather information about the authorized user.
            // This example will just print the users ID using the provided method, and it will also
            // print the username by directly access the field of the typed [*oauth.IntrospectionContext].
            authCtx := mw.Context(r.Context())
            slog.Info("user accessed task list", "id", authCtx.UserID(), "username", authCtx.Username)

            // Although this endpoint is accessible by any authorized user, you might want to take additional steps
            // if the user is granted a specific role. In this case an `admin` will be informed to add a new task:
            list := tasks
            if authCtx.IsGrantedRole("admin") {
                list = append(list, "create a new task on /api/add-task")
            }

            // return the existing task list
            err = jsonResponse(w, &taskList{Tasks: list}, http.StatusOK)
            if err != nil {
                slog.Error("error writing response", "error", err)
            }
        })))

Sometimes it works correctly and I receive the list, however after every couple requests I get denied with the same request saying that I'm unauthorized for a couple of times, then it works again and this repeats:

token introspection failed: http status not ok: 400 Bad Request {"error":"unauthorized_client"}
I'm using a Service User with PAT for testing, what can cause this inconsistency?
It might be worth mentioning, that when I take out the middleware, and the requests fail, the authCtx is

To reproduce

Install and setup postgresql and Zitadel
follow the tutorial available on the official Zitadel docs regarding the Go API: zitadel.com/docs/examples/secure-api/go

Screenshots

No response

Expected behavior

It should be able to authorize every time when the roles are correct

Operating System

Postgresql / Zitadel is being hosted on:
Linux, Debian 11 x64

Go test program is running on:
Windows 11, x64

Relevant Configuration

No response

Additional Context

No response

[JVisi]

Nevermind, the issue was not with Zitadel nor the Zitadel-Go package. It was caused by the fact that the time on the machine Zitadel was hosted from the time was behind a couple seconds, causing the token to be in the future on Zitadel's side