Your problem is that you call wp_logout_url immediately after wp_set_auth_cookie.
wp_set_auth_cookie() does some setcookie() calls. Unfortunately setcookie doesn’t make the new value available instantly in the PHP global $_COOKIE. It must be set through a new HTTP Request first.
wp_logout_url() (via wp_nonce_url > wp_create_nonce > wp_get_session_token > wp_parse_auth_cookie) fetches $_COOKIE[LOGGED_IN_COOKIE] in order to create a valid nonce, not knowing that the logged in cookie has already been updated. (I’m not quite sure if we may call this a WP core bug.)
There is an action hook in wp_set_auth_cookie named set_logged_in_cookie, which should allow you to update the session cookie value during your ajax request.
function my_update_cookie( $logged_in_cookie ){
$_COOKIE[LOGGED_IN_COOKIE] = $logged_in_cookie;
}
add_action( 'set_logged_in_cookie', 'my_update_cookie' );