If anybody is strangling with it, the proper solution is to use both wp_set_auth_cookie
specifying the second parameter being the logged_in cookie, which now gives me the following code:
wp_set_current_user($user_id);
if ( wp_validate_auth_cookie( '', 'logged_in' ) != $user_id )
{
wp_set_auth_cookie( $user_id );
}
And to add an action, as suggested in this thread: Extend WordPress (4.x) session and nonce to have the logged-in current cookie properly overriden without needing a page refresh.
That was a tricky one for sure, and undocumented anywhere. Did anybody tried that yet ?
Thanks for your attention anyway,