OAuth login requires authorization every single time

Summary

Every time, when user logins via https://gitlab.com/oauth/authorize?client_id=APP_ID&redirect_uri=REDIRECT_URI&response_type=code, GitLab asks for app authorization. This issue is very similar to this one: https://gitlab.com/gitlab-org/gitlab-ce/issues/35709

Steps to reproduce

  1. Create an application in GitLab and configure it according to your Web-application.
  2. Follow the steps described in the Web-application flow documentation (https://docs.gitlab.com/ee/api/oauth2.html#web-application-flow).
  3. In your Web-application login via GitLab OAuth.
  4. After you logged in - log out and repeat the step 3.

Example Project

Any project that uses OAuth will will suffice to yield this behaviour.

What is the current bug behavior?

In my user "Application" settings tab, I can see "Authorized applications" list, and my application is there. It means that GitLab shouldn't ask for authorization with every login. However it does that. On the 1. screenshot you can see that "Authorized applications" shows that I have 10 authorized applications, despite that I have only 1. Also in spite of only me using the application, it shows that 185 clients were using it (2. screenshot). So with every login the amount of users is also increased.

What is the expected correct behavior?

I would expect the behaviour of any other OAuth provider (GitHub, Bitbucket, Google etc):

  1. Once I authorized an application, it will remember me, and I will never get asked again until I manually revoke that authorization.
  2. The number of clients shown in my settings to reflect the actual number of clients (1 in my case).
  3. The number of authorized applications to be the same as the number of displayed applications in the list below (1 in my case).

Relevant logs and/or screenshots

Screen_Shot_2018-05-10_at_14.24.26 Screen_Shot_2018-05-11_at_15.00.49

Output of checks

This bug happens on GitLab.com