Secure Member Downloads, Broken Thumbnail in Assets unless Logged In as Member

Here is the problem. I have a secure resource bucket, when a new asset is uploaded to the secure bucket, the thumbnail in the admin panel is a broken image unless the admin is also logged into members app. Without logging in to members app the asset thumbnail is broken, but login as a member and refresh assets and the thumbnail is no longer broken.

Here is the bucket.php

<?php 
return array(
    'secure' => array(
        'web_path'  => '/members/download.php?file=',
        'file_path' => '/path/to/sites/secure', // <= of course my path is different
    ),
);
?>

The assets are correctly uploaded, and if a member is logged in they download just fine. There is no problem with the secure asset, there is just a problem with the thumbnails for secure assets. Secure assets use the default download.php script which ships with members app.

download.php

<?php 
    include('../perch/runtime.php'); 

    // config
    $bucket_name = 'secure';
    $url_param   = 'file';


    // By default, deny downloads unless we've proved the member is allowed this file.
    $allow_download = false;


    // Check a member is logged in
    if (perch_member_logged_in()) {
        $allow_download = true;
    }

    /*
    Alternatively, you could check for a specific tag, e.g.

    if (perch_member_has_tag('subscriber')) {
        $allow_download = true;
    }

    */


    // Deliver the file.
    if ($allow_download) {
        perch_members_secure_download(perch_get($url_param), $bucket_name);
    }

    exit;
?>

If I modify the download script like this:

    // Check a member is logged in
    if (perch_member_logged_in() || PerchSession::is_set('userID')) { // <= added PerchSession check
        $allow_download = true;
    }

then the asset thumbnail shows correctly.

What am I missing here?

RK