Dev server doesn't handle reauthentication policies

[jeremydw]

Some Google organizations enforce a reauthentication policy (essentially requiring the user to relogin periodically, e.g. every 12 or 24 hours). When the user must re-authenticate, the Root dev server fails with:

/node_modules/@google-cloud/firestore/node_modules/@grpc/grpc-js/src/call.ts:81
  const error = new Error(message);
                ^
Error: 2 UNKNOWN: Getting metadata from plugin failed with error: {"error":"invalid_grant","error_description":"reauth related error (invalid_rapt)","error_uri":"https://support.google.com/a/answer/9368756","error_subtype":"invalid_rapt"}
    at callErrorFromStatus (/node_modules/@google-cloud/firestore/node_modules/@grpc/grpc-js/src/call.ts:81:17)
    at Object.onReceiveStatus (/node_modules/@google-cloud/firestore/node_modules/@grpc/grpc-js/src/client.ts:603:51)
    at Object.onReceiveStatus (/node_modules/@google-cloud/firestore/node_modules/@grpc/grpc-js/src/client-interceptors.ts:416:48)
    at /node_modules/@google-cloud/firestore/node_modules/@grpc/grpc-js/src/resolving-call.ts:111:24
    at processTicksAndRejections (node:internal/process/task_queues:85:11)
for call at
    at ServiceClientImpl.makeServerStreamRequest (/node_modules/@google-cloud/firestore/node_modules/@grpc/grpc-js/src/client.ts:586:42)

This can be fixed by using gcloud auth application-default (and providing the necessary scopes) again, but it'd be nice if we had a happy path or improved flow / error message for this.