Merge branch 'main' into fix-credentials-scopes-set-issue-15605314498929918698

chalmerlowe · web-flow · commit c37d565c868a · 2025-12-23T05:12:11.000-05:00
diff --git a/system_tests/system_tests_async/test_default.py b/system_tests/system_tests_async/test_default.py
@@ -34,5 +34,12 @@ async def test_application_default_credentials(verify_refresh):
     except RefreshError as e:
         # allow expired credentials for explicit_authorized_user tests
         # TODO: https://github.com/googleapis/google-auth-library-python/issues/1882
-        if not CREDENTIALS.endswith("authorized_user.json") or "Token has been expired or revoked" not in str(e):
+        if not CREDENTIALS.endswith("authorized_user.json"):
+            raise
+
+        error_message = str(e)
+        if (
+            "Token has been expired or revoked" not in error_message
+            and "invalid_grant" not in error_message
+        ):
             raise
diff --git a/system_tests/system_tests_sync/test_default.py b/system_tests/system_tests_sync/test_default.py
@@ -32,5 +32,12 @@ def test_application_default_credentials(verify_refresh):
     except RefreshError as e:
         # allow expired credentials for explicit_authorized_user tests
         # TODO: https://github.com/googleapis/google-auth-library-python/issues/1882
-        if not CREDENTIALS.endswith("authorized_user.json") or "Token has been expired or revoked" not in str(e):
+        if not CREDENTIALS.endswith("authorized_user.json"):
+            raise
+
+        error_message = str(e)
+        if (
+            "Token has been expired or revoked" not in error_message
+            and "invalid_grant" not in error_message
+        ):
             raise
