refactor system tests to remove short-lived secret #1882
Description
We currently have a number of system tests that require a short-lived secret to pass (default_explicit_authorized_user_* tests in noxfile). These tests require us to construct a new secret token ever ~2 days for tests to pass, which isn't a sustainable test strategy. Building the secret requires us to call some internal stubby endpoints, so it's not easy to build one during the tests in a kokoro environment
For now, we addressed this by treating RefreshErrors as success, allowing the tests to pass even if the token is expired. Long term, we should re-think this, and find a way to test this use-case without needing to manually merge new secrets multiple times a week