Improve fitbit authentication error handling

[allenporter]

Proposed change

Improve fitbit authentication error code handling by treating a 400 Bad Request as needing reauth since this can happen with credentials get invalidated. Adds test coverage for (1) oauth endpoint token refresh on startup confirming that it it initiates reauth and (2) that normal sensor updates do not trigger this behavior and are still just treated like failures.

Note: This is not a new issue, but an existing issue. This is tagged for the next milestone, but can happen in any upcoming milestone, and is not a release blocker.

Type of change

• Dependency upgrade
• Bugfix (non-breaking change which fixes an issue)
• New integration (thank you!)
• New feature (which adds functionality to an existing integration)
• Deprecation (breaking change to happen in the future)
• Breaking change (fix/feature causing existing functionality to break)
• Code quality improvements to existing code or addition of tests

Additional information

• This PR fixes or closes issue: fixes #
• This PR is related to issue:
• Link to documentation pull request:

Issue observed on my production instance:

Debug log:

2023-12-31 20:01:35.661 DEBUG (MainThread) [homeassistant.components.fitbit.application_credentials] Client response error status=400, body=

Checklist

• The code change is tested and works locally.
• Local tests pass. Your PR cannot be merged unless tests pass
• There is no commented out code in this PR.
• I have followed the development checklist
• I have followed the perfect PR recommendations
• The code has been formatted using Ruff (ruff format homeassistant tests)
• Tests have been added to verify that the new code works.

If user exposed functionality or configuration variables are added/changed:

• Documentation added/updated for www.home-assistant.io

If the code communicates with devices, web services, or third-party tools:

• The manifest file has all fields filled out correctly.
  Updated and included derived files by running: python3 -m script.hassfest.
• New or updated dependencies have been added to requirements_all.txt.
  Updated by running python3 -m script.gen_requirements_all.
• For the updated dependencies - a link to the changelog, or at minimum a diff between library versions is added to the PR description.
• Untested files have been added to .coveragerc.

To help with the load of incoming pull requests:

• I have reviewed two other open pull requests in this repository.

[frenck]

Thanks, @allenporter 👍

../Frenck