From c7961972036bb0cb73a136e718e106609f3de0a0 Mon Sep 17 00:00:00 2001
From: Pritha Srivastava <prsrivas@redhat.com>
Date: Thu, 9 Oct 2025 12:01:43 +0530
Subject: [PATCH] rgw/sts: modifying test_assume_role_creds_expiry to check for
 ExpiredToken (400) error code instead of AccessDenied (403).

Signed-off-by: Pritha Srivastava <prsrivas@redhat.com>
---
 s3tests/functional/test_sts.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/s3tests/functional/test_sts.py b/s3tests/functional/test_sts.py
index 06de13e3..67d36e7c 100644
--- a/s3tests/functional/test_sts.py
+++ b/s3tests/functional/test_sts.py
@@ -304,7 +304,9 @@ def test_assume_role_creds_expiry():
         s3bucket = s3_client.create_bucket(Bucket=bucket_name)
     except ClientError as e:
         s3bucket_error = e.response.get("Error", {}).get("Code")
-    assert s3bucket_error == 'AccessDenied'
+        http_status_code = e.response.get("ResponseMetadata", {}).get("HTTPStatusCode")
+    assert s3bucket_error == 'ExpiredToken'
+    assert http_status_code == 400
 
 @pytest.mark.test_of_sts
 @pytest.mark.fails_on_dbstore
-- 
2.47.3