Add HTTP status check before parsing token responses

- Prevents misleading 'Missing access_token parameter' errors when
  server returns HTTP errors.
- Properly raises HTTPError with the actual error message received
  from the server for 4xx/5xx responses.

Author: orgads

requests_oauthlib/oauth2_session.py

@@ -403,6 +403,8 @@ def fetch_token(
             log.debug("Invoking hook %s.", hook)
             r = hook(r)
 
+        # Check if the response was successful before parsing
+        r.raise_for_status()
         self._client.parse_request_body_response(r.text, scope=self.scope)
         self.token = self._client.token
         log.debug("Obtained token %s.", self.token)
@@ -493,6 +495,8 @@ def refresh_token(
             log.debug("Invoking hook %s.", hook)
             r = hook(r)
 
+        # Check if the response was successful before parsing
+        r.raise_for_status()
         self.token = self._client.parse_request_body_response(r.text, scope=self.scope)
         if "refresh_token" not in self.token:
             log.debug("No new refresh token given. Re-using old.")